Anbei die weiteren Logfiles: Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.2.2 (07.22.2013:2)
OS: Windows 8 Pro with Media Center x64
Ran by J”rg on 23.07.2013 at 19:01:08,88
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{c26644c4-2a12-4ca6-8f2e-0ede6cf018f3}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babsolution
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\datamngr
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\datamngr
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\datamngr_toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\delta ltd
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminstaller
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\datamngr
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\blekko toolbars"
Successfully deleted: [Folder] "C:\Users\J”rg\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\J”rg\appdata\locallow\adawaretb"
Successfully deleted: [Folder] "C:\Program Files (x86)\adawaretb"
~~~ FireFox
Successfully deleted: [File] C:\Users\J”rg\AppData\Roaming\mozilla\firefox\profiles\i3zbyxt5.default\user.js
Successfully deleted: [File] C:\Users\J”rg\AppData\Roaming\mozilla\firefox\profiles\i3zbyxt5.default\invalidprefs.js
Successfully deleted: [File] C:\Users\J”rg\AppData\Roaming\mozilla\firefox\profiles\i3zbyxt5.default\searchplugins\babylon.xml
Successfully deleted: [File] C:\Users\J”rg\AppData\Roaming\mozilla\firefox\profiles\i3zbyxt5.default\searchplugins\delta.xml
Successfully deleted the following from C:\Users\J”rg\AppData\Roaming\mozilla\firefox\profiles\i3zbyxt5.default\prefs.js
user_pref("extensions.delta.admin", false);
user_pref("extensions.delta.aflt", "babsst");
user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
user_pref("extensions.delta.autoRvrt", "false");
user_pref("extensions.delta.dfltLng", "de");
user_pref("extensions.delta.excTlbr", false);
user_pref("extensions.delta.ffxUnstlRst", true);
user_pref("extensions.delta.id", "08ccd81d0000000000000019db4de425");
user_pref("extensions.delta.instlDay", "15884");
user_pref("extensions.delta.instlRef", "sst");
user_pref("extensions.delta.newTab", false);
user_pref("extensions.delta.prdct", "delta");
user_pref("extensions.delta.prtnrId", "delta");
user_pref("extensions.delta.rvrt", "false");
user_pref("extensions.delta.smplGrp", "none");
user_pref("extensions.delta.tlbrId", "base");
user_pref("extensions.delta.tlbrSrchUrl", "");
user_pref("extensions.delta.vrsn", "1.8.21.5");
user_pref("extensions.delta.vrsnTs", "1.8.21.51:45:01");
user_pref("extensions.delta.vrsni", "1.8.21.5");
user_pref("extensions.delta_i.babExt", "");
user_pref("extensions.delta_i.babTrack", "affID=121562&tt=250613_gr3&tsp=4927");
user_pref("extensions.delta_i.srcExt", "ss");
Emptied folder: C:\Users\J”rg\AppData\Roaming\mozilla\firefox\profiles\i3zbyxt5.default\minidumps [153 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 23.07.2013 at 19:06:16,60
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Code:
# AdwCleaner v2.306 - Datei am 23/07/2013 um 19:10:05 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows 8 Pro with Media Center (64 bits)
# Benutzer : Jörg - HAUPTRECHNER
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Jörg\Desktop\adwcleaner(1).exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKLM\Software\adawaretb
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\5be8d8ae034ed15
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16537
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v22.0 (de)
Datei : C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\i3zbyxt5.default\prefs.js
[OK] Die Datei ist sauber.
-\\ Google Chrome v28.0.1500.72
Datei : C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
-\\ Opera v12.16.1860.0
Datei : C:\Users\Jörg\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R2].txt - [1436 octets] - [23/07/2013 19:09:19]
AdwCleaner[S1].txt - [5128 octets] - [30/05/2013 19:58:39]
AdwCleaner[S2].txt - [1369 octets] - [23/07/2013 19:10:05]
########## EOF - C:\AdwCleaner[S2].txt - [1429 octets] ########## Code:
OTL logfile created on: 23.07.2013 19:21:57 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jörg\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
6,00 Gb Total Physical Memory | 4,68 Gb Available Physical Memory | 78,01% Memory free
6,94 Gb Paging File | 5,51 Gb Available in Paging File | 79,49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 96,08 Gb Total Space | 28,04 Gb Free Space | 29,19% Space Free | Partition Type: NTFS
Drive D: | 31,07 Gb Total Space | 3,29 Gb Free Space | 10,59% Space Free | Partition Type: NTFS
Drive E: | 10,10 Gb Total Space | 10,01 Gb Free Space | 99,10% Space Free | Partition Type: NTFS
Drive F: | 95,93 Gb Total Space | 72,36 Gb Free Space | 75,43% Space Free | Partition Type: NTFS
Drive G: | 9,77 Gb Total Space | 1,88 Gb Free Space | 19,30% Space Free | Partition Type: NTFS
Drive H: | 95,97 Gb Total Space | 36,45 Gb Free Space | 37,98% Space Free | Partition Type: NTFS
Drive I: | 30,73 Gb Total Space | 4,67 Gb Free Space | 15,20% Space Free | Partition Type: NTFS
Drive M: | 96,12 Gb Total Space | 8,57 Gb Free Space | 8,92% Space Free | Partition Type: NTFS
Computer Name: HAUPTRECHNER | User Name: Jörg | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Jörg\Desktop\OTL(1).exe (OldTimer Tools)
PRC - C:\Users\Jörg\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - F:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
PRC - C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.)
PRC - C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.)
PRC - C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Panasonic\MFStation\PCCMFSDM.exe (Panasonic System Networks Co., Ltd. )
PRC - C:\PROGRA~2\PANASO~1\LocalCom\lmsrvnt.exe (Panasonic System Networks Co., Ltd.)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (AtherosSvc) -- C:\Windows\SysNative\AdminService.exe (Atheros Commnucations)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (VMnetDHCP) -- C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.)
SRV - (VMware NAT Service) -- C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.)
SRV - (VMAuthdService) -- C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc.)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (VMUSBArbService) -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe (VMware, Inc.)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (Te.Service) -- C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe (Microsoft Corporation)
SRV - (fussvc) -- C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe (Microsoft Corporation)
SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (Panasonic Local Printer Service) -- C:\PROGRA~2\PANASO~1\LocalCom\lmsrvnt.exe (Panasonic System Networks Co., Ltd.)
SRV - (SandraAgentSrv) -- f:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP2\RpcAgentSrv.exe (SiSoftware)
========== Driver Services (SafeList) ==========
DRV:64bit: - (gfibto) -- C:\Windows\SysNative\Drivers\gfibto.sys (GFI Software)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (gfiark) -- C:\Windows\SysNative\Drivers\gfiark.sys (ThreatTrack Security)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (Ser2pl) -- C:\Windows\SysNative\Drivers\ser2pl64.sys (Prolific Technology Inc.)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (VMparport) -- C:\Windows\SysNative\Drivers\VMparport.sys (VMware, Inc.)
DRV:64bit: - (vmx86) -- C:\Windows\SysNative\Drivers\vmx86.sys (VMware, Inc.)
DRV:64bit: - (VMnetuserif) -- C:\Windows\SysNative\Drivers\vmnetuserif.sys (VMware, Inc.)
DRV:64bit: - (VMnetBridge) -- C:\Windows\SysNative\Drivers\vmnetbridge.sys (VMware, Inc.)
DRV:64bit: - (VMnetAdapter) -- C:\Windows\SysNative\Drivers\vmnetadapter.sys (VMware, Inc.)
DRV:64bit: - (vmkbd) -- C:\Windows\SysNative\Drivers\VMkbd.sys (VMware, Inc.)
DRV:64bit: - (hcw88vid) -- C:\Windows\SysNative\Drivers\hcw88vid.sys (Hauppauge Computer Works, Inc)
DRV:64bit: - (HCW88TSE) -- C:\Windows\SysNative\Drivers\hcw88tse.sys (Hauppauge Computer Works, Inc)
DRV:64bit: - (hcw88bda) -- C:\Windows\SysNative\Drivers\hcw88bda.sys (Hauppauge Computer Works, Inc)
DRV:64bit: - (HCW88XBAR) -- C:\Windows\SysNative\Drivers\hcw88bar.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (HCW88AUD) -- C:\Windows\SysNative\Drivers\hcw88aud.sys (Hauppauge Computer Works, Inc)
DRV:64bit: - (hcw88rc5) -- C:\Windows\SysNative\Drivers\hcw88rc5.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (vsock) -- C:\Windows\SysNative\Drivers\vsock.sys (VMware, Inc.)
DRV:64bit: - (vmci) -- C:\Windows\SysNative\Drivers\vmci.sys (VMware, Inc.)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (hcmon) -- C:\Windows\SysNative\Drivers\hcmon.sys (VMware, Inc.)
DRV:64bit: - (vmusb) -- C:\Windows\SysNative\Drivers\vmusb.sys (VMware, Inc.)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\Drivers\btfilter.sys (Qualcomm Atheros)
DRV:64bit: - (AthDfu) -- C:\Windows\SysNative\Drivers\AthDfu.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (Vid) -- C:\Windows\SysNative\Drivers\Vid.sys (Microsoft Corporation)
DRV:64bit: - (storvsp) -- C:\Windows\SysNative\Drivers\storvsp.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (vmbusr) -- C:\Windows\SysNative\Drivers\vmbusr.sys (Microsoft Corporation)
DRV:64bit: - (vpcivsp) -- C:\Windows\SysNative\Drivers\vpcivsp.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\Drivers\Rt630x64.sys (Realtek )
DRV - (SANDRA) -- f:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP2\WNt500x64\sandra.sys (SiSoftware)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1080299906-672912975-2251274181-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-1080299906-672912975-2251274181-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-1080299906-672912975-2251274181-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-1080299906-672912975-2251274181-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1080299906-672912975-2251274181-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-1080299906-672912975-2251274181-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 31 6E 16 66 0C 60 CA 01 [binary data]
IE - HKU\S-1-5-21-1080299906-672912975-2251274181-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1080299906-672912975-2251274181-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-1080299906-672912975-2251274181-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKU\S-1-5-21-1080299906-672912975-2251274181-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1080299906-672912975-2251274181-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
IE - HKU\S-1-5-21-1080299906-672912975-2251274181-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 84.72.71.92:80
IE - HKU\S-1-5-21-1080299906-672912975-2251274181-1004\..\SearchScopes,DefaultScope =
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7Be001c731-5e37-4538-a5cb-8168736a2360%7D:0.9.9.119
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jörg\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jörg\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\IB UPDATER\FIREFOX
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2012.10.31 01:47:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jörg\AppData\Roaming\mozilla\Extensions
[2013.07.16 00:05:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jörg\AppData\Roaming\mozilla\Firefox\Profiles\i3zbyxt5.default\extensions
[2013.07.16 00:05:27 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Users\Jörg\AppData\Roaming\mozilla\Firefox\Profiles\i3zbyxt5.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2012.11.03 14:13:29 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\Jörg\AppData\Roaming\mozilla\Firefox\Profiles\i3zbyxt5.default\extensions\de-DE@dictionaries.addons.mozilla.org
[2013.07.02 13:52:42 | 000,699,333 | ---- | M] () (No name found) -- C:\Users\Jörg\AppData\Roaming\mozilla\firefox\profiles\i3zbyxt5.default\extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi
[2013.07.13 00:38:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.07.13 00:38:17 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\USERS\JöRG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I3ZBYXT5.DEFAULT\EXTENSIONS\{E001C731-5E37-4538-A5CB-8168736A2360}
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: hxxp://paules-pc-forum.de/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\J\u00F6rg\AppData\Local\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\J\u00F6rg\AppData\Local\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\J\u00F6rg\AppData\Local\Google\Chrome\Application\28.0.1500.72\pdf.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Jrg\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
CHR - Extension: Google Drive = C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Mail = C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2012.07.26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [Panasonic Device Manager for Multi-Function Station software] C:\Program Files (x86)\Panasonic\MFStation\PCCMFSDM.exe (Panasonic System Networks Co., Ltd. )
O4 - HKLM..\Run: [Panasonic PCFAX for Multi-Function Station software] C:\Program Files (x86)\Panasonic\MFStation\KmPcFax.exe (Panasonic System Networks Co., Ltd. )
O4 - HKLM..\Run: [PDFPrint] f:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKU\S-1-5-21-1080299906-672912975-2251274181-1001..\Run: [SkyDrive] C:\Users\Jörg\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1080299906-672912975-2251274181-1001\..Trusted Domains: elsteronline.de ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-1080299906-672912975-2251274181-1001\..Trusted Domains: ms-clip.de ([]* in Local intranet)
O15 - HKU\S-1-5-21-1080299906-672912975-2251274181-1001\..Trusted Domains: ms-clip.de ([www] http in Trusted sites)
O15 - HKU\S-1-5-21-1080299906-672912975-2251274181-1001\..Trusted Domains: ms-communities.de ([]* in Local intranet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3682892E-15E3-424C-8968-033324A82FE8}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [1999.10.29 22:28:02 | 000,000,037 | ---- | M] () - M:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.07.23 19:18:59 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jörg\Desktop\OTL(1).exe
[2013.07.23 19:01:04 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.07.23 18:59:57 | 000,560,934 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Jörg\Desktop\JRT.exe
[2013.07.20 21:30:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013.07.17 19:24:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2013.07.17 00:08:38 | 002,219,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwmcore.dll
[2013.07.17 00:08:36 | 006,987,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.07.17 00:08:36 | 002,391,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2013.07.17 00:08:36 | 002,106,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2013.07.17 00:08:36 | 001,842,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dwmcore.dll
[2013.07.17 00:08:35 | 001,527,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfcore.dll
[2013.07.17 00:08:35 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samsrv.dll
[2013.07.17 00:08:34 | 001,453,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfcore.dll
[2013.07.17 00:08:34 | 001,403,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2013.07.17 00:08:34 | 001,271,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2013.07.17 00:08:31 | 001,217,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2013.07.17 00:08:31 | 001,093,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2013.07.17 00:08:31 | 000,523,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013.07.17 00:08:30 | 001,048,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfasfsrcsnk.dll
[2013.07.17 00:08:30 | 000,583,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscms.dll
[2013.07.17 00:08:30 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013.07.17 00:08:29 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfasfsrcsnk.dll
[2013.07.17 00:08:29 | 000,213,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\UCX01000.SYS
[2013.07.17 00:08:29 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samlib.dll
[2013.07.17 00:08:28 | 000,337,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBXHCI.SYS
[2013.07.17 00:08:28 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DeviceSetupManager.dll
[2013.07.17 00:08:28 | 000,194,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sdbus.sys
[2013.07.17 00:08:28 | 000,125,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpsd.sys
[2013.07.17 00:08:28 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MbaeParserTask.exe
[2013.07.17 00:08:27 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsutil.dll
[2013.07.17 00:08:27 | 000,037,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys
[2013.07.16 00:05:33 | 000,000,000 | ---D | C] -- C:\Users\Jörg\AppData\Roaming\QuickScan
[2013.07.13 00:38:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.07.12 22:19:09 | 000,160,256 | ---- | C] (Prolific Technology Inc.) -- C:\Windows\SysNative\drivers\ser2pl64.sys
[2013.07.12 22:18:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChipySuite
[2013.07.12 22:18:08 | 000,086,016 | ---- | C] (Becker & Partner GmbH) -- C:\Windows\SysWow64\ctapisbp_s.dll
[2013.07.12 22:18:08 | 000,086,016 | ---- | C] (Becker & Partner GmbH) -- C:\Windows\ctapisbp_s.dll
[2013.07.12 22:18:08 | 000,016,128 | ---- | C] (Becker & Partner) -- C:\Windows\SysWow64\drivers\chpy_ii.sys
[2013.07.12 22:18:08 | 000,009,896 | ---- | C] (Becker & Partner GmbH, Aachen, Germany) -- C:\Windows\SysWow64\drivers\chipyubp.sys
[2013.07.12 22:18:07 | 000,090,112 | ---- | C] (Becker & Partner GmbH) -- C:\Windows\SysWow64\ctapisbp.dll
[2013.07.12 22:18:07 | 000,090,112 | ---- | C] (Becker & Partner GmbH) -- C:\Windows\ctapisbp.dll
[2013.07.12 22:18:07 | 000,086,016 | ---- | C] (Becker & Partner GmbH) -- C:\Windows\SysWow64\ctap_ii.dll
[2013.07.12 22:18:07 | 000,086,016 | ---- | C] (Becker & Partner GmbH) -- C:\Windows\ctap_ii.dll
[2013.07.12 22:18:07 | 000,077,824 | ---- | C] (Becker & Partner GmbH) -- C:\Windows\SysWow64\ctapiubp.dll
[2013.07.12 22:18:07 | 000,077,824 | ---- | C] (Becker & Partner GmbH) -- C:\Windows\ctapiubp.dll
[2013.07.12 22:18:01 | 000,000,000 | ---D | C] -- C:\ProgramData\SIMcrypt
[2013.07.10 12:01:42 | 001,838,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013.07.10 12:01:10 | 000,595,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2013.07.10 12:01:10 | 000,496,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2013.07.10 12:00:28 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.07.10 12:00:24 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.07.10 12:00:23 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.07.10 12:00:22 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.07.10 12:00:22 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.07.10 12:00:03 | 002,842,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013.07.10 12:00:02 | 002,620,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2013.07.06 12:55:17 | 000,000,000 | -H-D | C] -- C:\SkyDriveTemp
[2013.07.04 15:35:28 | 000,039,504 | ---- | C] (ThreatTrack Security) -- C:\Windows\SysNative\drivers\gfiark.sys
[2013.07.04 14:32:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Antivirus
[2013.07.04 14:29:48 | 000,000,000 | ---D | C] -- C:\Users\Jörg\AppData\Roaming\LavasoftStatistics
[2013.07.04 14:20:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2013.07.04 14:20:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ad-Aware Antivirus
[2013.07.04 14:20:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations
[2013.07.04 14:20:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Toolbar Cleaner
[2013.07.04 14:18:41 | 000,014,456 | ---- | C] (GFI Software) -- C:\Windows\SysNative\drivers\gfibto.sys
[2013.07.04 14:18:39 | 000,000,000 | ---D | C] -- C:\Users\Jörg\AppData\Roaming\Ad-Aware Antivirus
[2013.07.03 23:03:25 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tssdisai.dll
[2013.06.29 02:03:10 | 000,000,000 | ---D | C] -- C:\Users\Jörg\Desktop\Texte
[2013.06.29 01:09:05 | 000,000,000 | ---D | C] -- C:\PPF_Scan2
[2013.06.25 12:18:48 | 000,263,592 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.06.25 12:18:46 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.06.25 12:18:46 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.06.25 12:18:46 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.06.25 12:18:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
========== Files - Modified Within 30 Days ==========
[2013.07.23 19:23:02 | 000,001,142 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1080299906-672912975-2251274181-1001UA.job
[2013.07.23 19:18:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jörg\Desktop\OTL(1).exe
[2013.07.23 19:18:03 | 001,762,134 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.07.23 19:18:03 | 000,758,086 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.07.23 19:18:03 | 000,715,634 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.07.23 19:18:03 | 000,157,840 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.07.23 19:18:03 | 000,134,470 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.07.23 19:15:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.07.23 19:13:04 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013.07.23 19:12:53 | 858,509,311 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.23 19:08:21 | 000,666,633 | ---- | M] () -- C:\Users\Jörg\Desktop\adwcleaner(1).exe
[2013.07.23 18:59:41 | 000,560,934 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Jörg\Desktop\JRT.exe
[2013.07.23 18:54:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.07.22 11:23:42 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1080299906-672912975-2251274181-1001Core.job
[2013.07.17 22:51:23 | 000,434,552 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.07.15 20:48:59 | 000,005,632 | ---- | M] () -- C:\Users\Jörg\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.07.13 00:38:36 | 000,001,156 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.07.12 22:18:09 | 000,000,882 | ---- | M] () -- C:\Users\Public\Desktop\SIMcrypt© (PIN).lnk
[2013.07.12 22:18:09 | 000,000,882 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SIMcrypt© (PIN).lnk
[2013.07.12 22:18:09 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\SIMcrypt© (Pass + PIN).lnk
[2013.07.10 02:47:47 | 000,003,029 | ---- | M] () -- C:\Users\Jörg\Desktop\Microsoft Word 2010.lnk
[2013.07.04 14:18:40 | 000,014,456 | ---- | M] (GFI Software) -- C:\Windows\SysNative\drivers\gfibto.sys
[2013.07.02 12:29:54 | 000,029,362 | ---- | M] () -- C:\Users\Jörg\Documents\bookmarks.html
[2013.06.28 00:04:51 | 000,693,112 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.06.28 00:04:51 | 000,078,200 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.06.25 12:18:40 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.06.25 12:18:37 | 000,263,592 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.06.25 12:18:37 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.06.25 12:18:37 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.06.25 12:18:36 | 000,867,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013.06.25 12:18:36 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
========== Files Created - No Company Name ==========
[2013.07.23 19:08:34 | 000,666,633 | ---- | C] () -- C:\Users\Jörg\Desktop\adwcleaner(1).exe
[2013.07.17 22:51:09 | 000,434,552 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.07.17 00:08:38 | 000,386,642 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2013.07.16 03:13:30 | 000,000,345 | ---- | C] () -- C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Update.lnk
[2013.07.13 00:38:36 | 000,001,168 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.07.13 00:38:36 | 000,001,156 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.07.12 22:18:09 | 000,000,882 | ---- | C] () -- C:\Users\Public\Desktop\SIMcrypt© (PIN).lnk
[2013.07.12 22:18:09 | 000,000,882 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SIMcrypt© (PIN).lnk
[2013.07.12 22:18:09 | 000,000,866 | ---- | C] () -- C:\Users\Public\Desktop\SIMcrypt© (Pass + PIN).lnk
[2013.07.10 02:47:47 | 000,003,029 | ---- | C] () -- C:\Users\Jörg\Desktop\Microsoft Word 2010.lnk
[2013.07.02 12:29:54 | 000,029,362 | ---- | C] () -- C:\Users\Jörg\Documents\bookmarks.html
[2013.04.01 20:55:26 | 000,000,022 | ---- | C] () -- C:\Users\Jörg\AppData\Roaming\CDBUTLER.INI
[2013.03.27 02:14:22 | 013,217,792 | ---- | C] () -- C:\Users\Jörg\AppData\Roaming\Sandra.mdb
[2013.03.04 01:29:39 | 000,007,597 | ---- | C] () -- C:\Users\Jörg\AppData\Local\resmon.resmoncfg
[2013.02.26 02:12:38 | 000,005,632 | ---- | C] () -- C:\Users\Jörg\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.01.31 22:17:54 | 000,000,008 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012.12.14 14:23:19 | 000,110,080 | ---- | C] () -- C:\Windows\SysWow64\advd.dll
[2012.12.14 14:23:19 | 000,023,040 | ---- | C] () -- C:\Windows\SysWow64\auth.dll
[2012.12.14 14:23:17 | 000,511,488 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2012.11.29 00:27:55 | 001,781,088 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.11.15 18:34:22 | 000,000,455 | ---- | C] () -- C:\Users\Jörg\clipdat2.rdf
[2012.11.02 20:37:43 | 000,000,879 | ---- | C] () -- C:\Users\Jörg\AppData\Local\recently-used.xbel
[2012.10.31 14:23:57 | 000,000,241 | ---- | C] () -- C:\Windows\PanaFLB881.ini
[2012.10.31 01:17:56 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012.07.26 09:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
========== ZeroAccess Check ==========
[2013.04.25 23:13:33 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.03.06 08:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.03.06 07:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012.11.14 19:56:52 | 000,000,000 | ---D | M] -- C:\Users\Jörg\AppData\Roaming\AceBIT
[2013.07.04 17:35:28 | 000,000,000 | ---D | M] -- C:\Users\Jörg\AppData\Roaming\Ad-Aware Antivirus
[2012.12.20 02:28:34 | 000,000,000 | ---D | M] -- C:\Users\Jörg\AppData\Roaming\Ashampoo
[2012.12.14 14:23:43 | 000,000,000 | ---D | M] -- C:\Users\Jörg\AppData\Roaming\concept design
[2013.02.03 00:22:54 | 000,000,000 | ---D | M] -- C:\Users\Jörg\AppData\Roaming\Engelmann Media
[2012.11.19 22:26:02 | 000,000,000 | ---D | M] -- C:\Users\Jörg\AppData\Roaming\ImgBurn
[2012.12.08 14:13:48 | 000,000,000 | ---D | M] -- C:\Users\Jörg\AppData\Roaming\MAGIX
[2013.06.29 03:44:37 | 000,000,000 | ---D | M] -- C:\Users\Jörg\AppData\Roaming\NetSpeedMonitor
[2012.12.18 01:56:26 | 000,000,000 | ---D | M] -- C:\Users\Jörg\AppData\Roaming\Opera
[2012.10.31 17:08:12 | 000,000,000 | ---D | M] -- C:\Users\Jörg\AppData\Roaming\Panasonic
[2012.12.16 16:14:58 | 000,000,000 | ---D | M] -- C:\Users\Jörg\AppData\Roaming\pcvisit Data
[2013.07.23 15:04:45 | 000,000,000 | ---D | M] -- C:\Users\Jörg\AppData\Roaming\QuickScan
[2013.01.04 13:39:52 | 000,000,000 | ---D | M] -- C:\Users\Jörg\AppData\Roaming\Steganos
[2012.11.30 15:47:13 | 000,000,000 | ---D | M] -- C:\Users\Jörg\AppData\Roaming\SuperMailer
[2012.11.30 19:15:29 | 000,000,000 | ---D | M] -- C:\Users\Jörg\AppData\Roaming\SuperMailer-Bounce
[2012.12.14 19:50:02 | 000,000,000 | ---D | M] -- C:\Users\Jörg\AppData\Roaming\Textbausteinverwaltung
[2013.04.05 00:29:00 | 000,000,000 | ---D | M] -- C:\Users\Jörg\AppData\Roaming\Windows Live Writer
========== Purity Check ==========
< End of report > Code:
OTL Extras logfile created on: 23.07.2013 19:21:57 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jörg\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
6,00 Gb Total Physical Memory | 4,68 Gb Available Physical Memory | 78,01% Memory free
6,94 Gb Paging File | 5,51 Gb Available in Paging File | 79,49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 96,08 Gb Total Space | 28,04 Gb Free Space | 29,19% Space Free | Partition Type: NTFS
Drive D: | 31,07 Gb Total Space | 3,29 Gb Free Space | 10,59% Space Free | Partition Type: NTFS
Drive E: | 10,10 Gb Total Space | 10,01 Gb Free Space | 99,10% Space Free | Partition Type: NTFS
Drive F: | 95,93 Gb Total Space | 72,36 Gb Free Space | 75,43% Space Free | Partition Type: NTFS
Drive G: | 9,77 Gb Total Space | 1,88 Gb Free Space | 19,30% Space Free | Partition Type: NTFS
Drive H: | 95,97 Gb Total Space | 36,45 Gb Free Space | 37,98% Space Free | Partition Type: NTFS
Drive I: | 30,73 Gb Total Space | 4,67 Gb Free Space | 15,20% Space Free | Partition Type: NTFS
Drive M: | 96,12 Gb Total Space | 8,57 Gb Free Space | 8,92% Space Free | Partition Type: NTFS
Computer Name: HAUPTRECHNER | User Name: Jörg | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07E773D5-130C-4D0C-BF38-F9C577E04A0B}" = rport=139 | protocol=6 | dir=out | app=system |
"{085C8CCA-0623-4A88-AC7C-04738602722F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{0DA0FEC9-5EFA-42B4-AD4D-F87ECA2B461B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{1EC1AAAD-702F-4AA9-96F3-B3962C409F50}" = lport=3702 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft visual studio 11.0\common7\ide\vswinexpress.exe |
"{2E7929E8-E3D8-451D-B3EB-3BC71CA356B7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4E2FE681-2605-4B30-9B6A-9C612B33BCB3}" = lport=137 | protocol=17 | dir=in | app=system |
"{5FE6DF77-378D-4FC4-9B98-CABCC4ED539D}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{67AED92A-DC3A-44FF-AC03-8BAF0148F015}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6A474DBF-FBF2-4BDD-A2AC-0F7238645B02}" = lport=138 | protocol=17 | dir=in | app=system |
"{7AA9B070-4EF6-4DA9-923F-37B11A814239}" = rport=138 | protocol=17 | dir=out | app=system |
"{80208E25-1904-4F73-8CC7-C67252E5DF69}" = rport=10243 | protocol=6 | dir=out | app=system |
"{8B20B674-0904-4474-8BB8-99C926491DAD}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9BB047C2-8B99-473A-828D-C19D58D18454}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9D0A6018-6E24-4BBC-B263-BC5BC7C2DD23}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A0258588-2498-4FC5-814A-A996B3B29D42}" = rport=137 | protocol=17 | dir=out | app=system |
"{A215772C-CA96-49FE-8C20-9878461C9ABF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A5D5C2FD-B91F-4D6A-9521-2D2B210054EF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AD82DFA4-468C-4850-AAD3-9FEC162F5887}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{AFF8BEB3-E562-4527-B8DA-D6DBBB5AB989}" = lport=445 | protocol=6 | dir=in | app=system |
"{B9918E5C-8F13-48A3-BFF1-9070E9402471}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C9138777-9E49-43DD-BD11-95C8B17D95D2}" = lport=139 | protocol=6 | dir=in | app=system |
"{CB64872A-76E2-4E98-BEDD-77B757130DF1}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D9A04BDC-B5EC-4597-8907-8698A38ABF74}" = rport=445 | protocol=6 | dir=out | app=system |
"{DD9B2329-B0A5-4A93-8314-BE31D93F643A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E2D29043-DB95-44AE-AB0B-CC390E689496}" = lport=rpc | protocol=6 | dir=in | app=f:\program files\sisoftware\sisoftware sandra lite 2013.sp2\rpcagentsrv.exe |
"{E980B198-2280-47B1-9E2F-BCC72492CC75}" = lport=rpc | protocol=6 | dir=in | app=f:\program files\sisoftware\sisoftware sandra lite 2013.sp2\wnt500x64\rpcsandrasrv.exe |
"{FAA4F5DA-0657-45A4-896C-F8E4A0E127E1}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{FF266CF0-3FC1-4104-9F0A-AD6EF22BF623}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{FF88AA37-7242-4C98-BE74-3892AFF2738D}" = lport=10243 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{049323B6-0071-4950-8328-28DC63C6C3FE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{04D7D267-C71F-468D-BB36-04FA8BEA2C5D}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{0B5B72A3-E510-4BF2-AE4F-CFCDF1804B20}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{0D379112-3228-4B74-A54F-44C880FC9233}" = dir=out | name=@{microsoft.bingmaps_1.6.1528.2509_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{0F3F38ED-939D-427E-828C-B4C29047DEE7}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{1030FA69-F555-413F-99CF-4B73FB957081}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{103D76D3-6931-45ED-B4BD-C7C87E7878E1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{16A23CFB-D282-4BC5-95F2-8E7CD4B294CD}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{18B6CAB5-F5BA-4EF0-A165-6C09A0B42941}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{1BCA280E-FD6A-415E-A58D-8C47F0B4C7F2}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{21B7B54D-50F8-49AC-B1A5-7B5401C730A4}" = protocol=17 | dir=in | app=f:\program files (x86)\kompass digital map\dkl3d.exe |
"{227AF955-0A64-424A-9CD8-1D53C6361BD5}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{243137FB-701B-4FB8-BC01-F1749FB79046}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2577590B-D2A1-4C96-A1B3-0119B36B665B}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{277199B9-7F42-4191-8685-A4611C455497}" = dir=out | name=pc-welt |
"{30376A78-B780-41ED-A335-169D855217DF}" = dir=out | name=@{microsoft.zunemusic_1.4.18.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{34026252-604C-4736-B72A-E7730B087F03}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{3944DCB5-4388-48B0-9077-7D4ECAD6DD0D}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{3B81EACF-0DD2-46F5-B8E7-A228BEC6E38B}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{3C680A00-1CB4-4D16-B6F8-2D01A9345E7F}" = protocol=6 | dir=in | app=f:\program files (x86)\kompass digital map\dkl3d.exe |
"{3D66C87A-2809-4C7D-9227-AC39BD96E9E4}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{3DE96D56-0DF9-4F4E-897C-02081B3C85F1}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{3EBBBD8C-71AD-47EA-9B39-2DEB7A37FC1C}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{4097E910-3A35-4781-9C57-4BA43EAE4EF6}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{40AE17D1-8C2D-41CC-8A5E-FF4E76554506}" = dir=out | name=@{microsoft.bingfinance_2.0.0.275_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{43158215-8062-45DF-895C-90E22CDAA3B0}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{48EED416-7738-41CE-AE7B-E4F7FE3AF0F6}" = dir=out | name=@{microsoft.bingnews_2.0.0.273_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{4950CF40-A35F-4563-9167-5301A3E0D337}" = dir=out | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{4A7DE21B-52F7-49B0-BFE7-681C9AFDD015}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{4B268093-4D16-4E92-BD17-6FDC016F23DD}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2serverlauncher.exe |
"{4FAC4CEA-986F-41F7-9FAC-880BF9285CCF}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{551BA0C4-D830-4C2A-869F-4193813CBCCC}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{553C4BC6-0A39-4FDD-9694-F55647BCA702}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{558E81F1-B4CE-4712-834A-749A04764322}" = protocol=1 | dir=in | name=sisoftware deployment agent service (icmp-in) |
"{56D694CC-939A-4DD8-88DF-CFB2D1A26BDF}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{572A04D5-22FE-4AFC-A4FB-D6E7BDD90AF2}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{59B28AC9-9D44-49D3-BB6B-2B7BD295C5D8}" = dir=out | name=@{pons.wrterbuch_1.5.0.45_neutral__sj9sp7dbkxx8m?ms-resource://pons.wrterbuch/resources/display_name} |
"{5F05301A-0E39-45AD-9824-5E9EDE967693}" = dir=out | name=onenote |
"{60075E68-576C-491D-9425-5ECC57228E62}" = dir=out | name=@{microsoft.xboxlivegames_1.3.10.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{6220010E-4A17-4253-B3FF-99DE0556CE1E}" = dir=out | name=@{microsoft.bingweather_2.0.0.288_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{6A34E1ED-63FB-4DBE-AE8A-97E83AC05CC5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6ABF6817-CE64-407C-891A-A4B24A3803B8}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{6B2A3AC7-6FCF-43BF-9658-270F4C7221B6}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{6CE996AA-EE48-4C44-921F-1A316C417663}" = dir=out | name=meinprospekt |
"{71358B51-D198-44ED-A85F-18771ED5A0A1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{768D6DF8-FA32-442F-9A27-7B81116D41AD}" = dir=out | name=golem.de |
"{77186D73-CA76-4C98-9245-DC534C6AAED5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{77A16F8F-C0B8-4BDB-A82A-8A5C78FEA690}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{77F9989B-815A-459E-AF84-09ECF20DAE9F}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{781B5763-6103-433E-945B-6F796FBA4BFF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{782C4FD7-A15A-4C4F-9BDF-87F659A5AE51}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe |
"{7BA848D6-FD85-49A0-A64C-DFFB601D9EFA}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{7DFC1BB0-C860-495D-A9C3-17F3E23595C8}" = dir=out | name=@{microsoft.bingsports_2.0.0.273_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{807AF245-57FC-47C7-B7EE-F15164C95421}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{84098E63-B92B-48A8-91B1-8E7BB162A04C}" = dir=in | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{860429BB-325B-4133-B6BF-C65328B09F65}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8A5C4F13-2900-4D06-9D9F-619E8BBA0947}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe |
"{8E7A9994-64F8-4526-B804-2EAFACBBA363}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8F65E2B5-06B6-475D-8214-5557AADE4050}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{90A1E385-6CBA-41B4-812D-01FC8D95C625}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{94EA154F-CBDF-4C0A-A2C8-7F33AEA08DBC}" = dir=out | name=tv movie |
"{95CE23E8-F717-4908-A1D4-FFFB7743303A}" = dir=out | name=@{microsoft.zunevideo_1.3.59.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{9609B260-C638-4F4F-BF43-E8C25197FD7C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{975934A4-3AB4-466D-888F-615DA3A9ED12}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{9783D627-251D-4FCB-AA12-AF52946527E4}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{99148F2C-833E-4EAB-A4A1-C39C5DE9C181}" = dir=in | app=c:\program files (x86)\vmware\vmware player\vmware-authd.exe |
"{9B407513-3E80-4534-9374-BE6CC6357551}" = dir=out | name=@{microsoft.bingtravel_2.0.0.274_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{9BBD4AA1-39F9-4F03-8F0D-FD5F399AFFE3}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{9DE03F24-B6E5-466B-AAE5-07A2789F0580}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{A15A2AC0-524C-47FA-8CF5-32E2231BE86D}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{A568E0EA-0B9F-472F-8F3C-5A471DEF2F95}" = protocol=6 | dir=out | app=system |
"{A59F1B88-6A8D-424F-9B52-F081034B70F2}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{A5E54765-5A3E-4750-9FB0-B3E32ED5D5E3}" = dir=in | app=c:\program files (x86)\vmware\vmware player\vmware-authd.exe |
"{A6C30298-3D79-42C0-86D1-5960D7CC404F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AA83FDCC-2457-4B17-B1A1-3C1B9D3715A9}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{AB9E9ADC-3C97-4C5A-8C24-2D9F7DA3EFC6}" = dir=in | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{ABB1C11C-CF9B-4EE2-B202-BCB03F3A7D23}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{AC75F9E9-52B7-4144-9471-CCAD072B3733}" = dir=out | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{AEC34EBF-53B5-48A2-8279-913B7B0EBD13}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) |
"{B218F139-AE4A-4594-8DFD-86A0A24481BE}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{B2418367-FBAD-4781-98FA-49E4CD9F3B19}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B48304CF-FDDD-4A4E-846B-A79E74B0141D}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{B533231D-1492-486A-80B9-54733E674CC0}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{BB46D36A-AB38-46C0-AA49-4C17A4FD3D2C}" = dir=in | app=c:\users\jörg\appdata\local\microsoft\skydrive\skydrive.exe |
"{BC8E9A28-3471-4C49-8E09-D4F74A7E3D1F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BD284910-CE3E-41AB-81BB-68A2E295B9D7}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{BD5B6332-70A0-4C19-A887-45F328DA4466}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{C1862248-3660-4F3A-9795-EF281F4D5A2E}" = dir=out | name=fresh paint |
"{C55340E6-F0EF-4D0D-AAD7-3056193A8E98}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{CC502AFD-88AD-433B-ACB2-112AA0B6CF65}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{CF92720F-18E9-4FC3-9385-3367F31E73B9}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{D0A205AD-6BA4-43BD-8BCB-866520CFCD2D}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{D2DC70F0-9FE8-426D-A574-64375F2A45BE}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{D6681C60-99D3-48EF-ACE7-CEFA4358DFE0}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{D6777485-0B4C-4012-A5C0-BF1AF30B8D93}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2serverlauncher.exe |
"{D99D8CA7-B4E9-4326-953C-D2FF64C1FF57}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe |
"{DB121130-B4DF-4838-8A9A-7037F7F72160}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{DFC356DA-6C11-4047-B06A-98770C828666}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{E1E1FD34-715F-4B03-A090-73D621499E0A}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{E5F7A0DE-6961-43EE-BA8B-C8F0D71FF75E}" = dir=out | name=@{microsoft.bing_1.5.1.259_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{EA72D304-8FBA-484D-B505-8A8E024E536F}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{EE4B5054-8450-4F22-AA5B-42B4B89F007F}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{F0929F21-C99C-4694-9914-FDAD6CB10A3F}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{F10817BB-1F05-4969-9857-2F89EAE256AB}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{F3A941F9-6931-4922-B08A-493CCAFA53C7}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe |
"{F466F250-2EC9-45D3-8F00-13A5D884CC05}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe |
"{F4EE60D1-0DA1-4C86-B003-24EEA7803DF9}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe |
"{F67C59F9-C6CB-4467-9479-8BB2C492B24F}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{F89E9123-2620-42B5-A1FF-E17DE1690FA6}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{F8EC4E1B-465D-4B2E-AF45-A9F7447FDF67}" = dir=in | name=onenote |
"{F99FDDE9-96E8-48D3-B190-62C542BA6412}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{FD63F0A9-57D3-4CAC-86CB-34B6A8269CBC}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{0A86AC7F-4CE6-4EE7-8338-8DB931720216}F:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=f:\program files (x86)\sopcast\sopcast.exe |
"TCP Query User{570BF824-4D61-4A94-9B1B-884C418FA0AB}F:\program files (x86)\kompass digital map\dkl3d.exe" = protocol=6 | dir=in | app=f:\program files (x86)\kompass digital map\dkl3d.exe |
"TCP Query User{C4AD64E3-2003-4ACE-9369-F9B1DEA4F8C5}F:\program files (x86)\franzis\onlinetv 6\onlinetv.exe" = protocol=6 | dir=in | app=f:\program files (x86)\franzis\onlinetv 6\onlinetv.exe |
"UDP Query User{3DD4E6F1-7E52-4584-B27A-D243FA1885A9}F:\program files (x86)\franzis\onlinetv 6\onlinetv.exe" = protocol=17 | dir=in | app=f:\program files (x86)\franzis\onlinetv 6\onlinetv.exe |
"UDP Query User{78B2CD29-26FD-456A-B55A-3D3DC7CE0ACF}F:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=f:\program files (x86)\sopcast\sopcast.exe |
"UDP Query User{EF6FAD38-0EBD-4234-BA97-64B2AE88A71D}F:\program files (x86)\kompass digital map\dkl3d.exe" = protocol=17 | dir=in | app=f:\program files (x86)\kompass digital map\dkl3d.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{27EF252D-800C-ED42-9904-459FE0046225}" = Windows Software Development Kit for Windows Store Apps DirectX x64 Remote
"{2B997E80-3BEC-3222-9114-98DBE1182B2E}" = Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727
"{2E0C1D31-8FEC-411E-97FB-6E56BD429A98}" = PlayReady PC Runtime amd64
"{3FA063D7-EDC1-AFA8-54AF-0563C7DEE070}" = Windows App Certification Kit Native Components
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{591B29D8-4A37-4202-9F74-3B43A45EC036}" = MAGIX Foto & Grafik Designer 6 SE
"{5EEC477F-8E9B-4420-8829-16E7426227DB}" = Windows Live MIME IFilter
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6F07A6C2-9068-3673-A120-DC10012468C6}" = Microsoft Visual Studio Team Foundation Server 2012 Object Model
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{843AD902-84EA-3CE3-90F3-6866E567427D}" = Microsoft Visual Studio 2012 Express Prerequisites x64 - DEU
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}" = Microsoft SQL Server Compact 4.0 SP1 x64 DEU
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1" = SiSoftware Sandra Lite 2013.SP2
"{E452E727-86B8-4233-8CC3-41FD817AFAFF}" = VMware Player
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{ED1EBD88-D341-321A-BB22-52D7E703E316}" = Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - DEU
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02213A81-CB13-7262-5ABE-1FFA2C75559F}" = Windows App Certification Kit x64
"{0278602E-1C48-4C63-8599-7520B8700670}" = Microsoft Visual Studio 2012-Vorbereitung
"{03D562B5-C4E2-4846-A920-33178788BE00}" = Windows Live Communications Platform
"{0EEB6DAC-32D5-4D1A-B795-7023D6AB9F13}" = Blend for Visual Studio 2012 DEU resources
"{0F929651-F516-4956-90F2-FFBD2CD5D30E}" = Photo Gallery
"{0FD66C6F-4023-4C74-AF8E-9B8B2053868E}" = Fotogalerie
"{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}" = Windows Live SOXE Definitions
"{14EEBDFB-6217-4F98-8563-8342C42E8571}" = Snagit 11
"{1948E039-EC79-4591-951D-9867A8C14C90}" = Microsoft .NET Framework 4.5 SDK
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1C163D33-33B3-33EB-A617-0D4D852BE8E1}" = Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F8E06E2-BA93-40DC-B183-E024CBD853A8}" = Microsoft Visual C++ 2012 Compilers
"{21DBD5D1-3573-4E2E-9251-CCF2C2E0C4FE}" = WinSurvey 3
"{22C58DA3-FA02-4DD3-8C5B-23570411E95B}" = Windows Live Writer Resources
"{236BB7C4-4419-42FD-0407-1E257A25E34D}" = Adobe Photoshop CS2
"{23B93929-FAD4-40E5-96C6-0E977BB87204}" = Windows Live Essentials
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{4222A6C9-6127-4445-A820-B02ECFD9F407}" = Microsoft NuGet - Visual Studio 2012 Express for Windows 8
"{42F61556-29ED-8122-F39E-6F04EA5FF279}" = Windows Software Development Kit for Windows Store Apps DirectX x86 Remote
"{45898170-E68C-4F02-AA35-C2186BF347A3}" = Movie Maker
"{49DC9658-D26A-4AAB-A83A-2655B8033056}" = Photo Common
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53DE4FAD-F853-44F3-AC39-AD2940E5DD53}" = Software für Panasonic Multi-Function Station
"{57F20F04-014D-453F-B6A3-AE9485C4DFAB}" = Blend for Visual Studio 2012
"{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}" = Windows Live Installer
"{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}" = Microsoft .NET Framework 4.5 Multi-Targeting Pack
"{6066D3FE-3692-4449-A3C8-D1EAA2C0E9E7}" = Movie Maker
"{6B6923B9-8719-425B-916C-CD2908F31AAF}" = Windows Live SOXE
"{6DAB46E3-D017-3E2B-85D8-F57A230384C0}" = Microsoft Visual Studio Team Foundation Server 2012 Team Explorer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{786C5747-0C40-4930-9AFE-113BCE553101}" = Adobe Stock Photos 1.0
"{7F4C8163-F259-49A0-A018-2857A90578BC}" = Adobe InDesign CS2
"{800F484E-9D69-492D-B656-7BAA32586142}" = Microsoft Visual Studio 2012 Shell (Minimum)
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 5.2.0
"{820C677A-41B2-48C3-8136-FEE35A052E73}" = Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies
"{89B4532E-19CE-4FA9-9692-10BFD5A38532}" = Visual Studio Extensions for Windows Library for JavaScript
"{8A79E320-5BCA-4A0F-A83B-D2D9783C7D53}" = Microsoft Visual C++ 2012 Compilers - DEU Resources
"{8BAB88C4-5024-3236-84B5-115054CD32B3}" = Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - DEU
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
"{8EDBA74D-0686-4C99-BFDD-F894678E5101}" = Adobe Common File Installer
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90849941-4C23-3054-B575-3833700DF788}" = Microsoft Help Viewer 2.0 Language Pack - DEU
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91B33C97-0FBA-74AE-E802-D782F5C8AA89}_is1" = Ashampoo Burning Studio 2013 v.11.0.5
"{91B33C97-9E02-D93E-656C-D2D81585F29B}_is1" = Ashampoo Photo Optimizer 5 v.5.3.0
"{9846a706-1070-48d4-9d9a-d5df9dc5fd4b}" = Microsoft Visual Studio Express 2012 für Windows 8 - DEU
"{98B45D1C-6EB1-460D-A87D-2B60678DC105}" = Microsoft .NET Framework 4.5 SDK - DEU Lang Pack
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AD1AEE2A-D9C0-3FAC-8D6B-B5E07B47257B}" = Microsoft Visual C++ 2012 Core Libraries
"{B33EA6ED-6F46-3BE1-98D2-F43D2A82EE39}" = Microsoft Visual Studio Ultimate 2012 XAML UI Designer deu Resources
"{B51F97E6-83F3-3B02-8CBB-15F86DFCE1DB}" = Microsoft Visual Studio Express 2012 for Windows 8
"{B74D4E10-6884-0000-0000-000000000101}" = Adobe Bridge 1.0
"{BD87E147-2948-4E49-9FD9-890A4AE4300A}" = Microsoft Visual Studio 2012 Shell-(Mindest)-Ressourcen
"{C1BE4600-7D15-3D1E-8AA2-B3241DB1D063}" = Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core
"{C6B0EE9E-2128-4448-B7AE-5E2B46E0F0E7}" = Windows Live Photo Common
"{CCC7C18E-1BEA-409F-B7A9-6C9740B99119}" = Windows Live UX Platform Language Pack
"{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D11F66FF-82B3-DDB8-1146-525370552BE1}" = Windows Software Development Kit for Windows Store Apps
"{D29B0575-C3DE-4746-A893-4FDF0F7D68B2}" = Windows Live Mail
"{D604900F-A275-416C-AF9D-CDEDF58B72DB}" = Windows Live Mail
"{DDC1078D-00E9-CB9D-EA5B-EE695A38D346}" = Windows Runtime Intellisense Content - de-de
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1720628-0F3F-361D-ABF7-AC2E71F74E24}" = Microsoft Visual Studio Express 2012 für Windows 8 - DEU
"{E3445598-4424-4EE2-B71C-C23325F7FB71}" = Windows Live PIMT Platform
"{E9787678-119F-4D52-B551-6739B2B22101}" = Adobe Help Center 1.0
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{EFBCA571-617D-484A-9ECA-E301BB6D0750}" = Windows Live Writer
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}" = Windows Live UX Platform
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F6F30C28-38AA-4DBA-AE0B-7E30238E61BB}" = Junk Mail filter update
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"{FEB375AB-6EEC-3929-8FAF-188ED81DD8B5}" = Microsoft Help Viewer 2.0
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe InDesign CS2 - {7F4C8163-F259-49A0-A018-2857A90578BC}" = Adobe InDesign CS2
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}" = Adobe Photoshop CS2
"Ashampoo Burning Studio 2012_is1" = Ashampoo Burning Studio 2012 v.10.0.15
"ImgBurn" = ImgBurn
"MAGIX_{591B29D8-4A37-4202-9F74-3B43A45EC036}" = MAGIX Foto & Grafik Designer 6 SE
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Microsoft Help Viewer 2.0" = Microsoft Help Viewer 2.0
"Microsoft Help Viewer 2.0 Language Pack - DEU" = Microsoft Help Viewer 2.0 Language Pack - DEU
"Mozilla Firefox 22.0 (x86 de)" = Mozilla Firefox 22.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Opera 12.16.1860" = Opera 12.16
"VMware_Player" = VMware Player
"WinLiveSuite" = Windows Live Essentials
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1080299906-672912975-2251274181-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"SkyDriveSetup.exe" = Microsoft SkyDrive
========== Last 20 Event Log Errors ==========
[ System Events ]
Error - 23.07.2013 13:08:56 | Computer Name = Hauptrechner | Source = DCOM | ID = 10010
Description =
Error - 23.07.2013 13:09:26 | Computer Name = Hauptrechner | Source = DCOM | ID = 10010
Description =
Error - 23.07.2013 13:09:56 | Computer Name = Hauptrechner | Source = DCOM | ID = 10010
Description =
Error - 23.07.2013 13:10:43 | Computer Name = Hauptrechner | Source = DCOM | ID = 10010
Description =
< End of report > Beim OTL-Scan sei noch erwähnt, dass die Anleitung zum Programm etwas verwirrend ist. Im Bild sind Einstellungen markiert, die im beschreibenden Text darunter nicht erwähnt werden. Ich habe nun mal auch die Einstellungen aus dem Bild aktiviert, in der Hoffnung, dass das so richtig war. ;-) |