Hallo und guten Morgen,
habe die Scans erledigt. Anbei die Log-Files. Ich habe gerade bemerkt, dass ich eine DVD und eine SD Karte am Rechner dran bzw. drin hatte. Ich hoffe, das verfälscht nichts.
JRT Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Professional x86
Ran by Katrin on 09.05.2013 at 9:26:21,50
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apnupdater
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\tarma installer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\genericasktoolbar.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\yontooieclient.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\genericasktoolbar.toolbarwnd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\genericasktoolbar.toolbarwnd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\features\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\products\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.layers
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.layers.1
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{07ED1707-0F10-4E44-8909-39FDE7B7C160}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC8}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\Program Files\icq6toolbar"
~~~ FireFox
Successfully deleted: [Folder] C:\Users\Katrin\AppData\Roaming\mozilla\firefox\profiles\5vb97e43.default\conduitcommon
Successfully deleted: [Folder] C:\Users\Katrin\AppData\Roaming\mozilla\firefox\profiles\5vb97e43.default\extensions\toolbar@ask.com
Successfully deleted the following from C:\Users\Katrin\AppData\Roaming\mozilla\firefox\profiles\5vb97e43.default\prefs.js
user_pref("CT2843456..clientLogIsEnabled", false);
user_pref("CT2843456..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
user_pref("CT2843456..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
user_pref("CT2843456.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
user_pref("CT2843456.AppTrackingLastCheckTime", "Thu Jul 14 2011 00:29:49 GMT+0200");
user_pref("CT2843456.CTID", "CT2843456");
user_pref("CT2843456.CommunitiesChangesLastCheckTime", "0");
user_pref("CT2843456.CurrentServerDate", "22-9-2011");
user_pref("CT2843456.DialogsAlignMode", "LTR");
user_pref("CT2843456.DialogsGetterLastCheckTime", "Tue Sep 20 2011 21:21:05 GMT+0200");
user_pref("CT2843456.DownloadReferralCookieData", "{\"BannerName\":\"\",\"BannerTypeId\":\"\",\"BannerCulture\":\"\",\"DownloadTime\":\"1/7/2011 10:27:47 PM\",\"SourceId\":0,\
user_pref("CT2843456.EnableClickToSearchBox", false);
user_pref("CT2843456.EnableSearchHistory", false);
user_pref("CT2843456.EnableSearchSuggest", false);
user_pref("CT2843456.FirstServerDate", "7-1-2011");
user_pref("CT2843456.FirstTime", true);
user_pref("CT2843456.FirstTimeFF3", true);
user_pref("CT2843456.FixPageNotFoundErrors", true);
user_pref("CT2843456.GroupingInvalidateCache", false);
user_pref("CT2843456.GroupingLastCheckTime", "0");
user_pref("CT2843456.GroupingLastServerUpdateTime", "0");
user_pref("CT2843456.GroupingServerCheckInterval", 1440);
user_pref("CT2843456.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
user_pref("CT2843456.HasUserGlobalKeys", true);
user_pref("CT2843456.HomePageProtectorEnabled", false);
user_pref("CT2843456.Initialize", true);
user_pref("CT2843456.InitializeCommonPrefs", true);
user_pref("CT2843456.InstallationAndCookieDataSentCount", 3);
user_pref("CT2843456.InstalledDate", "Fri Jan 07 2011 20:29:04 GMT+0100");
user_pref("CT2843456.InvalidateCache", false);
user_pref("CT2843456.IsAlertDBUpdated", true);
user_pref("CT2843456.IsGrouping", false);
user_pref("CT2843456.IsMulticommunity", false);
user_pref("CT2843456.IsOpenThankYouPage", true);
user_pref("CT2843456.IsOpenUninstallPage", true);
user_pref("CT2843456.LanguagePackLastCheckTime", "Thu Sep 22 2011 06:28:22 GMT+0200");
user_pref("CT2843456.LanguagePackReloadIntervalMM", 1440);
user_pref("CT2843456.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
user_pref("CT2843456.LastLogin_3.2.5.2", "Tue Mar 22 2011 22:39:52 GMT+0100");
user_pref("CT2843456.LastLogin_3.3.3.2", "Wed Jun 22 2011 10:18:43 GMT+0200");
user_pref("CT2843456.LastLogin_3.5.0.12", "Fri Jul 29 2011 05:17:01 GMT+0200");
user_pref("CT2843456.LastLogin_3.6.0.10", "Thu Sep 22 2011 06:28:22 GMT+0200");
user_pref("CT2843456.LatestVersion", "3.6.0.10");
user_pref("CT2843456.Locale", "de-de");
user_pref("CT2843456.MCDetectTooltipHeight", "83");
user_pref("CT2843456.MCDetectTooltipShow", false);
user_pref("CT2843456.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
user_pref("CT2843456.MCDetectTooltipWidth", "295");
user_pref("CT2843456.MyStuffEnabledAtInstallation", true);
user_pref("CT2843456.RadioLastCheckTime", "0");
user_pref("CT2843456.RadioLastUpdateIPServer", "0");
user_pref("CT2843456.RadioLastUpdateServer", "0");
user_pref("CT2843456.RadioShrinked", "shrinked");
user_pref("CT2843456.SHRINK_TOOLBAR", 0);
user_pref("CT2843456.SearchBackToDefaultEngine", false);
user_pref("CT2843456.SearchBoxWidth", 150);
user_pref("CT2843456.SearchEngineBeforeUnload", "Bigpoint Games DE Customized Web Search");
user_pref("CT2843456.SearchFromAddressBarIsInit", true);
user_pref("CT2843456.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2843456&q=");
user_pref("CT2843456.SearchInNewTabEnabled", true);
user_pref("CT2843456.SearchInNewTabIntervalMM", 1440);
user_pref("CT2843456.SearchInNewTabLastCheckTime", "Thu Sep 22 2011 06:28:22 GMT+0200");
user_pref("CT2843456.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
user_pref("CT2843456.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
user_pref("CT2843456.SearchInNewTabUserEnabled", false);
user_pref("CT2843456.SearchProtectorEnabled", true);
user_pref("CT2843456.SearchProtectorToolbarDisabled", false);
user_pref("CT2843456.ServiceMapLastCheckTime", "Thu Sep 22 2011 06:28:22 GMT+0200");
user_pref("CT2843456.SettingsLastCheckTime", "Thu Sep 22 2011 06:28:21 GMT+0200");
user_pref("CT2843456.SettingsLastUpdate", "1311168832");
user_pref("CT2843456.ThirdPartyComponentsInterval", 504);
user_pref("CT2843456.ThirdPartyComponentsLastCheck", "Sat Sep 03 2011 10:30:26 GMT+0200");
user_pref("CT2843456.ThirdPartyComponentsLastUpdate", "1255348257");
user_pref("CT2843456.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2843456");
user_pref("CT2843456.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com
user_pref("CT2843456.UserID", "UN20745085325844026");
user_pref("CT2843456.ValidationData_Search", 2);
user_pref("CT2843456.ValidationData_Toolbar", 2);
user_pref("CT2843456.alertChannelId", "1235508");
user_pref("CT2843456.backendstorage.bigpoint.alertsent", "66616C7365");
user_pref("CT2843456.components.129343781516544078", true);
user_pref("CT2843456.components.129363610551587824", false);
user_pref("CT2843456.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlP
user_pref("CT2843456.globalFirstTimeInfoLastCheckTime", "Thu Sep 22 2011 06:28:22 GMT+0200");
user_pref("CT2843456.homepageProtectorEnableByLogin", true);
user_pref("CT2843456.initDone", true);
user_pref("CT2843456.isAppTrackingManagerOn", true);
user_pref("CT2843456.myStuffEnabled", true);
user_pref("CT2843456.myStuffPublihserMinWidth", 400);
user_pref("CT2843456.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
user_pref("CT2843456.myStuffServiceIntervalMM", 1440);
user_pref("CT2843456.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
user_pref("CT2843456.oldAppsList", "129343781516075326,129343781516387827,111,129343781516544078,129363610551587824,129408511414388383,1000034,1000080,1000082,1000234,1000515,
user_pref("CT2843456.searchProtectorDialogDelayInSec", 10);
user_pref("CT2843456.searchProtectorEnableByLogin", true);
user_pref("CT2843456.testingCtid", "");
user_pref("CT2843456.toolbarAppMetaDataLastCheckTime", "Thu Sep 22 2011 06:28:22 GMT+0200");
user_pref("CT2843456.toolbarContextMenuLastCheckTime", "Wed Sep 14 2011 22:40:33 GMT+0200");
user_pref("CT2843456.usageEnabled", false);
user_pref("CT2843456.usagesFlag", 2);
user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1235508/1231181/DE", "\"0\"");
user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/DE", "\"0\"");
user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2843456", "\"0\"");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=de-de", "oIwsta2spzadhjRgiY1Nhw==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=de-de", "WiZSpHJzJ/uTUKvfHHyj/w==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=de-de", "9H/gICSaMqbmx+Gd+8W4Sg==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=de-de", "eJfMrdrGnhGHiiPiYjgAww==");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"07879643d3acc1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"807dc126dd28cc1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"07b2625f8cb1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.0.12", "\"8028f138140cc1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.0.10", "\"80ee9485875dcc1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2843456", "\"634515122457000000\"");
user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"634333631231730000\"");
user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "634293235860000000");
user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=1/11/2011 5:25:10 PM", "634335443890000000");
user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=12/30/2010 4:33:06 PM", "634303635100000000");
user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=2/17/2011 12:59:49 PM", "634339976460000000");
user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=2/22/2011 6:54:06 PM", "634356118310000000");
user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/2011 11:17:11 AM", "634356118310000000");
user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2843456&octid=CT2843456", "\"1311168832\"");
user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2843456/CT2843456", "\"1311168832\"");
user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de-de", "\"634515953213470000\"");
user_pref("CommunityToolbar.EngineHiddenByUser", false);
user_pref("CommunityToolbar.EngineOwner", "");
user_pref("CommunityToolbar.EngineOwnerGuid", "{0e3dbc69-a682-48da-84e1-82c63a5d678e}");
user_pref("CommunityToolbar.EngineOwnerToolbarId", "bigpoint_games_de");
user_pref("CommunityToolbar.IsEngineShown", true);
user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Katrin\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\5vb97e43.default\\conduitCommon\\modules\\3.6.0.10");
user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.6.0.10");
user_pref("CommunityToolbar.OriginalEngineOwner", "CT2843456");
user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{0e3dbc69-a682-48da-84e1-82c63a5d678e}");
user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "bigpoint_games_de");
user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties");
user_pref("CommunityToolbar.ToolbarsList", "CT2843456");
user_pref("CommunityToolbar.ToolbarsList2", "CT2843456");
user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Wed Mar 23 2011 06:16:29 GMT+0100");
user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Wed Jun 22 2011 12:04:00 GMT+0200");
user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
user_pref("CommunityToolbar.alert.locale", "en");
user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
user_pref("CommunityToolbar.alert.loginLastCheckTime", "Tue Jun 21 2011 19:12:28 GMT+0200");
user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
user_pref("CommunityToolbar.alert.showTrayIcon", false);
user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
user_pref("CommunityToolbar.alert.userId", "3cbb9fa6-4a18-4638-bd9d-7e6c3ef712fd");
user_pref("CommunityToolbar.globalUserId", "f30029b6-2752-4038-80bb-5059f6428872");
user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
user_pref("CommunityToolbar.killedEngine", true);
user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Thu Sep 15 2011 20:14:22 GMT+0200");
user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Thu Sep 22 2011 06:28:30 GMT+0200");
user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
user_pref("CommunityToolbar.notifications.locale", "en");
user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Thu Sep 22 2011 06:28:22 GMT+0200");
user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
user_pref("CommunityToolbar.notifications.showTrayIcon", false);
user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
user_pref("CommunityToolbar.notifications.userId", "eb737dc2-db62-4c94-8e45-d9782936c2e3");
user_pref("CommunityToolbar.undefined", "");
user_pref("browser.search.defaultengine", "Ask.com");
user_pref("browser.search.defaultenginename", "Ask.com");
user_pref("browser.search.defaultthis.engineName", "Bigpoint Games DE Customized Web Search");
user_pref("browser.search.defaulturl", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.3&q=");
user_pref("browser.search.order.1", "Ask.com");
user_pref("browser.search.selectedEngine", "Ask.com");
user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.6&q=");
user_pref("extensions.engine@conduit.com.install-event-fired", true);
user_pref("extensions.toolbar@ask.com.install-event-fired", true);
Emptied folder: C:\Users\Katrin\AppData\Roaming\mozilla\firefox\profiles\5vb97e43.default\minidumps [175 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09.05.2013 at 9:28:12,95
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
AdwCleaner Code:
# AdwCleaner v2.300 - Datei am 09/05/2013 um 09:36:19 erstellt
# Aktualisiert am 28/04/2013 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits)
# Benutzer : Katrin - KATRIN-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Katrin\Downloads\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Users\Katrin\AppData\Roaming\Mozilla\Firefox\Profiles\5vb97e43.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}.xpi
Datei Gelöscht : C:\Users\Katrin\AppData\Roaming\Mozilla\Firefox\Profiles\5vb97e43.default\foxydeal.sqlite
Datei Gelöscht : C:\Users\Katrin\AppData\Roaming\Mozilla\Firefox\Profiles\5vb97e43.default\searchplugins\icqplugin.xml
Ordner Gelöscht : C:\Program Files\Ask.com
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\ICQ\ICQToolbar
Ordner Gelöscht : C:\Users\Katrin\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Users\Katrin\AppData\Roaming\Mozilla\Firefox\Profiles\5vb97e43.default\Conduit
Ordner Gelöscht : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\APN
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gelöscht : HKCU\Software\Ask.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKLM\Software\APN
Schlüssel Gelöscht : HKLM\Software\AskToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2BDF3E992C0908741B7C11F4B4E0F775
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B3BC4CF5ECE1F54BBA174C13A1AB907
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEABAA33A5E68374DBF197F2A00CD011
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB61AF52AD64B6B45930BE969F316720
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16537
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v20.0.1 (de)
Datei : C:\Users\Katrin\AppData\Roaming\Mozilla\Firefox\Profiles\5vb97e43.default\prefs.js
Gelöscht : user_pref("CT2843456.DownloadReferralCookieData", "{\"BannerName\":\"\",\"BannerTypeId\":\"\",\"Bann[...]
Gelöscht : user_pref("CT2843456.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1235508/1231181/DE", "\"0\"[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/DE", "\"0\"")[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2843456", [...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2843456",[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63433363123173[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2843456&octid=[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2843456/CT2843456[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de-de", "\"[...]
Gelöscht : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Katrin\\AppData\\Roaming\\Mozilla\\[...]
Gelöscht : user_pref("extentions.y2layers.installId", "acbf0aa5-2cfc-4f14-8d32-896e42d0616a");
Gelöscht : user_pref("icqtoolbar.allowSendURL", false);
Gelöscht : user_pref("icqtoolbar.defSearchChange", true);
Gelöscht : user_pref("icqtoolbar.displayHistory", false);
Gelöscht : user_pref("icqtoolbar.engineVerified", false);
Gelöscht : user_pref("icqtoolbar.geolastmodified", 1320783289);
Gelöscht : user_pref("icqtoolbar.hiddenElements", "itb_options itb_people itb_zoom_in itb_zoom_out itb_zoom_def[...]
Gelöscht : user_pref("icqtoolbar.hpChange", true);
Gelöscht : user_pref("icqtoolbar.icqgeo", 49);
Gelöscht : user_pref("icqtoolbar.installTime", "1320690803");
Gelöscht : user_pref("icqtoolbar.newtab_state", "1");
Gelöscht : user_pref("icqtoolbar.numberOfSearches", 0);
Gelöscht : user_pref("icqtoolbar.previousFFVersion", "8.0");
Gelöscht : user_pref("icqtoolbar.searchOnDrop", false);
Gelöscht : user_pref("icqtoolbar.showAds", false);
Gelöscht : user_pref("icqtoolbar.showVoucher", false);
Gelöscht : user_pref("icqtoolbar.shownElements", "");
Gelöscht : user_pref("icqtoolbar.skip_default_search", "no");
Gelöscht : user_pref("icqtoolbar.suggestions", false);
Gelöscht : user_pref("icqtoolbar.uniqueID", "131763459113176347111317752663127");
Gelöscht : user_pref("icqtoolbar.usageStatstTimestamp", 1320782776);
Gelöscht : user_pref("icqtoolbar.userHpApproved", true);
Gelöscht : user_pref("icqtoolbar.version", "1.3.6");
Gelöscht : user_pref("icqtoolbar.voucherHideClicks", 0);
Gelöscht : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Gelöscht : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Gelöscht : user_pref("icqtoolbar.voucherWasShown", 0);
Gelöscht : user_pref("icqtoolbar.xmlEnableHomePageDsGuard", false);
Gelöscht : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Gelöscht : user_pref("icqtoolbar.xmlLanguage", "de");
*************************
AdwCleaner[S1].txt - [12809 octets] - [09/05/2013 09:36:19]
########## EOF - C:\AdwCleaner[S1].txt - [12870 octets] ##########
OTL Code:
OTL logfile created on: 09.05.2013 09:42:56 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Katrin\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,45 Gb Available Physical Memory | 48,26% Memory free
5,99 Gb Paging File | 4,04 Gb Available in Paging File | 67,36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,56 Gb Total Space | 15,61 Gb Free Space | 16,00% Space Free | Partition Type: NTFS
Drive D: | 368,11 Gb Total Space | 163,82 Gb Free Space | 44,50% Space Free | Partition Type: NTFS
Drive E: | 5,04 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive M: | 3,69 Gb Total Space | 2,18 Gb Free Space | 59,22% Space Free | Partition Type: FAT32
Computer Name: KATRIN-PC | User Name: Katrin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Katrin\Downloads\OTL(1).exe (OldTimer Tools)
PRC - C:\Programme\Google\Update\1.3.21.145\GoogleCrashHandler.exe (Google Inc.)
PRC - D:\Spiele\Steam\Steam.exe (Valve Corporation)
PRC - C:\Programme\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Users\Katrin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Users\Katrin\AppData\Roaming\ICQM\icq.exe (ICQ)
PRC - C:\Programme\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.)
PRC - C:\Users\Katrin\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Programme\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
PRC - C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe ()
PRC - C:\Programme\Common Files\ArcSoft\esinter\Bin\eservutil.exe (ArcSoft Inc.)
PRC - C:\Programme\Datacolor\Spyder4Pro\Utility\SpyderUtility.exe ( )
PRC - C:\Programme\Autodesk\Content Service\Connect.Service.ContentService.exe (Autodesk, Inc.)
PRC - C:\Programme\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
PRC - C:\Programme\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
PRC - C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
PRC - C:\Programme\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe (Acronis)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Programme\Acer Bio Protection\BASVC.exe (Egis Technology Inc.)
PRC - C:\Programme\Acer Bio Protection\PdtWzd.exe (Egis Technology Inc.)
PRC - C:\Programme\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
PRC - C:\Programme\Acer Bio Protection\CompPtcVUI.exe (Egis Technology Inc.)
PRC - C:\Windows\System32\vfsFPService.exe (Validity Sensors, Inc.)
PRC - C:\Programme\AAVUpdateManager\aavus.exe ()
PRC - C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Windows\PLFSetI.exe ()
PRC - C:\Programme\Lexmark X1100 Series\LXBKbmgr.exe (Lexmark International, Inc.)
PRC - C:\Programme\Lexmark X1100 Series\LXBKbmon.exe (Lexmark International, Inc.)
PRC - C:\Windows\System32\lxbkcoms.exe ( )
PRC - C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Windows\System32\lxsupmon.exe (Lexmark)
========== Modules (No Company Name) ==========
MOD - D:\Spiele\Steam\bin\chromehtml.dll ()
MOD - D:\Spiele\Steam\SDL2.dll ()
MOD - D:\Spiele\Steam\bin\libcef.dll ()
MOD - C:\Users\Katrin\AppData\Roaming\ICQM\ICQ\dll\YLUSBTEL.dll ()
MOD - C:\Users\Katrin\AppData\Roaming\Dropbox\bin\libcef.dll ()
MOD - C:\Programme\Autodesk\Autodesk Sync\qca_Ad_2.dll ()
MOD - C:\Programme\Autodesk\Autodesk Sync\QJson.dll ()
MOD - C:\Programme\Autodesk\Autodesk Sync\qoauth_Ad_1.dll ()
MOD - C:\Programme\Autodesk\Autodesk Sync\QtSolutions_MFCMigrationFramework_Ad_2.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\dd20416f723ee13ffb4173ec1afc4ec4\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - D:\Spiele\Steam\bin\avcodec-53.dll ()
MOD - D:\Spiele\Steam\bin\avformat-53.dll ()
MOD - D:\Spiele\Steam\bin\avutil-51.dll ()
MOD - C:\Users\Katrin\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll ()
MOD - C:\Programme\HTC\HTC Sync 3.0\Maps\R66Api.dll ()
MOD - C:\Programme\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
MOD - C:\Programme\HTC\HTC Sync 3.0\sqlite3.7.dll ()
MOD - C:\Programme\HTC\HTC Sync 3.0\sqlite3.dll ()
MOD - C:\Programme\HTC\HTC Sync 3.0\htcDetect.dll ()
MOD - C:\Programme\HTC\HTC Sync 3.0\htcDetectLegend.dll ()
MOD - C:\Programme\HTC\HTC Sync 3.0\htcDisk.dll ()
MOD - C:\Programme\HTC\HTC Sync 3.0\OutputLog.dll ()
MOD - C:\Programme\HTC\HTC Sync 3.0\fdHttpd.dll ()
MOD - C:\Programme\Datacolor\Spyder4Pro\Utility\SpyderUtility Libs\RBScript.dll ()
MOD - C:\Programme\Datacolor\Spyder4Pro\Utility\SpyderUtility Libs\XML.dll ()
MOD - C:\Programme\Datacolor\Spyder4Pro\Utility\SpyderUtility Libs\CGamma.dll ()
MOD - C:\Programme\Datacolor\Spyder4Pro\Utility\SpyderUtility Libs\Shell.dll ()
MOD - C:\Programme\Datacolor\Spyder4Pro\Utility\SpyderUtility Libs\CSensor.dll ()
MOD - C:\Programme\Datacolor\Spyder4Pro\Utility\SpyderUtility Libs\MBSRegistrationPlugin16724.dll ()
MOD - C:\Programme\Datacolor\Spyder4Pro\Utility\SpyderUtility Libs\MBSPluginVersionPlugin16724.dll ()
MOD - C:\Programme\Datacolor\Spyder4Pro\Utility\SpyderUtility Libs\RegEx.dll ()
MOD - C:\Programme\Datacolor\Spyder4Pro\Utility\SpyderUtility Libs\Appearance Pak.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\Programme\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - C:\Windows\PLFSetI.exe ()
MOD - C:\Programme\Launch Manager\VistaVol.dll ()
MOD - C:\Programme\Launch Manager\PowerUtl.dll ()
========== Services (SafeList) ==========
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Flexera Software LLC)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Akamai) -- c:\program files\common files\akamai/netsession_win_ca0e279.dll ()
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (nvUpdatusService) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (PassThru Service) -- C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe ()
SRV - (ADExchange) -- C:\Programme\Common Files\ArcSoft\esinter\Bin\eservutil.exe (ArcSoft Inc.)
SRV - (Autodesk Content Service) -- C:\Programme\Autodesk\Content Service\Connect.Service.ContentService.exe (Autodesk, Inc.)
SRV - (afcdpsrv) -- C:\Programme\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
SRV - (Sony Ericsson PCCompanion) -- C:\Programme\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe (Avanquest Software)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (AcrSch2Svc) -- C:\Programme\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (IGBASVC) -- C:\Programme\Acer Bio Protection\BASVC.exe (Egis Technology Inc.)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (vfsFPService) -- C:\Windows\System32\vfsFPService.exe (Validity Sensors, Inc.)
SRV - (AAV UpdateService) -- C:\Programme\AAVUpdateManager\aavus.exe ()
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (Autodesk Network Licensing Service) -- C:\Programme\Common Files\Autodesk Shared\Service\AdskNetSrv.exe (Autodesk, Inc.)
SRV - (lxbk_device) -- C:\Windows\System32\lxbkcoms.exe ( )
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (PalmUSBD) -- system32\drivers\PalmUSBD.sys File not found
DRV - (EagleNT) -- C:\Windows\system32\drivers\EagleNT.sys File not found
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (afcdp) -- C:\Windows\System32\drivers\afcdp.sys (Acronis)
DRV - (tdrpman273) -- C:\Windows\System32\drivers\tdrpm273.sys (Acronis)
DRV - (timounter) -- C:\Windows\System32\drivers\timntr.sys (Acronis)
DRV - (snapman) -- C:\Windows\System32\drivers\snapman.sys (Acronis)
DRV - (Spyder4) -- C:\Windows\System32\drivers\dccmtr.sys (Datacolor)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUSB) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (ivusb) -- C:\Windows\System32\drivers\ivusb.sys (Initio Corporation)
DRV - (htcnprot) -- C:\Windows\System32\drivers\htcnprot.sys (Windows (R) Win 7 DDK provider)
DRV - (HTCAND32) -- C:\Windows\System32\drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (vpcvmm) -- C:\Windows\System32\drivers\vpcvmm.sys (Microsoft Corporation)
DRV - (vpcnfltr) -- C:\Windows\System32\drivers\vpcnfltr.sys (Microsoft Corporation)
DRV - (vpcusb) -- C:\Windows\System32\drivers\vpcusb.sys (Microsoft Corporation)
DRV - (vpcbus) -- C:\Windows\System32\drivers\vpchbus.sys (Microsoft Corporation)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (LSI Corp)
DRV - (netr73) -- C:\Windows\System32\drivers\netr73.sys (Ralink Technology, Corp.)
DRV - (netw5v32) -- C:\Windows\System32\drivers\netw5v32.sys (Intel Corporation)
DRV - (L1E) -- C:\Windows\System32\drivers\L1E62x86.sys (Atheros Communications, Inc.)
DRV - (athrusb) -- C:\Windows\System32\drivers\athrusb.sys (Atheros Communications, Inc.)
DRV - (JMCR) -- C:\Windows\System32\drivers\jmcr.sys (JMicron Technology Corp.)
DRV - (int15) -- C:\Windows\System32\drivers\int15.sys ()
DRV - (a016obex) -- C:\Windows\System32\drivers\a016obex.sys (MCCI Corporation)
DRV - (a016mdm) -- C:\Windows\System32\drivers\a016mdm.sys (MCCI Corporation)
DRV - (a016mgmt) -- C:\Windows\System32\drivers\a016mgmt.sys (MCCI Corporation)
DRV - (a016mdfl) -- C:\Windows\System32\drivers\a016mdfl.sys (MCCI Corporation)
DRV - (a016bus) -- C:\Windows\System32\drivers\a016bus.sys (MCCI Corporation)
DRV - (seehcri) -- C:\Windows\System32\drivers\seehcri.sys (Sony Ericsson Mobile Communications)
DRV - (SaiU04E5) -- C:\Windows\System32\drivers\SaiU04E5.sys (Saitek)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1357266564-1700977391-3456179355-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1357266564-1700977391-3456179355-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-1357266564-1700977391-3456179355-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 74 1F 5F F9 10 8A CD 01 [binary data]
IE - HKU\S-1-5-21-1357266564-1700977391-3456179355-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1357266564-1700977391-3456179355-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1357266564-1700977391-3456179355-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-1357266564-1700977391-3456179355-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1357266564-1700977391-3456179355-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1357266564-1700977391-3456179355-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>
IE - HKU\S-1-5-21-1357266564-1700977391-3456179355-1003\..\SearchScopes,DefaultScope =
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledAddons: exif_viewer%40mozilla.doslash.org:2.00
FF - prefs.js..extensions.enabledAddons: %7B3d7eb24f-2740-49df-8937-200b1cc08f8a%7D:1.5.17
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: {0e3dbc69-a682-48da-84e1-82c63a5d678e}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:4.0.1
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.8: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\Katrin\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.04.12 19:35:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.04.12 19:35:23 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.04.12 19:35:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.04.12 19:35:23 | 000,000,000 | ---D | M]
[2010.08.14 21:10:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Katrin\AppData\Roaming\mozilla\Extensions
[2013.05.09 09:36:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Katrin\AppData\Roaming\mozilla\Firefox\Profiles\5vb97e43.default\extensions
[2013.04.16 22:48:17 | 000,000,000 | ---D | M] (Flashblock) -- C:\Users\Katrin\AppData\Roaming\mozilla\Firefox\Profiles\5vb97e43.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2012.08.27 22:47:59 | 000,230,013 | ---- | M] () (No name found) -- C:\Users\Katrin\AppData\Roaming\mozilla\firefox\profiles\5vb97e43.default\extensions\exif_viewer@mozilla.doslash.org.xpi
[2013.05.08 20:23:28 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Katrin\AppData\Roaming\mozilla\firefox\profiles\5vb97e43.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.04.12 19:35:21 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2013.04.12 19:35:21 | 000,000,000 | ---D | M] (Skype extension) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.04.12 19:35:28 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.10.01 21:38:40 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.31 06:27:18 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.10.01 21:38:40 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.10.01 21:38:40 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.10.01 21:38:40 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.10.01 21:38:40 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [HTC Sync Loader] C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [lxbkbmgr.exe] C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [LXSUPMON] C:\Windows\System32\LXSUPMON.EXE (Lexmark)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [SAOB Monitor] C:\Programme\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [VitaKeyPdtWzd] C:\Program Files\Acer Bio Protection\PdtWzd.exe (Egis Technology Inc.)
O4 - HKU\.DEFAULT..\Run: [Autodesk Sync] C:\Programme\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.)
O4 - HKU\S-1-5-18..\Run: [Autodesk Sync] C:\Programme\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.)
O4 - HKU\S-1-5-21-1357266564-1700977391-3456179355-1000..\Run: [Akamai NetSession Interface] C:\Users\Katrin\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-1357266564-1700977391-3456179355-1000..\Run: [Autodesk Sync] C:\Programme\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.)
O4 - HKU\S-1-5-21-1357266564-1700977391-3456179355-1000..\Run: [ICQ] C:\Users\Katrin\AppData\Roaming\ICQM\icq.exe (ICQ)
O4 - HKU\S-1-5-21-1357266564-1700977391-3456179355-1000..\Run: [PlayNC Launcher] File not found
O4 - HKU\S-1-5-21-1357266564-1700977391-3456179355-1000..\Run: [Sony Ericsson PC Companion] C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson)
O4 - HKU\S-1-5-21-1357266564-1700977391-3456179355-1000..\Run: [Steam] D:\Spiele\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1357266564-1700977391-3456179355-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Katrin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Katrin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Katrin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\S-1-5-21-1357266564-1700977391-3456179355-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O9 - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programme\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9 - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programme\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2A2A94A4-1A54-4005-8E7C-7B87CBD276CA}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3E13008B-5EF2-4B4C-AB1B-9F34FC01C7D9}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{57B92968-878E-4F92-A398-951B78A12D32}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.04.22 23:17:14 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{4ec2a10c-8602-11e1-90aa-00a0d1ae33ba}\Shell - "" = AutoRun
O33 - MountPoints2\{4ec2a10c-8602-11e1-90aa-00a0d1ae33ba}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL H:\Start.hta
O33 - MountPoints2\{85c27e4b-c710-11df-983a-00a0d1ae33ba}\Shell - "" = AutoRun
O33 - MountPoints2\{85c27e4b-c710-11df-983a-00a0d1ae33ba}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.05.09 09:41:55 | 000,000,000 | ---D | C] -- C:\Users\Katrin\Desktop\erledigt
[2013.05.09 09:26:19 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.05.09 09:25:55 | 000,000,000 | ---D | C] -- C:\JRT
[2013.04.24 20:10:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013.04.24 20:06:05 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.04.24 20:06:05 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.04.24 20:06:05 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.04.22 23:17:32 | 000,000,000 | ---D | C] -- C:\ProgramData\FARO
[2013.04.22 22:51:09 | 000,000,000 | ---D | C] -- C:\Users\Katrin\Documents\Autodesk
[2013.04.22 22:47:48 | 000,000,000 | ---D | C] -- C:\Users\Katrin\Documents\Inventor Server SDK ACA 2014
[2013.04.22 21:09:56 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Autodesk
[2013.04.12 19:35:20 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.04.11 20:05:52 | 000,000,000 | R--D | C] -- C:\Users\Katrin\Dropbox
[2013.04.11 20:04:07 | 000,000,000 | ---D | C] -- C:\Users\Katrin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2013.04.11 20:01:04 | 000,000,000 | ---D | C] -- C:\Users\Katrin\AppData\Roaming\Dropbox
[2013.04.10 23:03:01 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.04.10 23:03:00 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.04.10 23:03:00 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013.04.10 23:03:00 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.04.10 23:02:59 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.04.10 23:02:59 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.04.10 23:02:59 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013.04.10 23:02:59 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013.04.10 23:02:59 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013.04.10 23:02:59 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013.04.10 20:53:13 | 002,347,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.04.10 20:53:07 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013.04.10 20:53:06 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013.04.10 20:53:03 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2013.04.10 20:52:58 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2013.04.10 20:52:57 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2013.04.09 22:42:19 | 000,000,000 | ---D | C] -- C:\Users\Katrin\4.0
[2013.04.09 22:42:18 | 000,000,000 | ---D | C] -- C:\Users\Katrin\.tfo4
========== Files - Modified Within 30 Days ==========
[2013.05.09 09:45:47 | 000,013,248 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.05.09 09:45:47 | 000,013,248 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.09 09:38:35 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.05.09 09:37:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.05.09 09:37:50 | 2413,531,136 | -HS- | M] () -- C:\hiberfil.sys
[2013.05.08 22:58:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.05.08 22:38:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.05.08 06:51:50 | 000,034,641 | ---- | M] () -- C:\Users\Katrin\Desktop\server.jpg
[2013.05.07 23:39:31 | 000,000,176 | ---- | M] () -- C:\Users\Katrin\defogger_reenable
[2013.05.05 10:48:27 | 000,698,992 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.05.05 10:48:27 | 000,652,934 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.05.05 10:48:27 | 000,149,016 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.05.05 10:48:27 | 000,121,866 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.05.02 02:06:08 | 000,238,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2013.04.26 19:18:14 | 000,016,088 | ---- | M] () -- C:\Users\Katrin\Desktop\Hochzeitskosten.ods
[2013.04.23 06:24:48 | 000,380,976 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.04.22 23:17:22 | 000,001,752 | ---- | M] () -- C:\Users\Public\Desktop\Autodesk ReCap.lnk
[2013.04.22 23:04:54 | 000,002,003 | ---- | M] () -- C:\Users\Public\Desktop\Autodesk 360.lnk
[2013.04.22 22:52:09 | 000,002,013 | ---- | M] () -- C:\Users\Public\Desktop\AutoCAD Architecture 2014 (D A CH) - Deutsch (German).lnk
[2013.04.18 06:52:39 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.04.18 06:52:39 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.04.14 19:07:20 | 000,107,125 | ---- | M] () -- C:\Users\Katrin\Desktop\tische.jpg
[2013.04.13 11:19:28 | 000,010,060 | ---- | M] () -- C:\Users\Katrin\Desktop\tage.odt
[2013.04.11 20:05:52 | 000,001,041 | ---- | M] () -- C:\Users\Katrin\Desktop\Dropbox.lnk
[2013.04.11 20:04:26 | 000,001,051 | ---- | M] () -- C:\Users\Katrin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
========== Files Created - No Company Name ==========
[2013.05.08 06:51:50 | 000,034,641 | ---- | C] () -- C:\Users\Katrin\Desktop\server.jpg
[2013.05.07 23:39:09 | 000,000,176 | ---- | C] () -- C:\Users\Katrin\defogger_reenable
[2013.04.22 23:17:22 | 000,001,752 | ---- | C] () -- C:\Users\Public\Desktop\Autodesk ReCap.lnk
[2013.04.22 23:04:54 | 000,002,003 | ---- | C] () -- C:\Users\Public\Desktop\Autodesk 360.lnk
[2013.04.22 22:52:09 | 000,002,013 | ---- | C] () -- C:\Users\Public\Desktop\AutoCAD Architecture 2014 (D A CH) - Deutsch (German).lnk
[2013.04.14 19:07:20 | 000,107,125 | ---- | C] () -- C:\Users\Katrin\Desktop\tische.jpg
[2013.04.11 20:05:52 | 000,001,041 | ---- | C] () -- C:\Users\Katrin\Desktop\Dropbox.lnk
[2013.04.11 20:04:26 | 000,001,051 | ---- | C] () -- C:\Users\Katrin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013.03.09 16:52:54 | 000,000,846 | ---- | C] () -- C:\Users\Katrin\.recently-used.xbel
[2012.06.24 21:40:52 | 000,000,147 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011.11.22 07:51:31 | 000,000,000 | ---- | C] () -- C:\Windows\QuickInstall.INI
[2011.09.20 19:50:02 | 000,000,001 | ---- | C] () -- C:\Windows\System32\SI.bin
[2011.08.02 13:51:10 | 000,004,767 | ---- | C] () -- C:\Windows\Irremote.ini
[2011.07.06 16:15:25 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011.06.30 11:58:27 | 000,007,601 | ---- | C] () -- C:\Users\Katrin\AppData\Local\Resmon.ResmonCfg
[2011.05.29 17:00:59 | 000,000,093 | ---- | C] () -- C:\Windows\Lexstat.ini
[2011.05.29 17:00:08 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxbkinpa.dll
[2011.05.29 17:00:08 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXBKhcp.dll
[2011.05.29 17:00:08 | 000,274,432 | ---- | C] () -- C:\Windows\System32\LXBKinst.dll
[2011.05.29 17:00:07 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxbkserv.dll
[2011.05.29 17:00:07 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\lxbkusb1.dll
[2011.05.29 17:00:07 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxbkhbn3.dll
[2011.05.29 17:00:07 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxbkcomc.dll
[2011.05.29 17:00:07 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxbkpmui.dll
[2011.05.29 17:00:07 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxbklmpm.dll
[2011.05.29 17:00:07 | 000,537,256 | ---- | C] ( ) -- C:\Windows\System32\lxbkcoms.exe
[2011.05.29 17:00:07 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxbkcomm.dll
[2011.05.29 17:00:07 | 000,413,696 | ---- | C] () -- C:\Windows\System32\lxbkutil.dll
[2011.05.29 17:00:07 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxbkiesc.dll
[2011.05.29 17:00:07 | 000,385,704 | ---- | C] ( ) -- C:\Windows\System32\lxbkih.exe
[2011.05.29 17:00:07 | 000,381,608 | ---- | C] ( ) -- C:\Windows\System32\lxbkcfg.exe
[2011.05.29 17:00:07 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxbkprox.dll
[2011.05.29 17:00:07 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxbkpplc.dll
[2011.05.26 06:36:54 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2010.10.04 09:16:33 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
========== ZeroAccess Check ==========
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report >
OTL Extras Code:
OTL Extras logfile created on: 09.05.2013 09:42:56 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Katrin\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,45 Gb Available Physical Memory | 48,26% Memory free
5,99 Gb Paging File | 4,04 Gb Available in Paging File | 67,36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,56 Gb Total Space | 15,61 Gb Free Space | 16,00% Space Free | Partition Type: NTFS
Drive D: | 368,11 Gb Total Space | 163,82 Gb Free Space | 44,50% Space Free | Partition Type: NTFS
Drive E: | 5,04 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive M: | 3,69 Gb Total Space | 2,18 Gb Free Space | 59,22% Space Free | Partition Type: FAT32
Computer Name: KATRIN-PC | User Name: Katrin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1357266564-1700977391-3456179355-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 1
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\fotobuch.de\Designer 2.0\Designer.exe" = C:\Program Files\fotobuch.de\Designer 2.0\Designer.exe:*:Designer.exe
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02E00A9B-1289-4294-A51D-8DA7DD9F0738}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{03BED015-43DD-4414-A85A-79F587E8FE3E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{0CE3E836-A4E6-4550-AFB7-AD5D636F8E3B}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{175C9648-D8DC-4D7B-B23B-74DE1847E1CC}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{1F900EC1-023D-4988-80E9-3E13EC305908}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{22CD67FC-BA93-4DFA-BD9A-0988AFEAE2DD}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{24E4612D-390C-4424-8B06-C6F3DE5CE048}" = lport=137 | protocol=17 | dir=in | app=system |
"{378FB7FC-7377-44AE-BDF3-014319C9441C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3A2740A8-03ED-4D68-B12C-2ABCD3EF8D8E}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{519E5E49-DC51-452D-B63D-AEAB86136C56}" = rport=137 | protocol=17 | dir=out | app=system |
"{557E45E6-D0FC-46F0-BAD8-D76C24A13B06}" = lport=138 | protocol=17 | dir=in | app=system |
"{55858CC0-7EB2-4FF4-BE2A-FB213883D150}" = lport=50248 | protocol=6 | dir=in | name=autodesk content service |
"{66B35406-4B92-4766-8ABB-537943DF59F1}" = lport=445 | protocol=6 | dir=in | app=system |
"{6A4901C7-054A-43BC-8DF0-62E818052145}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{6BF2DA56-96D5-4AC0-BBE8-66641A929D58}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{739E4F0C-BD32-4908-994D-B204C7CEACDF}" = rport=138 | protocol=17 | dir=out | app=system |
"{74C2E770-65C8-46F8-9E24-BCBA9F063710}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7736324C-FB7B-4CD7-AE27-FFB4F19981BB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{8D53A542-4B69-4BCE-B245-16A066B5BF46}" = rport=139 | protocol=6 | dir=out | app=system |
"{8FFC5082-A8EE-43BC-A96B-CD8F97449A16}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9C1EC5B9-C41D-4E37-9BBD-39695EDE673A}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{AA19A9E8-E530-426B-8E72-2FF2B586C4EB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AF3F719C-AA7D-4585-9C05-3CA5E6020175}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B3581DC0-1959-4912-BDC3-14490B982EF7}" = lport=10243 | protocol=6 | dir=in | app=system |
"{B7CA2F52-A477-4160-936C-A2B442DD03A8}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{CDEE3E52-5FC3-46FE-8D36-BB675F9B3E44}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{D831D829-DC5E-4910-8219-3ABF62CEEC66}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D8CB75BA-5AB7-41D8-A897-E9D75AF1FA03}" = rport=445 | protocol=6 | dir=out | app=system |
"{D951C576-C206-4BB5-AEBF-723962BAF856}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{E1B69C71-5E7B-4D0C-880C-E17E58679F36}" = rport=10243 | protocol=6 | dir=out | app=system |
"{E206D8EC-C59F-4C46-A396-39B8D139E6D9}" = lport=139 | protocol=6 | dir=in | app=system |
"{E7A22F05-0493-4E05-AEC4-2C6970C654EF}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E84EC82B-D15F-4BF5-B81B-72389115ECAD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F0B8B03A-9077-4B71-AA2E-4A0234748C4F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FF8B754E-E9C8-41FB-8B29-5E85B376093F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FFF5A7D7-27A7-4C61-A94F-FB3024C1B260}" = lport=2869 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03CC00C4-0695-4BD9-B366-DEB339A45B9A}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\magic the gathering dotp 2012\magic_2012.exe |
"{043A0CFB-7DBF-4BCC-A048-A55F8E70DA52}" = protocol=6 | dir=in | app=c:\program files\icq7.6\icq.exe |
"{0C60D25C-1E33-4D9D-B509-FF0A288C8363}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{0E81B6F2-3B87-4E57-BEAA-A72396083F39}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\torchlight\torchlight.exe |
"{0FC671FD-C4BE-4389-8ABD-6960A8A33AFC}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{1C5DE5B6-BDC6-4455-B4B7-861F26463676}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{1C815748-877C-439B-B112-9DD2B7DEEEA9}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{1E25A0FA-1A99-4FB6-927D-51B3B9D531D4}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{249A030D-97DE-471F-9DCA-D8395C94D6B5}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{27E6E10E-D3BA-4F47-ACC2-469E09F2030C}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{285FF534-B35D-4AB9-A257-CB2E1E4F8099}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"{2BEEA9CC-E52A-4C72-BA8B-A6B02029CC75}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe |
"{2E26F134-AD08-4E0F-A7C4-7CB0E0535B62}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3B7DACD8-4FA5-4208-9289-E79E28BB755B}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\torchlight ii\torchlight2.exe |
"{3DD03E5F-5604-4167-8DFD-C632488575B2}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\dawn of war ii - retribution\dow2.exe |
"{45177F7B-7B3A-4902-B157-013B6CF7A0D5}" = protocol=17 | dir=in | app=c:\users\katrin\appdata\local\akamai\netsession_win.exe |
"{47D7738C-FDBD-400F-B377-8C531ED9C3EF}" = protocol=17 | dir=in | app=d:\spiele\heroes6\might & magic heroes vi.exe |
"{48DA3FFB-2637-49FB-8B4A-501DF8A790FC}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"{4C547133-7DD5-404B-AD8B-754CC4FFD4AB}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{4CC946FC-62F3-4C3D-92A7-7CE0B4EC0486}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4D066940-8AFE-4080-9C98-FA6F81FA7E4D}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\dawn of war ii - retribution\dow2.exe |
"{51592529-E52C-419B-A43E-26BDD39E4764}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe |
"{563201D2-F6FF-4F41-9FB2-26364DDF2E7E}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe |
"{5B7F4C50-7FAB-450A-A6EC-A228A653A74E}" = protocol=6 | dir=in | app=c:\users\katrin\appdata\local\akamai\netsession_win.exe |
"{5E7EF097-2051-4394-9C8B-779132E46AE6}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5E99D301-90D0-4DFC-AE64-460C6B63153A}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"{5FD413E2-729D-44EA-BBB3-B5E93BFCFBF7}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{60174EA9-F25A-4FFE-B8A1-C0489A5776B8}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{6087FC8C-CD1A-4E4D-8D80-0CBB4147C462}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"{65FA9DFD-2BB2-46C2-BA23-D3993E02B974}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{6F33BBC3-AB20-47A7-9149-441A24073DEF}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxbkpswx.exe |
"{744C311E-7989-4A9D-8042-8191962C0BCC}" = protocol=6 | dir=in | app=c:\windows\system32\lxbkcoms.exe |
"{7CF86EAF-04BD-4FAD-B99E-52E7C6E667BB}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\torchlight\torchlight.exe |
"{7D876350-9824-4312-9C43-9D86A0B6F71A}" = protocol=6 | dir=in | app=c:\program files\diablo iii\diablo iii.exe |
"{7F29FA09-4BA3-446A-9F8C-5373BF07DB0C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{821F660A-00E4-4D54-A6C0-8F1BDECBA96D}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{87249A82-DB5B-41A6-8583-AE9D2656D1DD}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{8C157D4D-41A8-4E34-9FAE-8F79662FC33A}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{8C983312-72FA-4517-A4E0-2709F737CA78}" = protocol=6 | dir=in | app=d:\spiele\two worlds ii\twoworlds2.exe |
"{8F7CFBDD-86BA-4B48-A241-258986E6000B}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{9058FA69-5F1D-4E69-8941-41DEB661E89A}" = protocol=6 | dir=in | app=d:\spiele\warhammer\chaos\warhammer.exe |
"{95EF8F80-ADF8-48A6-AE77-A1569E7DD041}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{97074050-088C-4702-A474-23ACD5B2E745}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{9997F82A-1B9E-4606-BD54-AFF4A28F245E}" = protocol=6 | dir=out | app=system |
"{A584E55C-E337-4C98-9A87-E14991BF4ED4}" = protocol=17 | dir=in | app=c:\program files\icq7.6\icq.exe |
"{A62F5C5D-E937-49FE-BC35-0F8CCE1F950F}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\dawn of war ii - retribution\dow2.exe |
"{A6C50C83-6ED7-46EA-8678-B79EEAC63882}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\dawn of war ii - retribution\dow2.exe |
"{A8571DEA-326C-4F7E-BF5F-F06E4CA2D674}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{A9ECFCE0-FE8C-4DE5-B1FC-A497505EEBBC}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{ABE86152-E27E-4A19-B2B4-922334C9F7D7}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{ADD84C17-120D-41D3-A366-787260E6760E}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{B0800081-FAB1-4030-8E65-7CF130AF049B}" = protocol=6 | dir=in | app=d:\spiele\heroes6\might & magic heroes vi.exe |
"{BDC153BB-F355-47BA-9ED7-163A2269E5AF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{BF787F58-A803-43DA-A4E6-ED168BF513BA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BFE33FBA-4183-4E14-BD27-3DD6669EAB95}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C154981F-519B-4341-B590-DE0DA72B99AF}" = protocol=6 | dir=in | app=c:\program files\ubisoft\might & magic heroes vi - game official demo\might & magic heroes vi.exe |
"{C4F20991-274D-4A35-A202-E3FA54B95480}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxbkpswx.exe |
"{C5910CAD-0FBB-45D3-AF5B-7465D9CD728A}" = protocol=17 | dir=in | app=c:\program files\diablo iii\diablo iii.exe |
"{C8F72A0B-43AD-43B9-AC8A-EB77C24E8DEE}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C9265749-CBBC-43AE-B9E3-DA972C5E821D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CEBAA838-4A82-4CFB-8100-52ADBF0B867C}" = protocol=17 | dir=in | app=c:\windows\system32\lxbkcoms.exe |
"{D0873920-207B-4108-8B3D-73BED91285C8}" = protocol=6 | dir=in | app=c:\users\katrin\appdata\roaming\icqm\icq.exe |
"{D0CE0C17-BC20-4A78-82B8-B1BB3BC06EA7}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{D1D16721-A9D9-4960-933B-76F6AA34E5BF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D48263B1-8537-4F2A-B99C-F298936026E6}" = protocol=17 | dir=in | app=d:\spiele\steam\steam.exe |
"{DA598059-F597-4FE5-AD6E-77130C39EFE5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DAC336DE-9AE6-4901-B623-459A4E44A360}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{DBB97C59-88A3-4292-A4A8-41DEE797469F}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\torchlight ii\torchlight2.exe |
"{DCE5208F-3086-4987-9687-B639FD11F903}" = protocol=17 | dir=in | app=c:\program files\ubisoft\might & magic heroes vi - game official demo\might & magic heroes vi.exe |
"{DDBC5293-B594-415E-BD26-8251AF1EDC96}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DF4C0356-2AF2-4EB1-99D4-132BA60BE358}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E2E45E86-B4A4-4866-B5D8-D29D6EFF2496}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\magic the gathering dotp 2012\magic_2012.exe |
"{E9F7449F-995F-4999-9185-CE42533362AA}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe |
"{EBB8D226-E8D7-4CD4-BB0D-8C1DAD36FE15}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EFF59531-BBE3-4520-94E5-D12FF5D46419}" = protocol=6 | dir=in | app=d:\spiele\steam\steam.exe |
"{F343FCB9-940B-462F-BB62-6CE73EE96FA5}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{F76D7F92-5815-4ACF-AC5A-DFF7CDFAC688}" = protocol=17 | dir=in | app=d:\spiele\warhammer\chaos\warhammer.exe |
"{F8FDBF08-0318-498D-974B-83F0E5AF408A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{F91D7A35-5F21-485C-B6BB-C8D39B8877D6}" = protocol=17 | dir=in | app=c:\users\katrin\appdata\roaming\icqm\icq.exe |
"{F92C7967-11E9-4D3E-8213-174C1F1BC150}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{F9F93BBA-B6DB-4D6F-9B22-61BEAD942F6B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{FD363874-8487-4D65-AA58-E47CD7A35C94}" = protocol=17 | dir=in | app=d:\spiele\two worlds ii\twoworlds2.exe |
"{FE70799B-13D2-47B4-9A24-E267099DD8C5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{FEB62EF0-88DB-4DEF-876E-F7595BF7FB36}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"TCP Query User{A28E8CB8-360E-4664-96EC-F7312011B228}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
"TCP Query User{D748F74A-BEF8-4432-8619-ACC18FBE4876}C:\program files\icq7.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"TCP Query User{FDDCFDF3-5A5A-4537-9EE9-7CC6824A713F}C:\program files\palmone\hotsync.exe" = protocol=6 | dir=in | app=c:\program files\palmone\hotsync.exe |
"UDP Query User{05FC1350-375F-434F-946D-0A6FAF0F09EE}C:\program files\palmone\hotsync.exe" = protocol=17 | dir=in | app=c:\program files\palmone\hotsync.exe |
"UDP Query User{5027B8D8-85A4-4496-8FF6-0EE9B4B3360B}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
"UDP Query User{C0823F5D-EC11-4730-9DFE-FB5BC2065DD5}C:\program files\icq7.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}" = Acronis*True*Image*Home 2011
"{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}" = Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729
"{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help
"{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool
"{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}" = Autodesk Material Library 2013
"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
"{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights
"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Windows XP Mode
"{14866AAD-1F23-39AC-A62B-7091ED1ADE64}" = Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729
"{166FCF01-AC98-4288-A01C-90BEB808C059}" = Sony RAW Driver
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM
"{1CC7263A-9A5E-4EFB-9BB8-67642D10FA7C}" = Steuer-Sparer 2012
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20071984-5EB1-4881-8EDB-082532ACEC6D}" = Heroes of Might and Magic V
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart
"{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{31ABA3F2-0000-1033-0002-111D43815377}" = Autodesk ReCap
"{31ABA3F2-0010-1033-0002-111D43815377}" = Autodesk ReCap Language Pack-English
"{359FCAA7-B544-4147-AE3B-8C8A526E2427}" = Sony Image Data Suite
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AF99FCA-1D0C-4D5A-9BFE-0D4376A52B23}" = Autodesk Revit Architecture 2011
"{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}" = Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729
"{4C642BF2-C083-4C00-B832-48BA1CBB08D8}" = SONIC MEGA COLLECTION PLUS
"{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter
"{51BF3210-B825-4092-8E0D-66D689916E02}" = Autodesk Material Library Base Resolution Image Library 2014
"{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}" = Autodesk 360
"{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap
"{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5783F2D7-D004-0000-0002-0060B0CE6BBA}" = AutoCAD Architecture 2014 - Deutsch (German)
"{5783F2D7-D004-0407-1002-0060B0CE6BBA}" = AutoCAD Architecture 2014 Language Pack - Deutsch
"{5783F2D7-D004-0407-2002-0060B0CE6BBA}" = AutoCAD Architecture 2014 - Deutsch (German)
"{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help
"{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision
"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help
"{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help
"{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher
"{606E12B9-641F-4644-A22A-FF38AE980AFD}" = Autodesk Material Library Base Resolution Image Library 2013
"{62F029AB-85F2-0000-866A-9FC0DD99DDBC}" = Autodesk Content Service
"{62F029AB-85F2-0001-866A-9FC0DD99DDBC}" = Autodesk Content Service Language Pack
"{644E9589-F73A-49A4-AC61-A953B9DE5669}" = SketchUp Import for AutoCAD 2014
"{644F9B19-A462-499C-BF4D-300ABC2A28B1}" = Autodesk Material Library 2014
"{66FF4C48-0083-4E60-8556-B883AB200091}" = Heroes of Might & Magic V: Hammers of Fate
"{66FF4C48-0083-4E60-8556-B883AB200092}" = Heroes of Might and Magic V - Tribes of the East
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{745D37C2-26F4-4B65-BA13-F9840EBFA75B}" = Might & Magic Heroes VI
"{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed
"{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed
"{76DAEC83-AF7B-333C-8A53-83D7C7D39199}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{81bb308b-5686-4d22-a770-ff0cb5e9ab69}" = Nero 9
"{82C1E6E4-6718-4EFD-9DCC-E276D690EF46}" = Autodesk Inventor Fusion Plugin for AutoCAD 2013
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A7D0970-C0A4-4B56-94D4-E3A175AB45BB}" = ArcSoft Panorama Maker 6
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime
"{8D20B4D7-3422-4099-9332-39F27E617A6F}" = Autodesk Design Review 2011
"{8E87B944-4815-3C5E-947F-5035C9F64362}" = Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU
"{8F196892-666A-4A40-8587-6AE38F78A5C2}" = FARO LS 1.1.501.0
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile-Gerätecenter
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon 3
"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express
"{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime
"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58
"{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer
"{975951E7-14D0-49AF-A630-89680D12D7F6}" = Autodesk Material Library 2011 Medium Image library
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}" = Autodesk Material Library 2011
"{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center
"{A024B9E5-7702-4556-A7BF-A04BFF2DE5D8}" = Might & Magic Heroes VI - Game Official Demo
"{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam 3.0.6.3
"{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool
"{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed
"{AB77DFDE-9949-4AEF-B180-BE322C3E65D0}" = HTC Sync
"{ABC91C39-266D-4042-828E-4386E0F25218}" = Warhammer® Mark of Chaos™ - Battle March™ GOLD
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}" = AAVUpdateManager
"{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 310.70
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 310.70
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}" = Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help
"{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit
"{C070121A-C8C5-4D52-9A7D-D240631BD433}" = Autodesk App Manager
"{C66BF9FD-D367-4E13-8EB8-385FFEA20DB3}" = Oblivion
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit
"{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent
"{CD1E078C-A6B9-47DA-B035-6365C85C7832}" = Autodesk Material Library 2011 Base Image library
"{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help
"{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}" = OpenOffice.org 3.2
"{E09664BB-BB08-45FA-87D1-33EAB0E017F5}" = Fingerprint Solution
"{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget
"{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help
"{EA926717-CE5A-4CB4-AB21-9E6E9565A458}" = RCT3 Soaked
"{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 2.02.002
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision
"{F65B8208-5221-43D9-AA12-DDEA64EC4AF6}" = Validity Sensors software
"{F732FEDA-7713-4428-934B-EF83B8DD65D0}" = Autodesk Featured Apps
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FA6F726E-AA8D-492A-B18A-A5945C337FCE}" = Adobe Photoshop Lightroom 4.4
"{FE2F4875-095C-427C-9A97-4F8DE05ACF22}" = Autodesk Inventor Fusion Plugin Language Pack for AutoCAD 2013
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFF5619F-2013-0032-A85E-9994F70A9E5D}" = Autodesk Inventor Fusion 2013
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Akamai" = Akamai NetSession Interface Service
"AutoCAD Architecture 2014 - Deutsch (German)" = Autodesk AutoCAD Architecture 2014 - Deutsch (German)
"Autodesk Content Service" = Autodesk Content Service
"Autodesk Design Review 2011" = Autodesk Design Review 2011
"Autodesk Inventor Fusion 2013" = Autodesk Inventor Fusion 2013
"Autodesk Inventor Fusion Plugin for AutoCAD 2013" = Autodesk Inventor Fusion plug-in for AutoCAD 2013
"Autodesk ReCap" = Autodesk ReCap
"Autodesk Revit Architecture 2011" = Autodesk Revit Architecture 2011
"Avira AntiVir Desktop" = Avira Free Antivirus
"DAEMON Tools Lite" = DAEMON Tools Lite
"Diablo III" = Diablo III
"Heroes of Might and Magic II Gold" = Heroes(TM) II Gold
"InstallShield_{E09664BB-BB08-45FA-87D1-33EAB0E017F5}" = Acer Bio Protection
"Lexmark X1100 Series" = Lexmark X1100 Series
"LManager" = Launch Manager
"MFO_is1" = MFO 1.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PhotomatixPro4.0x32_is1" = Photomatix Pro version 4.0.2
"PhotoScape" = PhotoScape
"Spyder4Pro" = Spyder4Pro
"Steam App 200710" = Torchlight II
"Steam App 201060" = DUNGEONS - The Dark Lord (Steam Special Edition) Demo
"Steam App 203970" = Kingdoms of Amalur: Reckoning Demo
"Steam App 41500" = Torchlight
"Steam App 49470" = Magic: The Gathering — Duels of the Planeswalkers 2012
"Steam App 56400" = Warhammer® 40,000®: Dawn of War® II – Retribution™
"Steam App 72850" = The Elder Scrolls V: Skyrim
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Two Worlds II" = Two Worlds II
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 1.1.8
"WinGimp-2.0_is1" = GIMP 2.6.12
"WinRAR archiver" = WinRAR
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1357266564-1700977391-3456179355-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Dropbox" = Dropbox
"ICQ" = ICQ 8.0 (build 6007, für aktuellen Benutzer)
"NCsoft-AionEU" = Aion
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8
< End of report >
|
Lesestoff:
AdwCleaner auf deinen Desktop.
Textbox. 