| BlackMax | 26.12.2012 18:12 |
Hi,
ich hätte wohl vorher lesen sollen, statt einfach zu posten ;)
Hier die Files:
OTL.txt: Code:
OTL logfile created on: 26.12.2012 17:55:09 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Users\USERNAME\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,74 Gb Available Physical Memory | 57,98% Memory free
5,99 Gb Paging File | 4,70 Gb Available in Paging File | 78,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 63,38 Gb Total Space | 8,50 Gb Free Space | 13,41% Space Free | Partition Type: NTFS
Drive D: | 402,28 Gb Total Space | 107,39 Gb Free Space | 26,70% Space Free | Partition Type: NTFS
Drive E: | 372,61 Gb Total Space | 49,58 Gb Free Space | 13,31% Space Free | Partition Type: NTFS
Drive F: | 465,76 Gb Total Space | 9,77 Gb Free Space | 2,10% Space Free | Partition Type: NTFS
Drive G: | 931,51 Gb Total Space | 1,71 Gb Free Space | 0,18% Space Free | Partition Type: NTFS
Drive J: | 1,88 Gb Total Space | 1,80 Gb Free Space | 96,06% Space Free | Partition Type: FAT32
Computer Name: PC-Name | User Name: USERNAME | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - D:\Users\USERNAME\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla FirePC-Name\firePC-Name.exe (Mozilla Corporation)
PRC - C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Programme\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe (ACD Systems)
PRC - C:\Programme\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)
PRC - C:\Programme\Microsoft Office\Office14\OUTLOOK.EXE (Microsoft Corporation)
PRC - C:\Programme\Adobe\Acrobat 10.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Programme\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
PRC - C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe ()
PRC - C:\Programme\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\Ctxfihlp.exe (Creative Technology Ltd)
PRC - C:\Windows\System32\CTxfispi.exe (Creative Technology Ltd)
PRC - C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
PRC - C:\Programme\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
PRC - C:\Programme\Microsoft Xbox 360 Accessories\XBoxStat.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Programme\Mozilla FirePC-Name\mozjs.dll ()
MOD - C:\Programme\FileZilla FTP Client\fzshellext.dll ()
MOD - C:\Programme\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\PDFMaker\AdobePDFMakerX.DEU ()
MOD - C:\Programme\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\AcroTray.DEU ()
MOD - C:\Programme\Adobe\Acrobat 10.0\PDFMaker\Common\AdobePDFMakerX.dll ()
MOD - C:\Programme\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
MOD - C:\Programme\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll ()
MOD - C:\Programme\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll ()
MOD - C:\Programme\Logitech\LWS\Webcam Software\QTXml4.dll ()
MOD - C:\Programme\Logitech\LWS\Webcam Software\QTGui4.dll ()
MOD - C:\Programme\Logitech\LWS\Webcam Software\QTCore4.dll ()
MOD - C:\Programme\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll ()
MOD - C:\Windows\System32\APOMngr.DLL ()
========== Services (SafeList) ==========
SRV - (AVP) -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (TeamViewer7) -- C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (UMVPFSrv) -- C:\Programme\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
SRV - (PassThru Service) -- C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe ()
SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (Creative ALchemy AL6 Licensing Service) -- C:\Programme\Common Files\Creative Labs Shared\Service\AL6Licensing.exe (Creative Labs)
SRV - (Creative Audio Engine Licensing Service) -- C:\Programme\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Programme\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (AVerScheduleService) -- C:\Programme\Common Files\AVerMedia\Service\AVerScheduleService.exe ()
SRV - (AVerRemote) -- C:\Programme\Common Files\AVerMedia\Service\AVerRemote.exe (AVerMedia)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (CTAudSvcService) -- C:\Programme\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
========== Driver Services (SafeList) ==========
DRV - (XDva385) -- C:\Windows\system32\XDva385.sys File not found
DRV - (XDva383) -- C:\Windows\system32\XDva383.sys File not found
DRV - (XDva380) -- C:\Windows\system32\XDva380.sys File not found
DRV - (VGPU) -- System32\drivers\rdvgkmd.sys File not found
DRV - (tsusbhub) -- system32\drivers\tsusbhub.sys File not found
DRV - (Synth3dVsc) -- System32\drivers\synth3dvsc.sys File not found
DRV - (EagleXNt) -- C:\Windows\system32\drivers\EagleXNt.sys File not found
DRV - (a0slyqzl) -- File not found
DRV - (KLIF) -- C:\Windows\System32\drivers\klif.sys (Kaspersky Lab)
DRV - (kltdi) -- C:\Windows\System32\drivers\kltdi.sys (Kaspersky Lab)
DRV - (klmouflt) -- C:\Windows\System32\drivers\klmouflt.sys (Kaspersky Lab)
DRV - (klkbdflt) -- C:\Windows\System32\drivers\klkbdflt.sys (Kaspersky Lab)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (kneps) -- C:\Windows\System32\drivers\kneps.sys (Kaspersky Lab)
DRV - (KLIM6) -- C:\Windows\System32\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV - (KL1) -- C:\Windows\System32\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV - (LVUVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (cdrbsdrv) -- C:\Windows\System32\drivers\cdrbsdrv.sys (B.H.A Corporation)
DRV - (AnyDVD) -- C:\Windows\System32\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - (ssadmdm) -- C:\Windows\System32\drivers\ssadmdm.sys (MCCI Corporation)
DRV - (ssadbus) -- C:\Windows\System32\drivers\ssadbus.sys (MCCI Corporation)
DRV - (ssadserd) -- C:\Windows\System32\drivers\ssadserd.sys (MCCI Corporation)
DRV - (ssadmdfl) -- C:\Windows\System32\drivers\ssadmdfl.sys (MCCI Corporation)
DRV - (androidusb) -- C:\Windows\System32\drivers\ssadadb.sys (Google Inc)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys ()
DRV - (JRAID) -- C:\Windows\System32\drivers\jraid.sys (JMicron Technology Corp.)
DRV - (htcnprot) -- C:\Windows\System32\drivers\htcnprot.sys (Windows (R) Win 7 DDK provider)
DRV - (ha20x2k) -- C:\Windows\System32\drivers\ha20x2k.sys (Creative Technology Ltd)
DRV - (emupia) -- C:\Windows\System32\drivers\emupia2k.sys (Creative Technology Ltd)
DRV - (ctsfm2k) -- C:\Windows\System32\drivers\ctsfm2k.sys (Creative Technology Ltd)
DRV - (ctprxy2k) -- C:\Windows\System32\drivers\ctprxy2k.sys (Creative Technology Ltd)
DRV - (ossrv) -- C:\Windows\System32\drivers\ctoss2k.sys (Creative Technology Ltd.)
DRV - (ctdvda2k) -- C:\Windows\System32\drivers\ctdvda2k.sys (Creative Technology Ltd)
DRV - (ctaud2k) -- C:\Windows\System32\drivers\ctaud2k.sys (Creative Technology Ltd)
DRV - (ctac32k) -- C:\Windows\System32\drivers\ctac32k.sys (Creative Technology Ltd)
DRV - (CTEXFIFX.SYS) -- C:\Windows\System32\drivers\CTEXFIFX.sys (Creative Technology Ltd.)
DRV - (CTEXFIFX) -- C:\Windows\System32\drivers\CTEXFIFX.sys (Creative Technology Ltd.)
DRV - (CTHWIUT.SYS) -- C:\Windows\System32\drivers\CTHWIUT.sys (Creative Technology Ltd.)
DRV - (CTHWIUT) -- C:\Windows\System32\drivers\CTHWIUT.sys (Creative Technology Ltd.)
DRV - (CT20XUT.SYS) -- C:\Windows\System32\drivers\CT20XUT.sys (Creative Technology Ltd.)
DRV - (CT20XUT) -- C:\Windows\System32\drivers\CT20XUT.sys (Creative Technology Ltd.)
DRV - (cpudrv) -- C:\Programme\SystemRequirementsLab\cpudrv.sys ()
DRV - (HTCAND32) -- C:\Windows\System32\drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV - (AVerAF35) -- C:\Windows\System32\drivers\AVerAF35.sys (AVerMedia TECHNOLOGIES, Inc.)
DRV - (AtcL001) -- C:\Windows\System32\drivers\l160x86.sys (Atheros Communications, Inc.)
DRV - (Serial) -- C:\Windows\System32\drivers\serial.sys (Brother Industries Ltd.)
DRV - (dptrackerd) -- C:\Windows\System32\drivers\dptrackerd.sys (DigitalPeers)
DRV - (RTL8187) -- C:\Windows\System32\drivers\wg111v2.sys (NETGEAR Inc.)
DRV - (DIG_V) -- C:\Windows\System32\drivers\dig_v.sys (Pinnacle Systems GmbH)
DRV - (DIG_TS) -- C:\Windows\System32\drivers\dig_ts.sys (Pinnacle Systems GmbH)
DRV - (DSDrv4) -- C:\Programme\DScaler\DSDrv4.sys ()
DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys ()
DRV - (QCDonner) -- C:\Windows\System32\drivers\lvcd.sys (Logitech Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3061376349-1637372711-2336363411-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-3061376349-1637372711-2336363411-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3061376349-1637372711-2336363411-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-3061376349-1637372711-2336363411-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6A 98 AD 62 81 16 CC 01 [binary data]
IE - HKU\S-1-5-21-3061376349-1637372711-2336363411-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3061376349-1637372711-2336363411-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3061376349-1637372711-2336363411-1000\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKU\S-1-5-21-3061376349-1637372711-2336363411-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3061376349-1637372711-2336363411-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
========== FirePC-Name ==========
FF - prefs.js..browser.search.defaultenginename: "Facemoods Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledAddons: tineye%40ideeinc.com:1.1
FF - prefs.js..extensions.enabledAddons: %7B02450954-cdd9-410f-b1da-db804e18c671%7D:0.96.5-BlackMax
FF - prefs.js..extensions.enabledAddons: %7B59c81df5-4b7a-477b-912d-4e0fdf64e5f2%7D:0.9.89
FF - prefs.js..extensions.enabledAddons: %7B987311C6-B504-4aa2-90BF-60CC49808D42%7D:2.2
FF - prefs.js..extensions.enabledAddons: %7BDDC359D1-844A-42a7-9AA1-88A850A938A8%7D:2.0.15
FF - prefs.js..extensions.enabledAddons: %7BEDA7B1D7-F793-4e03-B074-E6F303317FB0%7D:1.2.7
FF - prefs.js..extensions.enabledAddons: anti_banner%40kaspersky.com:13.0.1.4250
FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.4.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - prefs.js..extensions.enabledItems: {01A8CA0A-4C96-465b-A49B-65C46FAD54F9}:6.0
FF - prefs.js..extensions.enabledItems: {987311C6-B504-4aa2-90BF-60CC49808D42}:2.2
FF - prefs.js..extensions.enabledItems: {59c81df5-4b7a-477b-912d-4e0fdf64e5f2}:0.9.86.1
FF - prefs.js..extensions.enabledItems: de-DE@dictionaries.addons.mozilla.org:2.0.2
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.2
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071302000004
FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: SQLiteManager@mrinalkant.blogspot.com:0.6.8
FF - prefs.js..extensions.enabledItems: web2pdfextension@web2pdf.adobedotcom:1.0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\FirePC-Name\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\FirePC-NamePlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2010.09.18 18:13:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\FirePC-Name\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirePC-NameExtn [2012.10.22 09:03:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\FirePC-Name\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF - HKEY_LOCAL_MACHINE\software\mozilla\FirePC-Name\Extensions\\url_advisor@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2012.12.20 20:56:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\FirePC-Name\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2012.12.20 20:56:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\FirePC-Name\Extensions\\content_blocker@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2012.12.20 20:56:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\FirePC-Name\Extensions\\anti_banner@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2012.12.20 20:56:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\FirePC-Name\Extensions\\online_banking@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2012.12.20 20:56:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla FirePC-Name 12.0\extensions\\Components: C:\Programme\Mozilla FirePC-Name\components [2012.12.07 01:22:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla FirePC-Name 12.0\extensions\\Plugins: C:\Programme\Mozilla FirePC-Name\plugins [2012.12.22 18:15:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla FirePC-Name 17.0.1\extensions\\Components: C:\Program Files\Mozilla FirePC-Name\components [2012.12.07 01:22:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla FirePC-Name 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla FirePC-Name\plugins [2012.12.22 18:15:27 | 000,000,000 | ---D | M]
[2010.10.30 19:17:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\USERNAME\AppData\Roaming\mozilla\Extensions
[2012.05.22 04:21:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\USERNAME\AppData\Roaming\mozilla\FirePC-Name\Profiles\b1l2m0hm.USERNAME\extensions
[2012.05.22 04:21:37 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\USERNAME\AppData\Roaming\mozilla\FirePC-Name\Profiles\b1l2m0hm.USERNAME\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.12.25 19:05:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\USERNAME\AppData\Roaming\mozilla\FirePC-Name\Profiles\n4ygfv8t.default\extensions
[2012.10.02 02:15:56 | 000,000,000 | ---D | M] (ChatZilla [de]) -- C:\Users\USERNAME\AppData\Roaming\mozilla\FirePC-Name\Profiles\n4ygfv8t.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2012.11.02 03:52:36 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\USERNAME\AppData\Roaming\mozilla\FirePC-Name\Profiles\n4ygfv8t.default\extensions\de-DE@dictionaries.addons.mozilla.org
[2012.12.25 19:05:49 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\USERNAME\AppData\Roaming\mozilla\FirePC-Name\Profiles\n4ygfv8t.default\extensions\ich@maltegoetz.de
[2011.04.28 01:52:14 | 000,008,001 | ---- | M] () (No name found) -- C:\Users\USERNAME\AppData\Roaming\mozilla\firePC-Name\profiles\n4ygfv8t.default\extensions\tineye@ideeinc.com.xpi
[2011.11.18 20:07:09 | 000,077,813 | ---- | M] () (No name found) -- C:\Users\USERNAME\AppData\Roaming\mozilla\firePC-Name\profiles\n4ygfv8t.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}.xpi
[2012.03.13 22:00:50 | 000,022,573 | ---- | M] () (No name found) -- C:\Users\USERNAME\AppData\Roaming\mozilla\firePC-Name\profiles\n4ygfv8t.default\extensions\{987311C6-B504-4aa2-90BF-60CC49808D42}.xpi
[2012.09.13 18:14:55 | 000,698,867 | ---- | M] () (No name found) -- C:\Users\USERNAME\AppData\Roaming\mozilla\firePC-Name\profiles\n4ygfv8t.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2012.10.11 04:20:40 | 000,252,340 | ---- | M] () (No name found) -- C:\Users\USERNAME\AppData\Roaming\mozilla\firePC-Name\profiles\n4ygfv8t.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2011.04.06 01:22:40 | 000,091,556 | ---- | M] () (No name found) -- C:\Users\USERNAME\AppData\Roaming\mozilla\firePC-Name\profiles\n4ygfv8t.default\extensions\{EDA7B1D7-F793-4e03-B074-E6F303317FB0}.xpi
[2011.04.22 15:34:09 | 000,002,006 | ---- | M] () -- C:\Users\USERNAME\AppData\Roaming\mozilla\firePC-Name\profiles\n4ygfv8t.default\searchplugins\ask.uk.xml
[2012.04.09 06:43:30 | 000,003,970 | ---- | M] () -- C:\Users\USERNAME\AppData\Roaming\mozilla\firePC-Name\profiles\n4ygfv8t.default\searchplugins\sweetim.xml
[2012.12.22 18:28:11 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla FirePC-Name\extensions
[2012.12.20 20:56:28 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\PROGRAM FILES\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2013\FFEXT\ANTI_BANNER@KASPERSKY.COM
[2012.12.07 01:22:58 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firePC-Name\components\browsercomps.dll
[2011.11.18 20:02:37 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firePC-Name\searchplugins\amazondotcom-de.xml
[2012.08.29 18:07:17 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firePC-Name\searchplugins\bing.xml
[2011.11.18 20:02:37 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firePC-Name\searchplugins\eBay-de.xml
[2011.05.23 21:38:25 | 000,002,048 | ---- | M] () -- C:\Program Files\mozilla firePC-Name\searchplugins\fcmdSrch.xml
[2011.11.18 20:02:37 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firePC-Name\searchplugins\leo_ende_de.xml
[2011.11.18 20:02:37 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firePC-Name\searchplugins\wikipedia-de.xml
[2011.11.18 20:02:37 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firePC-Name\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2012.11.16 17:11:19 | 000,001,782 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
ALLES KORREKT IN DER hosts
O1 - Hosts: 9 more lines...
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Programme\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Programme\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O3 - HKU\S-1-5-21-3061376349-1637372711-2336363411-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ACPW06DE] C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe (ACD Systems)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\System32\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [PlusService] C:\Programme\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 24
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\S-1-5-21-3061376349-1637372711-2336363411-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Free YouTube Download - C:\Users\USERNAME\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\USERNAME\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O13 - gopher Prefix: missing
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab (Reg Error: Key error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C182C14B-098A-4CE8-AC33-B1C1EDD19792}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C182C14B-098A-4CE8-AC33-B1C1EDD19792}: NameServer = 85.88.19.10,85.88.19.11
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - G:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{a935607e-c283-11df-8389-0018f31a4132}\Shell - "" = AutoRun
O33 - MountPoints2\{a935607e-c283-11df-8389-0018f31a4132}\Shell\AutoRun\command - "" = L:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.12.26 17:53:55 | 000,602,112 | ---- | C] (OldTimer Tools) -- D:\Users\USERNAME\Desktop\OTL.exe
[2012.12.24 01:49:23 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012.12.24 01:49:22 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012.12.24 01:48:18 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.12.24 01:48:17 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.12.24 01:48:17 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.12.24 01:48:17 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.12.24 01:48:16 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.12.24 01:48:15 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.12.24 01:48:15 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.12.24 01:48:14 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.12.24 01:41:51 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.12.24 01:41:46 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll
[2012.12.24 01:41:44 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012.12.24 01:41:37 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2012.12.24 01:41:37 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012.12.24 01:41:36 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2012.12.24 01:41:36 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2012.12.24 01:41:36 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2012.12.24 01:41:36 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.12.24 01:41:36 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2012.12.24 01:41:36 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2012.12.24 01:41:36 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2012.12.24 01:41:36 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2012.12.24 01:41:36 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.12.24 01:41:36 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.12.24 01:41:36 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2012.12.24 01:41:36 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.12.24 01:41:36 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2012.12.24 01:41:36 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2012.12.24 01:41:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2012.12.24 01:41:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.12.24 01:41:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2012.12.24 01:41:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2012.12.24 01:41:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2012.12.24 01:41:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2012.12.24 01:41:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.12.24 01:41:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2012.12.24 01:41:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2012.12.24 01:41:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2012.12.24 01:41:35 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2012.12.24 01:41:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2012.12.24 01:41:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2012.12.24 01:41:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2012.12.18 20:59:48 | 000,000,000 | ---D | C] -- C:\Users\USERNAME\AppData\Local\{4AF2B9C8-C438-48E6-9F5C-634919E98819}
[2012.12.15 17:43:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coolcolor Text Generator
[2012.12.15 17:43:20 | 000,000,000 | ---D | C] -- C:\Program Files\Coolcolor Text Generator
[2012.12.08 20:46:18 | 000,000,000 | ---D | C] -- C:\Users\USERNAME\AppData\Local\{9D7DCCA8-28C4-418B-B42D-C67F7C4A6303}
[2012.12.07 01:22:37 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla FirePC-Name
[2012.12.01 19:57:29 | 000,000,000 | ---D | C] -- C:\Users\USERNAME\AppData\Local\{F87AD3CE-853E-49BA-BD36-0AAB8952D98E}
[2012.11.28 22:11:46 | 000,000,000 | ---D | C] -- C:\Users\USERNAME\AppData\Local\{580B8D72-00FE-4406-A668-626671D72C92}
[2 D:\Users\USERNAME\Documents\*.tmp files -> D:\Users\USERNAME\Documents\*.tmp -> ]
[1 D:\Users\USERNAME\Desktop\*.tmp files -> D:\Users\USERNAME\Desktop\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.12.26 17:53:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Users\USERNAME\Desktop\OTL.exe
[2012.12.26 17:52:39 | 000,091,988 | ---- | M] () -- D:\Users\USERNAME\Documents\cc_20121226_175231.reg
[2012.12.26 17:30:44 | 000,021,392 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.26 17:30:44 | 000,021,392 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.26 17:30:21 | 000,711,060 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.12.26 17:30:21 | 000,664,050 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.12.26 17:30:21 | 000,154,046 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.12.26 17:30:21 | 000,126,076 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.12.26 17:25:36 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2012.12.26 17:25:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.26 17:25:03 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs
[2012.12.26 17:24:42 | 2415,321,088 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.26 06:15:55 | 000,055,168 | ---- | M] () -- C:\Windows\System32\BMXStateBkp-{00000001-00000000-0000000A-00001102-00000005-00281102}.rfx
[2012.12.26 06:15:55 | 000,055,168 | ---- | M] () -- C:\Windows\System32\BMXState-{00000001-00000000-0000000A-00001102-00000005-00281102}.rfx
[2012.12.26 06:15:55 | 000,000,788 | ---- | M] () -- C:\Windows\System32\DVCState-{00000001-00000000-0000000A-00001102-00000005-00281102}.rfx
[2012.12.25 14:58:36 | 000,050,477 | ---- | M] () -- D:\Users\USERNAME\Desktop\Defogger.exe
[2012.12.24 14:52:12 | 003,767,944 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.12.24 01:39:58 | 000,000,976 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.12.22 18:07:36 | 000,000,044 | ---- | M] () -- C:\unconfirm.ini
[2012.12.18 23:08:13 | 001,096,746 | ---- | M] () -- D:\Users\USERNAME\Desktop\ich-neu.jpg
[2012.12.18 20:30:38 | 000,001,957 | ---- | M] () -- C:\Users\Public\Desktop\FileZilla Client.lnk
[2012.12.18 00:14:50 | 000,000,600 | ---- | M] () -- C:\Users\USERNAME\AppData\Roaming\winscp.rnd
[2012.12.16 15:13:28 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012.12.16 15:13:20 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012.12.13 20:24:26 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.12.13 20:24:26 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.12.10 02:42:29 | 000,000,600 | ---- | M] () -- C:\Users\USERNAME\AppData\Local\PUTTY.RND
[2012.12.04 23:38:25 | 000,000,132 | ---- | M] () -- C:\Users\USERNAME\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012.12.03 21:05:30 | 000,001,456 | ---- | M] () -- C:\Users\USERNAME\AppData\Local\Adobe Für Web speichern 12.0 Prefs
[2 D:\Users\USERNAME\Documents\*.tmp files -> D:\Users\USERNAME\Documents\*.tmp -> ]
[1 D:\Users\USERNAME\Desktop\*.tmp files -> D:\Users\USERNAME\Desktop\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.12.26 17:52:37 | 000,091,988 | ---- | C] () -- D:\Users\USERNAME\Documents\cc_20121226_175231.reg
[2012.12.25 14:58:35 | 000,050,477 | ---- | C] () -- D:\Users\USERNAME\Desktop\Defogger.exe
[2012.12.22 18:07:36 | 000,000,044 | ---- | C] () -- C:\unconfirm.ini
[2012.12.08 16:43:17 | 001,096,746 | ---- | C] () -- D:\Users\USERNAME\Desktop\ich-neu.jpg
[2012.11.08 00:33:35 | 000,061,554 | ---- | C] () -- C:\Users\USERNAME\IMG_1774.JPG
[2012.11.08 00:33:35 | 000,033,427 | ---- | C] () -- C:\Users\USERNAME\IMG_1772.JPG
[2012.10.01 15:37:42 | 000,245,254 | ---- | C] () -- C:\Windows\hpoins19.dat.temp
[2012.10.01 15:37:42 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat.temp
[2012.10.01 15:30:25 | 000,083,498 | ---- | C] () -- C:\Windows\hpqins13.dat
[2012.10.01 15:18:21 | 000,078,456 | ---- | C] () -- C:\Windows\hpqins05.dat
[2012.09.16 02:47:28 | 000,017,408 | ---- | C] () -- C:\Users\USERNAME\AppData\Local\WebpageIcons.db
[2012.07.06 22:35:23 | 000,001,431 | ---- | C] () -- C:\Windows\SplitCam.INI
[2012.05.29 04:05:17 | 000,183,808 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2012.05.29 04:05:16 | 000,810,496 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2012.01.18 05:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2012.01.18 05:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2012.01.18 05:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe
[2012.01.05 22:14:13 | 1672,750,124 | ---- | C] () -- C:\Users\USERNAME\ts3_recording_12_01_05_22_14_11.wav
[2012.01.05 22:01:48 | 114,088,364 | ---- | C] () -- C:\Users\USERNAME\ts3_recording_12_01_05_22_1_46.wav
[2011.12.21 02:36:14 | 000,000,000 | ---- | C] () -- C:\Users\USERNAME\cd
[2011.11.28 20:51:05 | 000,000,032 | ---- | C] () -- C:\Windows\CD_Start.INI
[2011.10.30 23:02:41 | 000,000,107 | ---- | C] () -- C:\Windows\VobEdit.INI
[2011.10.30 22:37:57 | 000,000,195 | ---- | C] () -- C:\Windows\IfoEdit.INI
[2011.10.23 20:52:12 | 346,533,164 | ---- | C] () -- C:\Users\USERNAME\ts3_recording_11_10_23_21_52_8.wav
[2011.10.19 10:55:48 | 000,148,480 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL
[2011.10.19 10:55:48 | 000,073,728 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL
[2011.10.14 07:02:21 | 000,001,456 | ---- | C] () -- C:\Users\USERNAME\AppData\Local\Adobe Für Web speichern 12.0 Prefs
[2011.10.11 22:37:19 | 000,008,176 | ---- | C] () -- C:\Users\USERNAME\myt.php
[2011.10.10 12:53:30 | 003,767,944 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.09.28 16:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011.09.26 00:15:53 | 004,929,348 | ---- | C] () -- C:\Users\USERNAME\Unbenannt-1.psd
[2011.09.23 14:44:52 | 000,100,715 | ---- | C] () -- C:\Users\USERNAME\Add Hexcode FIFA11 for DSTT(infolib, extinfo, savlib).rar
[2011.08.27 23:42:09 | 000,080,896 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011.08.24 02:53:39 | 000,046,144 | ---- | C] () -- C:\Users\USERNAME\600px-Awesome_rage.jpg
[2011.08.23 02:06:34 | 000,000,600 | ---- | C] () -- C:\Users\USERNAME\PUTTY.RND
[2011.08.12 11:20:14 | 000,015,896 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2011.07.26 07:48:54 | 000,028,418 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2011.05.27 01:59:30 | 000,001,469 | ---- | C] () -- C:\Users\USERNAME\AppData\Roaming\dvdae.config
[2011.05.25 17:25:41 | 000,058,394 | ---- | C] () -- C:\Users\USERNAME\Moppel.jpg
[2011.04.30 22:26:27 | 000,049,152 | ---- | C] () -- C:\Windows\System32\AVerIO.dll
[2011.04.30 22:26:27 | 000,003,456 | ---- | C] () -- C:\Windows\System32\AVerIO.sys
[2011.04.30 22:26:26 | 000,606,208 | ---- | C] () -- C:\Windows\System32\sptlib21.dll
[2011.04.30 22:26:26 | 000,311,296 | ---- | C] () -- C:\Windows\System32\sptlib01.dll
[2011.04.30 22:26:26 | 000,294,912 | ---- | C] () -- C:\Windows\System32\sptlib11.dll
[2011.04.30 22:26:26 | 000,290,816 | ---- | C] () -- C:\Windows\System32\sptlib22.dll
[2011.04.30 22:26:26 | 000,249,856 | ---- | C] () -- C:\Windows\System32\sptlib03.dll
[2011.04.30 22:26:26 | 000,225,280 | ---- | C] () -- C:\Windows\System32\sptlib02.dll
[2011.04.30 22:26:26 | 000,135,168 | ---- | C] () -- C:\Windows\System32\sptlib12.dll
[2011.04.04 18:08:23 | 014,383,616 | ---- | C] () -- C:\ProgramData\gta_sa.exe
[2011.04.04 02:06:38 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011.04.04 02:05:51 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.03.12 23:17:57 | 000,225,280 | ---- | C] () -- C:\Users\USERNAME\de.cls.wcf.partnererweiterung_2.0.3_.tar
[2011.03.03 04:02:22 | 001,771,440 | ---- | C] () -- C:\Users\USERNAME\IOS36-64-V3351.wad
[2011.02.23 17:21:43 | 000,094,900 | ---- | C] () -- C:\Users\USERNAME\2_5 USB 3.0 Evolution Slim UG GERMAN.pdf
[2011.01.23 02:46:23 | 000,000,132 | ---- | C] () -- C:\Users\USERNAME\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2011.01.21 23:32:11 | 000,110,722 | ---- | C] () -- C:\Users\USERNAME\1.jpg
[2011.01.07 03:06:29 | 006,038,876 | ---- | C] () -- C:\Users\USERNAME\dzcp_gs_template017.zip
[2011.01.03 22:53:16 | 000,142,300 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2010.11.25 01:52:20 | 000,082,095 | ---- | C] () -- C:\Users\USERNAME\rose_Franzimaus.jpg
[2010.11.10 03:25:18 | 000,007,611 | ---- | C] () -- C:\Users\USERNAME\AppData\Local\Resmon.ResmonCfg
[2010.10.16 01:34:15 | 000,138,056 | ---- | C] () -- C:\Users\USERNAME\AppData\Roaming\PnkBstrK.sys
[2010.09.29 15:53:28 | 000,000,132 | ---- | C] () -- C:\Users\USERNAME\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2010.09.24 22:15:23 | 000,153,600 | ---- | C] () -- C:\Users\USERNAME\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.19 00:09:46 | 000,000,097 | ---- | C] () -- C:\Users\USERNAME\.Xauthority
[2010.09.18 00:20:27 | 000,000,600 | ---- | C] () -- C:\Users\USERNAME\AppData\Local\PUTTY.RND
[2010.09.17 23:52:25 | 000,000,600 | ---- | C] () -- C:\Users\USERNAME\AppData\Roaming\winscp.rnd
========== ZeroAccess Check ==========
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2011.01.07 02:26:50 | 000,000,000 | ---D | M] -- C:\Users\USERNAME\AppData\Roaming\ACD Systems
[2012.12.21 16:28:21 | 000,000,000 | ---D | M] -- C:\Users\USERNAME\AppData\Roaming\Amazon
[2012.11.12 13:39:50 | 000,000,000 | ---D | M] -- C:\Users\USERNAME\AppData\Roaming\Artisteer
[2012.05.23 05:57:47 | 000,000,000 | ---D | M] -- C:\Users\USERNAME\AppData\Roaming\CamTrack
[2011.10.03 15:36:38 | 000,000,000 | ---D | M] -- C:\Users\USERNAME\AppData\Roaming\Cuttermaran
[2012.12.26 17:51:19 | 000,000,000 | ---D | M] -- C:\Users\USERNAME\AppData\Roaming\DAEMON Tools Lite
[2012.08.09 19:13:37 | 000,000,000 | ---D | M] -- C:\Users\USERNAME\AppData\Roaming\DVDVideoSoft
[2012.08.09 19:13:16 | 000,000,000 | ---D | M] -- C:\Users\USERNAME\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.12.26 17:51:18 | 000,000,000 | ---D | M] -- C:\Users\USERNAME\AppData\Roaming\FileZilla
[2011.12.22 22:07:28 | 000,000,000 | ---D | M] -- C:\Users\USERNAME\AppData\Roaming\HTC
[2012.02.27 15:54:42 | 000,000,000 | ---D | M] -- C:\Users\USERNAME\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2012.12.26 06:14:51 | 000,000,000 | ---D | M] -- C:\Users\USERNAME\AppData\Roaming\ICQ
[2011.10.14 20:02:38 | 000,000,000 | ---D | M] -- C:\Users\USERNAME\AppData\Roaming\Image-Line
[2011.06.23 23:52:12 | 000,000,000 | ---D | M] -- C:\Users\USERNAME\AppData\Roaming\ImgBurn
[2011.10.02 06:27:05 | 000,000,000 | ---D | M] -- C:\Users\USERNAME\AppData\Roaming\jomic
[2011.05.29 12:00:37 | 000,000,000 | ---D | M] -- C:\Users\USERNAME\AppData\Roaming\Leadertech
[2011.10.03 21:24:18 | 000,000,000 | ---D | M] -- C:\Users\USERNAME\AppData\Roaming\LEAPS
[2012.03.26 04:31:42 | 000,000,000 | ---D | M] -- C:\Users\USERNAME\AppData\Roaming\MyPhoneExplorer
[2012.12.26 17:51:18 | 000,000,000 | ---D | M] -- C:\Users\USERNAME\AppData\Roaming\Notepad++
[2011.04.22 15:34:02 | 000,000,000 | ---D | M] -- C:\Users\USERNAME\AppData\Roaming\OCS
[2011.04.22 15:34:09 | 000,000,000 | ---D | M] -- C:\Users\USERNAME\AppData\Roaming\Opera
[2011.09.24 00:34:29 | 000,000,000 | ---D | M] -- C:\Users\USERNAME\AppData\Roaming\Outlook
[2011.10.03 21:46:19 | 000,000,000 | ---D | M] -- C:\Users\USERNAME\AppData\Roaming\Pegasys Inc
[2011.10.30 22:48:14 | 000,000,000 | ---D | M] -- C:\Users\USERNAME\AppData\Roaming\ResourceCentral.E6E1B28A311BC518DB6C6883EA3757FDE0E90ADC.1
[2010.10.17 20:28:08 | 000,000,000 | ---D | M] -- C:\Users\USERNAME\AppData\Roaming\ScreeNet iSaver
[2011.08.23 00:25:23 | 000,000,000 | ---D | M] -- C:\Users\USERNAME\AppData\Roaming\SecondLife
[2011.03.17 01:49:59 | 000,000,000 | ---D | M] -- C:\Users\USERNAME\AppData\Roaming\Steinberg
[2011.10.14 20:09:26 | 000,000,000 | ---D | M] -- C:\Users\USERNAME\AppData\Roaming\SynthMaker
[2012.06.04 06:05:03 | 000,000,000 | ---D | M] -- C:\Users\USERNAME\AppData\Roaming\TeamViewer
[2012.12.26 17:51:18 | 000,000,000 | ---D | M] -- C:\Users\USERNAME\AppData\Roaming\TS3Client
[2011.01.20 04:57:47 | 000,000,000 | ---D | M] -- C:\Users\USERNAME\AppData\Roaming\TuneUp Software
[2012.12.26 17:51:18 | 000,000,000 | ---D | M] -- C:\Users\USERNAME\AppData\Roaming\uTorrent
[2011.03.17 01:49:59 | 000,000,000 | ---D | M] -- C:\Users\USERNAME\AppData\Roaming\VST3 Presets
[2011.10.10 05:59:41 | 000,000,000 | ---D | M] -- C:\Users\USERNAME\AppData\Roaming\Wise Disk Cleaner
[2011.12.21 01:25:05 | 000,000,000 | -HSD | M] -- C:\Users\USERNAME\AppData\Roaming\wyUpdate AU
[2011.10.30 22:00:47 | 000,000,000 | ---D | M] -- C:\Users\USERNAME\AppData\Roaming\Xilisoft
========== Purity Check ==========
< End of report >
Hier die Extras.txt: Code:
OTL Extras logfile created on: 26.12.2012 17:55:09 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Users\USERNAME\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,74 Gb Available Physical Memory | 57,98% Memory free
5,99 Gb Paging File | 4,70 Gb Available in Paging File | 78,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 63,38 Gb Total Space | 8,50 Gb Free Space | 13,41% Space Free | Partition Type: NTFS
Drive D: | 402,28 Gb Total Space | 107,39 Gb Free Space | 26,70% Space Free | Partition Type: NTFS
Drive E: | 372,61 Gb Total Space | 49,58 Gb Free Space | 13,31% Space Free | Partition Type: NTFS
Drive F: | 465,76 Gb Total Space | 9,77 Gb Free Space | 2,10% Space Free | Partition Type: NTFS
Drive G: | 931,51 Gb Total Space | 1,71 Gb Free Space | 0,18% Space Free | Partition Type: NTFS
Drive J: | 1,88 Gb Total Space | 1,80 Gb Free Space | 96,06% Space Free | Partition Type: FAT32
Computer Name: PC-Name | User Name: USERNAME | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3061376349-1637372711-2336363411-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirePC-NameHTML] -- C:\Programme\Mozilla FirePC-Name\firePC-Name.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Pro 6.Manage] -- "C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeeQVPro6.exe" "%1" (ACD Systems International Inc.)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [MediaMonkey.1Play] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)
Directory [MediaMonkey.2PlayNext] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)
Directory [MediaMonkey.3Enqueue] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02C7B963-B363-4C37-89A4-DD141EE41923}" = rport=139 | protocol=6 | dir=out | app=system |
"{04CA696A-6774-4406-8F43-2473775856A3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{0C281299-3C4E-45A6-8184-B4CF44705690}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{0EDBA6CF-275D-4D90-8B0E-920E3E025E3C}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{205AEADC-760B-4211-B547-3201A9268CA3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{23022C43-4414-419A-B2F5-95DBD044E570}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{25DFC57D-B8A1-4130-9F49-96EFB797EA74}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{26DED956-9F38-4EF8-A7A4-CFF2548CB4FA}" = rport=137 | protocol=17 | dir=out | app=system |
"{2A228680-BB48-4B9D-B263-AC30BEAC9BA6}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{2DC9C5C3-7BB6-42BE-97F5-0545EEAABC03}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{33F8A250-3A41-4009-B015-6C9289B11467}" = rport=2869 | protocol=6 | dir=out | app=system |
"{38B65C32-223C-4029-A0AF-0E8158A7DA5A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{403E887E-6C81-4D71-89F9-BF59EDE40D43}" = rport=138 | protocol=17 | dir=out | app=system |
"{596F239D-D43C-4EF3-A1C7-501B651CF811}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{6C9CE711-B166-4D7C-84B2-DB8D73228BC6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6F5F9DE5-900E-486A-AD41-E171F7CFC638}" = lport=139 | protocol=6 | dir=in | app=system |
"{6FC86772-497E-4120-ACC0-8E7F0240FEEE}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{70A54707-686C-46EE-96E2-3F35103245BB}" = lport=10243 | protocol=6 | dir=in | app=system |
"{77BC7984-3B4F-4D0E-B264-16CC907703C4}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{82E4163E-34CD-436C-A349-C6854FD5524A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{95E87C9B-2006-44C1-A8E8-99AC8CAFE46D}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{A102CE9E-EBBC-4FDA-B4F9-560D8F2040C9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A205EC4D-1D74-4ACC-925B-95491E67D8DE}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{AF6B85CA-9E08-42EF-818D-DAF41D1DF021}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B09686A9-FD89-4808-99C7-CFD55EDC684E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B17C346B-D740-4EF5-8ADA-D589B8DB8015}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B8256F09-4719-431C-8731-067DF0DCBB80}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B8556B36-9DCA-47F2-8931-29437B637B26}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B9A4C808-95D8-40A2-A222-51D12F36096D}" = rport=445 | protocol=6 | dir=out | app=system |
"{C24E672C-9DDB-4872-AAFC-84FF926EC80F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D331FBC5-BC81-47D6-BCD1-C5DF4F5198BF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D7F0BEE9-3EDE-4AAE-B8E5-7FD9066E629E}" = lport=138 | protocol=17 | dir=in | app=system |
"{DB235DD1-9EC0-472B-8748-57D748D4EE52}" = lport=445 | protocol=6 | dir=in | app=system |
"{DB499973-DE3B-4757-8031-CC3455451BC2}" = lport=49162 | protocol=6 | dir=in | name=akamai netsession interface |
"{DF30A477-ED70-48CF-8D71-2332C2A045FD}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F42D699A-AC68-4650-86F2-4D9A6F4578D4}" = lport=49166 | protocol=6 | dir=in | name=akamai netsession interface |
"{F81BF8CD-3A33-44E2-97B3-D1FAB88590C1}" = rport=10243 | protocol=6 | dir=out | app=system |
"{F85B1327-362B-4E78-A194-43E3D610B084}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FC90CC49-5CB3-4A3B-917B-989A126F1885}" = lport=137 | protocol=17 | dir=in | app=system |
"{FD9E2BD2-AE67-4131-8F2C-CC956D0D04E1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0363EFA7-89A2-439D-B088-E5AA304CAB6E}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\battlefield 2\bf2.exe |
"{074B7435-98A2-4B8B-9C56-8002720252EA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0CA19611-B58A-4C26-A8E0-8E1F79A1EF4B}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{0F3EFBD1-1039-4B4C-AC03-456A0A8551EF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{153202D2-FBA6-40B7-A896-FBF24270CB74}" = protocol=6 | dir=in | app=c:\program files\icq7m\icq.exe |
"{171E06DC-9DF3-4D9E-BB9C-3AB6801E9A17}" = protocol=6 | dir=in | app=c:\program files\icq7.6\icq.exe |
"{19470F2D-2A6C-4177-88A2-E7D4483A754B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1B045438-C43A-4381-B794-7069AA9BC134}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{1FC7E2D8-522A-4AC6-B084-AC8488073EA6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{21050420-887E-4789-ADF9-C7A442997A1B}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\burnout(tm) paradise the ultimate box\burnoutconfigtool.exe |
"{292682D5-82DD-4825-9EC7-D3C7114D2C07}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{29A2A2A6-C57F-4BAE-B720-C119F4193CC2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2B70B0A6-456F-48BF-AA7B-4F360F6CD770}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{31AB5B0F-F548-4EE8-ABDC-60EA7A99DF81}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{3679E768-6236-4D86-B627-AF00152D2D4B}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{36B1B4BC-5224-4EC1-BE4C-6B07421D6071}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{3A724F02-E397-4660-8D25-B682DD7DA7C0}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\burnout(tm) paradise the ultimate box\burnoutconfigtool.exe |
"{3CFA3AE9-47B1-4577-963C-AFFDE06F2989}" = protocol=6 | dir=in | app=e:\spiele\grand theft auto iv\launchgtaiv.exe |
"{401C0BBF-97E8-402E-9612-982C0F660B66}" = protocol=6 | dir=in | app=c:\program files\icq7m\icq.exe |
"{423F278D-3F02-410F-A3A2-7DEA420F591A}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\crysis\bin32\crysis.exe |
"{44864454-8FF3-4323-8961-36EADE2D0689}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{4597AEAF-E6BC-45C3-B6EA-AD90B8E50127}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4D1C8137-F8A5-446C-B83A-86DB317FE218}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{54DB0206-D584-4CB1-BE4D-703EE38C7AC3}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{5D5EF082-9C59-4206-A2E9-2BEF953B077E}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\battlefield 2\support\ea help\electronic_arts_technical_support.htm |
"{5E51F6F0-C1D8-4111-97FC-7860499DDB41}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{67B76A5B-FD83-4C7E-A1AA-B75891872FF1}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\battlefield bad company 2\support\ea help\electronic_arts_technical_support.htm |
"{6ACCD523-FDEB-41A4-ADCD-42614746A394}" = protocol=17 | dir=in | app=c:\program files\icq7.6\icq.exe |
"{6B1ED1CF-967C-41AC-B110-E3D24575CC4A}" = protocol=6 | dir=in | app=d:\spiele\steam\steam.exe |
"{6B304DCF-3AF1-4452-9541-203ECCF471F4}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{6E7609F3-AF66-49C8-A399-E0C9D0AB23AD}" = protocol=17 | dir=in | app=c:\program files\icq7.6\icq.exe |
"{714E66D0-767A-4CF7-B756-CAB04A9F758C}" = protocol=17 | dir=in | app=e:\spiele\grand theft auto iv\launchgtaiv.exe |
"{71C55B6E-3487-439B-BD84-340CA004EB37}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{77B21413-46ED-4022-B6E8-23E4797901D2}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\burnout(tm) paradise the ultimate box\burnoutparadise.exe |
"{78958CCF-E552-4086-805B-76869FFE4C6F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{797516F3-49C5-41D7-8A95-A2BFE30E66F1}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{7A38D0D2-5024-4822-9C19-52E9B5EE2220}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\battlefield bad company 2\bfbc2game.exe |
"{7CCFFE78-0C96-439C-B465-6959AF5A65B0}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\burnout(tm) paradise the ultimate box\burnoutparadise.exe |
"{7E4A6097-93B0-4E86-AEAA-054A2A9E3111}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{84868596-7F0A-4FCA-95CF-5F5CD4EA3F83}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{8AB7B73D-29E6-4913-891B-16E22604B108}" = protocol=6 | dir=in | app=e:\spiele\need for speed - hot pursuit 2010\launcher.exe |
"{8BC9B893-9541-4BD0-83E9-8E6A2E9FDD1B}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{912F2ACA-DD14-47AC-8D56-C6507B0DDA18}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{92ABDC9F-7D38-4324-A77C-1A3B97934B90}" = protocol=6 | dir=out | app=system |
"{935EC6B3-DD60-4FCB-AB46-29881E78E758}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9D44C7C0-062D-4629-8360-C02FAC957979}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{9DE5DBDF-B50C-4B54-8A48-673F2DC5B2C1}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{A1029362-62C4-4FB9-B710-CDA13FC2D1A3}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{AE42AC80-C1A4-4D82-8D28-F238184AA56D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B0BBB2EA-7F47-462B-ACA0-83835415110D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B7B1013D-F8A2-4C72-838A-6F8197A18875}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\battlefield bad company 2\support\ea help\electronic_arts_technical_support.htm |
"{BE64F132-76F2-4137-8C3D-659B72712ECC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BF3EA96B-9F64-452D-B8B3-5E10A24A0018}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\crysis\bin32\crysis.exe |
"{C4C561DE-84D3-4B9C-8395-4DD1A7D9093E}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{C81AC62D-0267-4257-85F1-9F870A1DD279}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\battlefield bad company 2\bfbc2game.exe |
"{C8D414E7-AF0E-4C86-AC7B-93BF16E44484}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\battlefield 2\bf2.exe |
"{CAF4143D-290E-4636-AE6E-01F1E1570763}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{CBAF05DE-1626-4A6B-A993-1AB746E206BC}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\burnout(tm) paradise the ultimate box\support\ea help\electronic_arts_technical_support.htm |
"{D0350942-D4A0-4CB6-B2F2-694B1F13235E}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\crysis wars\bin32\crysis.exe |
"{D1E85C26-9E68-421B-8459-33DDD20C6853}" = protocol=6 | dir=in | app=c:\program files\utorrent3\utorrent.exe |
"{D4874BA0-6FE0-4808-BEF8-D0FD1C2FF6A0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D9DFD9AE-C4E4-4CEA-A444-EE21668DD403}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{DA9B1E00-1E5B-40DB-869D-249B8E064211}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\burnout(tm) paradise the ultimate box\support\ea help\electronic_arts_technical_support.htm |
"{DB8FA375-6E91-4E65-A411-FC6CAE3F55C1}" = protocol=17 | dir=in | app=c:\program files\icq7m\icq.exe |
"{DC53929B-9474-43D0-B5D8-3F38414913A5}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\crysis wars\bin32\crysis.exe |
"{E19C7EC0-FF5B-482D-9528-AEA133A23C15}" = protocol=17 | dir=in | app=e:\spiele\need for speed - hot pursuit 2010\launcher.exe |
"{E1B4CE26-1EB4-42E3-AA0B-9F17056B683D}" = protocol=6 | dir=in | app=c:\program files\icq7.6\icq.exe |
"{E3B103C3-A9E9-4492-88BE-46FDEEC93F3D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EA90228B-FF17-4A8E-94C3-05B15D60BFC5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EE95B232-D447-4BFA-AD0B-3F38C583FF4F}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\battlefield 2\support\ea help\electronic_arts_technical_support.htm |
"{EF80B502-4FAF-4DBB-AC88-5B943126B644}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{F16522C5-CBC7-43F7-8F5A-29E5580A2512}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{F56B11DD-306E-4164-BC2F-85214FBED1E3}" = protocol=17 | dir=in | app=c:\program files\icq7m\icq.exe |
"{F7742B13-74FD-4B98-A824-03AF07708C70}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F84B9A0C-7D56-4568-91BF-97FF1B862F13}" = protocol=17 | dir=in | app=c:\program files\utorrent3\utorrent.exe |
"{F9229439-E58A-498E-AF51-A218E9316726}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{F9DACAD8-40B7-4FDB-B4CF-FE2F6ACC6823}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FE79B516-88AA-43A5-A4D6-3DB60AD732C4}" = protocol=17 | dir=in | app=d:\spiele\steam\steam.exe |
"{FF90FE35-D739-43C5-AE18-5BCAE9B60FEB}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{0659E943-DDF4-44FC-9FEE-A13B09F8BB08}" = Adobe Flash Media Live Encoder 3.2
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0A35B15C-9CCD-4C0C-BD5B-34ABF8C95813}_is1" = ICQ 7.8 Build #6800 Banner Remover 1.0
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}" = Adobe Creative Suite 5 Master Collection
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F77C418-2C90-459C-BD33-B56A4182B9FA}" = System Requirements Lab CYRI
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema v1.5.2.3456
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{2D9F8079-7D50-3EFD-B3BD-ED642E4EE756}" = Microsoft Visual Basic PowerPacks 10.0
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{490BF87E-1F75-4453-BF55-9F540543A3CA}" = Steinberg Drum Loop Expansion 01
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}" = Steinberg Cubase 5
"{4B4E8814-F682-4197-8F4B-E9FFC6F08977}" = System Requirements Lab for Intel
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D454CF8-12FD-464D-B57B-B46FE27B78BB}" = Steinberg LoopMash Content
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{526B2AE8-73DF-4CE0-B140-9968677A7C93}" = HTC Sync
"{528145C0-462A-11E1-B8B4-B8AC6F97B88E}" = Google Earth
"{532B917B-8235-4FA5-BE36-643A8BB053A5}" = Steinberg REVerence Content 01
"{53AD87D3-72AE-4D07-8A7A-1F4D54E83777}" = ACDSee Foto-Editor
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8302}" = Grand Theft Auto IV
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"{5F548A02-80BC-404D-BAE6-F05F9BF6B449}" = Nero DiscCopyGadget 10 Help (CHM)
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}" = ICQ7M
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{825E9A84-1E03-4526-9F8E-45015C938A7C}" = WBFS Manager 4.0
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed(TM) Hot Pursuit
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}" = Steinberg HALionOne Studio Drum Set
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUS_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUS_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUS_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{92EC1A84-7FFC-42DF-A8F6-79C21C4765A5}" = Nero DiscCopy Gadget 10
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
"{AC997F93-0757-4ED4-A701-F40C2D654D09}" = Steinberg HALionOne GM Drum Set
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B96D2269-568B-4CBF-9332-12FAE8B158F7}" = Medieval CUE Splitter
"{BD86F1AC-B594-46E4-85DC-1258AC9E2232}" = Steinberg Groove Agent ONE Content
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC13FB47-0B90-46C3-9BB7-57D2DB455D4D}" = Microsoft Xbox 360 Accessories 1.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}" = Steinberg HALionOne Studio Set
"{D40B2C78-30CA-4A8F-A157-C86B491C73AF}" = ACDSee Pro 6
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D47087E7-AA15-4D1D-8C0A-60F7E446D597}" = PSP ISO Compressor
"{D82CDA0D-C182-42C8-8FF2-5649C98D6003}" = Steinberg HALionOne Pro Set
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}" = Steinberg HALionOne Expression Set
"{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}" = AVerTV
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E70E7159-93B1-470D-9FBD-D8E9EF34B538}" = Steinberg HALionOne
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F057965A-D974-4C64-ADB1-4381CD4B8956}" = Steinberg HALionOne GM Set
"{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}" = Steinberg HALionOne Additional Content Set 01
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"{FE11A673-E24C-4290-9A33-ED66E8662C9C}" = Ultimate Multi Tool
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AnyDVD" = AnyDVD
"Artisteer 3" = Artisteer 3
"Artisteer 4" = Artisteer 4
"Audacity_is1" = Audacity 1.2.6
"AudioCS" = Creative Audio-Systemsteuerung
"Audiograbber" = Audiograbber 1.83 SE
"AVerMedia A850 USB DMB-TH" = AVerMedia A850 USB DMB-TH 1.0.0.28
"Call of Duty Black Ops GERMAN Uncut 1.00" = Call of Duty Black Ops GERMAN Uncut 1.00
"CamTrack_is1" = CamTrack
"CCleaner" = CCleaner
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Coolcolor Text Generator_is1" = Coolcolor Text Generator 1.0
"DScaler 4.1.15_is1" = DScaler 4.1.15
"DVD Audio Extractor_is1" = DVD Audio Extractor 5.3.0
"DVD Shrink DE_is1" = DVD Shrink 3.2 deutsch
"F.E.A.R. 2: Project Origin" = F.E.A.R. 2: Project Origin
"ffdshow_is1" = ffdshow v1.1.3974 [2011-08-22]
"FileZilla Client" = FileZilla Client 3.6.0.2
"FL Studio 10" = FL Studio 10
"FLAC" = FLAC 1.2.1b (remove only)
"FLV Player" = FLV Player 2.0 (build 25)
"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 5.0.11.508
"Free YouTube Download_is1" = Free YouTube Download version 3.1.31.706
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.22.508
"GamersFirst War Rock" = War Rock
"Hitman Sniper Challenge_is1" = Hitman Sniper Challenge
"HyperCam 2" = HyperCam 2
"ImgBurn" = ImgBurn
"InstallShield_{FE11A673-E24C-4290-9A33-ED66E8662C9C}" = Ultimate Multi Tool
"InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"MediaInfo" = MediaInfo 0.7.59
"MediaMonkey_is1" = MediaMonkey 3.2
"Messenger Plus!" = Messenger Plus! 6
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"mIRC" = mIRC
"Mozilla FirePC-Name 12.0 (x86 de)" = Mozilla FirePC-Name 12.0 (x86 de)
"Mozilla FirePC-Name 17.0.1 (x86 de)" = Mozilla FirePC-Name 17.0.1 (x86 de)
"MPE" = MyPhoneExplorer
"NeroShowTime!UninstallKey" = Nero ShowTime CE
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"PunkBusterSvc" = PunkBuster Services
"Saints Row 2 Update 2" = Saints Row 2 Update 2
"SplitCam" = SplitCam
"Steam App 10" = Counter-Strike
"Steam App 17300" = Crysis
"Steam App 17330" = Crysis Warhead
"Steam App 17340" = Crysis Wars
"Steam App 211" = Source SDK
"Steam App 240" = Counter-Strike: Source
"Steam App 24740" = Burnout Paradise: The Ultimate Box
"Steam App 24960" = Battlefield: Bad Company 2
"Steam App 320" = Half-Life 2: Deathmatch
"Steam App 440" = Team Fortress 2
"Steam App 730" = Counter-Strike: Global Offensive
"SystemRequirementsLab" = System Requirements Lab
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 7" = TeamViewer 7
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.11
"WaveLabPro" = WaveLab 6
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"winscp3_is1" = WinSCP 4.3.9
"Wise Disk Cleaner_is1" = Wise Disk Cleaner 6.15
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 22.12.2012 12:57:41 | Computer Name = PC-Name | Source = VSS | ID = 8194
Description =
Error - 23.12.2012 12:15:47 | Computer Name = PC-Name | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\HTC\HTC
Sync 3.0\FDAgentForOutlook64.exe". Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 23.12.2012 12:16:45 | Computer Name = PC-Name | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Ultimate
Multi Tool\bin\drivers\dpinstx64.exe". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 23.12.2012 12:17:50 | Computer Name = PC-Name | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "d:\Spiele\Steam\steamapps\common\crysis
wars\Bin64\Crysis.exe". Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 23.12.2012 12:17:50 | Computer Name = PC-Name | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "d:\Spiele\Steam\steamapps\common\crysis
wars\Bin64\CrysisWarsDedicatedServer.exe". Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 23.12.2012 19:45:03 | Computer Name = PC-Name | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: DrvInst.exe, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bc04d Name des fehlerhaften Moduls: hpzids01.dll, Version: 13.0.338.0,
Zeitstempel: 0x4a1cc51a Ausnahmecode: 0xc0000417 Fehleroffset: 0x0002641a ID des fehlerhaften
Prozesses: 0x83c Startzeit der fehlerhaften Anwendung: 0x01cde167441da08c Pfad der
fehlerhaften Anwendung: C:\Windows\system32\DrvInst.exe Pfad des fehlerhaften Moduls:
C:\Windows\system32\hpzids01.dll Berichtskennung: c4fe35cc-4d5a-11e2-b9c8-0018f31a4132
Error - 25.12.2012 12:49:33 | Computer Name = PC-Name | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\HTC\HTC
Sync 3.0\FDAgentForOutlook64.exe". Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 25.12.2012 12:50:36 | Computer Name = PC-Name | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Ultimate
Multi Tool\bin\drivers\dpinstx64.exe". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 25.12.2012 12:52:01 | Computer Name = PC-Name | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "d:\Spiele\Steam\steamapps\common\crysis
wars\Bin64\Crysis.exe". Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 25.12.2012 12:52:01 | Computer Name = PC-Name | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "d:\Spiele\Steam\steamapps\common\crysis
wars\Bin64\CrysisWarsDedicatedServer.exe". Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
[ Media Center Events ]
Error - 27.05.2011 05:56:01 | Computer Name = PC-Name | Source = MCUpdate | ID = 0
Description = 11:56:01 - Fehler beim Herstellen der Internetverbindung. 11:56:01
- Serververbindung konnte nicht hergestellt werden..
Error - 27.05.2011 05:56:17 | Computer Name = PC-Name | Source = MCUpdate | ID = 0
Description = 11:56:06 - Fehler beim Herstellen der Internetverbindung. 11:56:06
- Serververbindung konnte nicht hergestellt werden..
Error - 04.06.2011 08:56:37 | Computer Name = PC-Name | Source = MCUpdate | ID = 0
Description = 14:56:37 - Fehler beim Herstellen der Internetverbindung. 14:56:37
- Serververbindung konnte nicht hergestellt werden..
Error - 04.06.2011 08:56:54 | Computer Name = PC-Name | Source = MCUpdate | ID = 0
Description = 14:56:42 - Fehler beim Herstellen der Internetverbindung. 14:56:42
- Serververbindung konnte nicht hergestellt werden..
Error - 05.06.2011 07:40:48 | Computer Name = PC-Name | Source = MCUpdate | ID = 0
Description = 13:40:48 - Fehler beim Herstellen der Internetverbindung. 13:40:48
- Serververbindung konnte nicht hergestellt werden..
Error - 05.06.2011 07:41:04 | Computer Name = PC-Name | Source = MCUpdate | ID = 0
Description = 13:40:53 - Fehler beim Herstellen der Internetverbindung. 13:40:53
- Serververbindung konnte nicht hergestellt werden..
Error - 16.06.2011 06:51:44 | Computer Name = PC-Name | Source = MCUpdate | ID = 0
Description = 12:51:44 - Fehler beim Herstellen der Internetverbindung. 12:51:44
- Serververbindung konnte nicht hergestellt werden..
Error - 16.06.2011 06:52:07 | Computer Name = PC-Name | Source = MCUpdate | ID = 0
Description = 12:51:49 - Fehler beim Herstellen der Internetverbindung. 12:51:49
- Serververbindung konnte nicht hergestellt werden..
Error - 29.06.2011 04:41:51 | Computer Name = PC-Name | Source = MCUpdate | ID = 0
Description = 10:41:51 - Fehler beim Herstellen der Internetverbindung. 10:41:51
- Serververbindung konnte nicht hergestellt werden..
Error - 29.06.2011 04:42:08 | Computer Name = PC-Name | Source = MCUpdate | ID = 0
Description = 10:41:56 - Fehler beim Herstellen der Internetverbindung. 10:41:56
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 22.12.2012 13:43:57 | Computer Name = PC-Name | Source = WMPNetworkSvc | ID = 866300
Description =
Error - 23.12.2012 09:05:18 | Computer Name = PC-Name | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Microsoft .NET Framework NGEN v4.0.30319_X86 erreicht.
Error - 23.12.2012 11:44:25 | Computer Name = PC-Name | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?23.?12.?2012 um 16:42:28 unerwartet heruntergefahren.
Error - 23.12.2012 11:44:30 | Computer Name = PC-Name | Source = BugCheck | ID = 1001
Description =
Error - 23.12.2012 20:02:29 | Computer Name = PC-Name | Source = volsnap | ID = 393252
Description = Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher
nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error - 24.12.2012 09:56:02 | Computer Name = PC-Name | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Intelligenter Hintergrundübertragungsdienst" wurde nicht
richtig gestartet.
Error - 24.12.2012 19:37:08 | Computer Name = PC-Name | Source = volsnap | ID = 393252
Description = Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher
nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error - 24.12.2012 23:05:55 | Computer Name = PC-Name | Source = DCOM | ID = 10010
Description =
Error - 25.12.2012 09:43:35 | Computer Name = PC-Name | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?25.?12.?2012 um 14:35:07 unerwartet heruntergefahren.
Error - 25.12.2012 09:46:37 | Computer Name = PC-Name | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Microsoft .NET Framework NGEN v4.0.30319_X86 erreicht.
< End of report >
Bitte helft... Ich dachte das Problem wäre weg, da es einfahc nicht mehr auftrat, aber heute war die avp.exe wieder auf 50%.
Malware Scan habe ich auf höchster Stufe mit Kaspersky Internet Security 2013 gemacht und nichts gefunden.
LG |
