qv06-Virus eingefangen
Hi,
ich habe mir gestern den qv06-Virus einfangen. Habs aber gleich gemerkt und in mit adwcleaner3001 entfernt. Hier das Logfile: Code:
# AdwCleaner v3.001 - Report created 28/08/2013 at 22:19:09
# Updated 24/08/2013 by Xplode
# Operating System : Windows 7 Home Premium (64 bits)
# Username : Anne - ANNESVAIO
# Running from : C:\Users\Anne\Desktop\adwcleaner3001.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
[!] Folder Deleted : C:\ProgramData\BrowserDefender
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\software4u
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\ConduitEngine
Folder Deleted : C:\Program Files (x86)\Desk 365
Folder Deleted : C:\Program Files (x86)\DVDVideoSoftTB
Folder Deleted : C:\Program Files (x86)\softonic-de3
Folder Deleted : C:\Program Files (x86)\software4u
Folder Deleted : C:\Program Files (x86)\Common Files\337
Folder Deleted : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Folder Deleted : C:\Users\Anne\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Anne\AppData\Local\Temp\boost_interprocess
Folder Deleted : C:\Users\Anne\AppData\Local\Temp\Desk365
Folder Deleted : C:\Users\Anne\AppData\Local\Temp\eIntaller
Folder Deleted : C:\Users\Anne\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Anne\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\Anne\AppData\LocalLow\DVDVideoSoftTB
Folder Deleted : C:\Users\Anne\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Anne\AppData\LocalLow\softonic-de3
Folder Deleted : C:\Users\Anne\AppData\Roaming\dvdvideosoftiehelpers
Folder Deleted : C:\Users\Anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\software4u
Folder Deleted : C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\ohmgyw61.default\Conduit
Folder Deleted : C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\ohmgyw61.default\ConduitEngine
Folder Deleted : C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\ohmgyw61.default\Extensions\engine@conduit.com
Folder Deleted : C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\ohmgyw61.default\Extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
File Deleted : C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\ohmgyw61.default\searchplugins\11-suche.xml
File Deleted : C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\ohmgyw61.default\searchplugins\Conduit.xml
File Deleted : C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\ohmgyw61.default\bProtector_extensions.rdf
File Deleted : C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\ohmgyw61.default\\invalidprefs.js
File Deleted : C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\ohmgyw61.default\user.js
***** [ Shortcuts ] *****
Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Anne\Desktop\Search.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
Shortcut Disinfected : C:\Users\Anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Anne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Anne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\Anne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
Shortcut Disinfected : C:\Users\Anne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\firefox - Verknüpfung.lnk
Shortcut Disinfected : C:\Users\Anne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Anne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKLM\SOFTWARE\5d57d7d0b63eea40
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_k-lite-codec-pack_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_k-lite-codec-pack_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\
Key Deleted : HKLM\SOFTWARE\Classes\AppID\
Key Deleted : HKLM\SOFTWARE\Classes\AppID\
Key Deleted : HKLM\SOFTWARE\Classes\AppID\
Key Deleted : HKLM\SOFTWARE\Classes\AppID\
Key Deleted : HKLM\SOFTWARE\Classes\AppID\
Key Deleted : HKLM\SOFTWARE\Classes\AppID\
Key Deleted : HKLM\SOFTWARE\Classes\AppID\
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CEDC2A9D-65E0-4EE9-AD5C-FF2235AED8A1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E3F910D-33CA-4E7B-8632-B459B6CB8F32}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\
Key Deleted : HKLM\SOFTWARE\Classes\Interface\
Key Deleted : HKLM\SOFTWARE\Classes\Interface\
Key Deleted : HKLM\SOFTWARE\Classes\Interface\
Key Deleted : HKLM\SOFTWARE\Classes\Interface\
Key Deleted : HKLM\SOFTWARE\Classes\Interface\
Key Deleted : HKLM\SOFTWARE\Classes\Interface\
Key Deleted : HKLM\SOFTWARE\Classes\Interface\
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}
[#] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CEDC2A9D-65E0-4EE9-AD5C-FF2235AED8A1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6E3F910D-33CA-4E7B-8632-B459B6CB8F32}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{309330CA-FCEC-449F-9E13-786A5A05922B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{86E57106-492A-4530-B831-BD24861DD50B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\DataMngr
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Delta
Key Deleted : HKCU\Software\MediaFinder
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine
Key Deleted : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\softonic-de3
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\conduitEngine
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Delta
Key Deleted : HKLM\Software\Desksvc
Key Deleted : HKLM\Software\DeviceVM
Key Deleted : HKLM\Software\DVDVideoSoftTB
Key Deleted : HKLM\Software\qvo6Software
Key Deleted : HKLM\Software\V9
Key Deleted : HKLM\Software\softonic-de3
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\softonic-de3 Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\DeviceVM
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.7600.17267
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [bProtectTabs]
-\\ Mozilla Firefox v23.0.1 (de)
[ File : C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\ohmgyw61.default\prefs.js ]
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2269050/CT2269050", "\"20418da91242236c7504393afec544fb1\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/CH", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2269050", "\"1323704474\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"01ffa8b1cc6cb1:eaa\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"807dc126dd28cc1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.0.7", "\"4ead38b3e6bcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.2.3", "\"4ead38b3e6bcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2269050", "\"d76323372b05c3748a3d6b1c93a98292\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "634356118310000000");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/2011 11:17:11 AM", "634356118310000000");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"c463735a2d2570b66c8391e7673c21ff\"");
Line Deleted : user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
Line Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");
Line Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
Line Deleted : user_pref("CommunityToolbar.IsEngineShown", true);
Line Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Line Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine");
Line Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com");
Line Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine");
Line Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList2", "");
Line Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Sat Apr 09 2011 09:09:12 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Line Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sat Jun 25 2011 12:34:13 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Line Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Line Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sat Jun 25 2011 12:34:05 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Line Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Line Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Line Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Line Deleted : user_pref("CommunityToolbar.alert.userId", "35fbadc6-4b11-4b89-afb7-f2f2941fe43f");
Line Deleted : user_pref("CommunityToolbar.globalUserId", "f196b808-d39a-4166-ab00-b052a4187224");
Line Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2269050");
Line Deleted : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Sat Jun 11 2011 23:08:41 GMT+0200");
Line Deleted : user_pref("ConduitEngine.CTID", "ConduitEngine");
Line Deleted : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Fri Jun 24 2011 21:43:49 GMT+0200");
Line Deleted : user_pref("ConduitEngine.FirstServerDate", "04/09/2011 10");
Line Deleted : user_pref("ConduitEngine.FirstTime", true);
Line Deleted : user_pref("ConduitEngine.FirstTimeFF3", true);
Line Deleted : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Line Deleted : user_pref("ConduitEngine.Initialize", true);
Line Deleted : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Line Deleted : user_pref("ConduitEngine.InstalledDate", "Sat Apr 09 2011 09:09:14 GMT+0200");
Line Deleted : user_pref("ConduitEngine.IsMulticommunity", false);
Line Deleted : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Line Deleted : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Line Deleted : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Sun Jun 26 2011 10:03:27 GMT+0200");
Line Deleted : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Sun Jun 26 2011 10:03:26 GMT+0200");
Line Deleted : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("ConduitEngine.SettingsLastCheckTime", "Sun Jun 26 2011 10:03:27 GMT+0200");
Line Deleted : user_pref("ConduitEngine.UserID", "UN16403181810505196");
Line Deleted : user_pref("ConduitEngine.componentAlertEnabled", false);
Line Deleted : user_pref("ConduitEngine.engineLocale", "de");
Line Deleted : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Sun Jun 26 2011 10:03:27 GMT+0200");
Line Deleted : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Sun Jun 26 2011 10:03:29 GMT+0200");
Line Deleted : user_pref("ConduitEngine.initDone", true);
Line Deleted : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Line Deleted : user_pref("ConduitEngine.usagesFlag", 2);
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}");
Line Deleted : user_pref("extensions.delta.admin", false);
Line Deleted : user_pref("extensions.delta.aflt", "babsst");
Line Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Line Deleted : user_pref("extensions.delta.autoRvrt", "false");
Line Deleted : user_pref("extensions.delta.dfltLng", "de");
Line Deleted : user_pref("extensions.delta.excTlbr", false);
Line Deleted : user_pref("extensions.delta.ffxUnstlRst", true);
Line Deleted : user_pref("extensions.delta.id", "6a9922610000000000000024d62b2106");
Line Deleted : user_pref("extensions.delta.instlDay", "15945");
Line Deleted : user_pref("extensions.delta.instlRef", "sst");
Line Deleted : user_pref("extensions.delta.newTab", false);
Line Deleted : user_pref("extensions.delta.prdct", "delta");
Line Deleted : user_pref("extensions.delta.prtnrId", "delta");
Line Deleted : user_pref("extensions.delta.rvrt", "false");
Line Deleted : user_pref("extensions.delta.smplGrp", "none");
Line Deleted : user_pref("extensions.delta.tlbrId", "base");
Line Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");
Line Deleted : user_pref("extensions.delta.vrsn", "1.8.24.6");
Line Deleted : user_pref("extensions.delta.vrsnTs", "1.8.24.621:51:46");
Line Deleted : user_pref("extensions.delta.vrsni", "1.8.24.6");
Line Deleted : user_pref("extensions.delta_i.babExt", "");
Line Deleted : user_pref("extensions.delta_i.babTrack", "affID=119498&tt=280813_dtts&tsp=4988");
Line Deleted : user_pref("extensions.delta_i.srcExt", "ss");
Line Deleted : user_pref("extensions.enabledItems", "personas@christopher.beard:1.6.2,{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6,{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23,{872b5b88-9db5-4310-bdd0-ac189557e5f5}[...]
Line Deleted : user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\exte[...]
-\\ Google Chrome v29.0.1547.57
[ File : C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted : homepage
Deleted : icon_url
Deleted : search_url
Deleted : keyword
Deleted : urls_to_restore_on_startup
*************************
AdwCleaner[R0].txt - [36003 octets] - [28/08/2013 22:17:59]
AdwCleaner[S0].txt - [24374 octets] - [28/08/2013 22:19:09]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [24435 octets] ##########
Jetzt weiß ich leider ob mein Rechner dadurch komplett sauber ist. Um sicher zu gehen habe ich mal ein OTL-Logfile erstellt:
OTL.txt Code:
OTL logfile created on: 29.08.2013 11:17:46 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Anne\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,97 Gb Total Physical Memory | 1,99 Gb Available Physical Memory | 50,17% Memory free
7,93 Gb Paging File | 5,75 Gb Available in Paging File | 72,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 456,28 Gb Total Space | 107,76 Gb Free Space | 23,62% Space Free | Partition Type: NTFS
Computer Name: ANNESVAIO | User Name: Anne | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Anne\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.exe (Microsoft Corporation.)
PRC - C:\Users\Anne\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Users\Anne\AppData\Roaming\Dropbox\bin\libcef.dll ()
MOD - C:\Users\Anne\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.exe (Microsoft Corporation.)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.exe (Microsoft Corporation.)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (NisSrv) -- c:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- c:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (VSNService) -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation)
SRV - (SOHPlMgr) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe (Sony Corporation)
SRV - (SOHDms) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation)
SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
SRV - (SOHDBSvr) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe (Sony Corporation)
SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
SRV - (RtkAudioService) -- C:\Programme\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor)
SRV - (Vcsw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (VzCdbSvc) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
SRV - (VAIO Power Management) -- C:\Programme\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (VcmINSMgr) -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation)
SRV - (VcmIAlzMgr) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV - (Roxio Upnp Server 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe (Sonic Solutions)
SRV - (Roxio UPnP Renderer 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe (Sonic Solutions)
SRV - (VcmXmlIfHelper) -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (IAANTMON) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
========== Driver Services (SafeList) ==========
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (NBVolUp) -- C:\Windows\SysNative\drivers\NBVolUp.sys (Nero AG)
DRV:64bit: - (NBVol) -- C:\Windows\SysNative\drivers\NBVol.sys (Nero AG)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (Netaapl) -- C:\Windows\SysNative\drivers\netaapl64.sys (Apple Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (ivusb) -- C:\Windows\SysNative\drivers\ivusb.sys (Initio Corporation)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (IntcHdmiAddService) -- C:\Windows\SysNative\drivers\IntcHdmi.sys (Intel(R) Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (risdptsk) -- C:\Windows\SysNative\drivers\risdsn64.sys (REDC)
DRV:64bit: - (rimsptsk) -- C:\Windows\SysNative\drivers\rimssn64.sys (REDC)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation)
DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (netw5v64) -- C:\Windows\SysNative\drivers\NETw5v64.sys (Intel Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&utm_campaign=&utm_content=hp&from=amt&uid=SAMSUNGXHM500JI_S208JD0SA07988&ts=1377719443
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&utm_campaign=&utm_content=hp&from=amt&uid=SAMSUNGXHM500JI_S208JD0SA07988&ts=1377719443
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3743465012-4140755817-391456211-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
IE - HKU\S-1-5-21-3743465012-4140755817-391456211-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3743465012-4140755817-391456211-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-3743465012-4140755817-391456211-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3743465012-4140755817-391456211-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3743465012-4140755817-391456211-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "gmx.de"
FF - prefs.js..extensions.enabledAddons: %7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D:4.2.1.9
FF - prefs.js..extensions.enabledAddons: personas%40christopher.beard:1.7.2.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.08.17 15:51:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.08.17 15:51:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.08.17 15:51:50 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.08.17 15:51:51 | 000,000,000 | ---D | M]
[2010.01.07 13:00:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anne\AppData\Roaming\mozilla\Extensions
[2013.08.28 22:19:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anne\AppData\Roaming\mozilla\Firefox\Profiles\ohmgyw61.default\extensions
[2013.04.29 21:45:49 | 000,346,768 | ---- | M] () (No name found) -- C:\Users\Anne\AppData\Roaming\mozilla\firefox\profiles\ohmgyw61.default\extensions\personas@christopher.beard.xpi
[2013.08.17 16:07:11 | 000,580,040 | ---- | M] () (No name found) -- C:\Users\Anne\AppData\Roaming\mozilla\firefox\profiles\ohmgyw61.default\extensions\toolbar@gmx.net.xpi
[2012.12.13 08:09:13 | 000,036,098 | ---- | M] () (No name found) -- C:\Users\Anne\AppData\Roaming\mozilla\firefox\profiles\ohmgyw61.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
[2013.08.02 22:27:41 | 000,824,302 | ---- | M] () (No name found) -- C:\Users\Anne\AppData\Roaming\mozilla\firefox\profiles\ohmgyw61.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.02.23 18:34:31 | 000,002,419 | ---- | M] () -- C:\Users\Anne\AppData\Roaming\mozilla\firefox\profiles\ohmgyw61.default\searchplugins\englische-ergebnisse.xml
[2010.04.15 18:04:01 | 000,002,321 | ---- | M] () -- C:\Users\Anne\AppData\Roaming\mozilla\firefox\profiles\ohmgyw61.default\searchplugins\forestle-de.xml
[2012.02.23 18:34:31 | 000,010,525 | ---- | M] () -- C:\Users\Anne\AppData\Roaming\mozilla\firefox\profiles\ohmgyw61.default\searchplugins\gmx-suche.xml
[2012.02.23 18:34:31 | 000,002,457 | ---- | M] () -- C:\Users\Anne\AppData\Roaming\mozilla\firefox\profiles\ohmgyw61.default\searchplugins\lastminute.xml
[2012.02.23 18:34:31 | 000,005,508 | ---- | M] () -- C:\Users\Anne\AppData\Roaming\mozilla\firefox\profiles\ohmgyw61.default\searchplugins\webde-suche.xml
[2013.08.17 15:51:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.08.17 15:51:51 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.08.17 15:51:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.08.17 15:52:25 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2011.05.04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
========== Chrome ==========
CHR - default_search_provider: Delta Search (Enabled)
CHR - default_search_provider: search_url = hxxp://www.google.com
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: hxxp://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - Extension: Google Docs = C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\
CHR - Extension: Google-Suche = C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Skype Click to Call = C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8312_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
CHR - Extension: NotScripts = C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\odjhifogjcknibkahlpidmdajjpkkcfn\0.9.6_0\
CHR - Extension: Google Mail = C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
O3 - HKU\S-1-5-21-3743465012-4140755817-391456211-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Programme\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [NetworkSaver] C:\Windows\Temp\temp17.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3743465012-4140755817-391456211-1000..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe File not found
O4 - HKU\S-1-5-21-3743465012-4140755817-391456211-1000..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Anne\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Anne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Anne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0558B9D7-C542-47BC-B482-05B6CCAFA780}: DhcpNameServer = 10.74.210.210 10.74.210.211
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3DBEED24-4889-479C-82EC-D972CD7A8EFF}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3DBEED24-4889-479C-82EC-D972CD7A8EFF}: NameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{59F4ACDD-B2C9-4F4E-969D-FD30745D2CD0}: NameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{6634ba3b-17d0-11df-b487-0024be7cea25}\Shell - "" = AutoRun
O33 - MountPoints2\{6634ba3b-17d0-11df-b487-0024be7cea25}\Shell\AutoRun\command - "" = G:\PhotoViewerAP_V6.0.1.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.08.29 11:15:08 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Anne\Desktop\OTL.exe
[2013.08.28 22:32:25 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2013.08.28 22:17:54 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.08.28 22:07:16 | 000,000,000 | ---D | C] -- C:\Users\Anne\AppData\Roaming\IObit
[2013.08.28 21:52:40 | 000,000,000 | ---D | C] -- C:\Users\Anne\AppData\Local\avgchrome
[2013.08.28 21:51:57 | 000,000,000 | ---D | C] -- C:\Users\Anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2013.08.17 15:51:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.08.13 15:06:14 | 000,000,000 | ---D | C] -- C:\Users\Anne\AppData\Local\Nero_AG
[2013.08.13 15:05:43 | 000,016,696 | ---- | C] (Nero AG) -- C:\Windows\SysNative\drivers\NBVolUp.sys
[2013.08.13 15:05:33 | 000,073,016 | ---- | C] (Nero AG) -- C:\Windows\SysNative\drivers\NBVol.sys
[2013.08.13 15:03:40 | 000,000,000 | ---D | C] -- C:\Users\Anne\AppData\Roaming\Nero
[2013.08.13 10:34:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero
[2013.08.13 10:34:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
[2013.08.13 10:34:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero
[2013.08.13 10:34:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2013.08.13 10:25:50 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2013.08.13 10:24:11 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2013.08.13 10:22:27 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2013.08.13 10:21:17 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2013.08.13 10:20:08 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.08.29 11:15:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Anne\Desktop\OTL.exe
[2013.08.29 10:59:30 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.08.29 10:56:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.08.29 10:22:03 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.08.29 09:53:26 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.08.29 09:53:26 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.08.29 09:45:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.08.29 09:45:26 | 3195,293,696 | -HS- | M] () -- C:\hiberfil.sys
[2013.08.28 22:20:50 | 000,375,280 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.08.28 22:19:17 | 000,001,286 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.08.28 22:16:41 | 000,994,642 | ---- | M] () -- C:\Users\Anne\Desktop\adwcleaner3001.exe
[2013.08.28 21:50:54 | 000,773,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr100.dll
[2013.08.28 21:50:54 | 000,420,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp100.dll
[2013.08.20 21:22:58 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.08.20 21:22:58 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.08.13 10:37:02 | 000,002,783 | ---- | M] () -- C:\Users\Public\Desktop\Nero BackItUp 12.lnk
[2013.08.13 10:17:22 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.08.13 10:17:22 | 000,654,400 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.08.13 10:17:22 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.08.13 10:17:22 | 000,130,240 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.08.13 10:17:22 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.08.28 22:16:10 | 000,994,642 | ---- | C] () -- C:\Users\Anne\Desktop\adwcleaner3001.exe
[2013.08.13 10:37:02 | 000,002,783 | ---- | C] () -- C:\Users\Public\Desktop\Nero BackItUp 12.lnk
[2013.08.13 10:17:17 | 005,460,020 | ---- | C] () -- C:\Users\Anne\Desktop\TOSHIBA STOR.E ALU 2S 2.5.pdf
[2012.06.23 21:01:14 | 000,005,120 | ---- | C] () -- C:\Users\Anne\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.02.02 18:24:24 | 000,007,602 | ---- | C] () -- C:\Users\Anne\AppData\Local\Resmon.ResmonCfg
[2011.12.26 21:49:41 | 000,000,320 | ---- | C] () -- C:\ProgramData\~29cuD6dLDGL12Q
[2011.12.26 21:49:41 | 000,000,224 | ---- | C] () -- C:\ProgramData\~29cuD6dLDGL12Qr
[2011.12.26 21:49:36 | 000,000,464 | ---- | C] () -- C:\ProgramData\29cuD6dLDGL12Q
[2011.09.19 15:00:10 | 000,000,236 | ---- | C] () -- C:\ProgramData\{701ACAF9-F102-47c2-8907-36246F4DFB51}
[2011.09.19 15:00:10 | 000,000,164 | ---- | C] () -- C:\ProgramData\{5CAFA1B7-9EEF-4cc7-B9F7-9DDB3DAA679E}
[2009.12.29 19:01:31 | 000,000,221 | ---- | C] () -- C:\ProgramData\MusicStation.xml
[2009.12.29 18:58:41 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Alternate Data Streams ==========
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:C64BF02A
< End of report >
extra.txt Code:
OTL Extras logfile created on: 29.08.2013 11:17:46 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Anne\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,97 Gb Total Physical Memory | 1,99 Gb Available Physical Memory | 50,17% Memory free
7,93 Gb Paging File | 5,75 Gb Available in Paging File | 72,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 456,28 Gb Total Space | 107,76 Gb Free Space | 23,62% Space Free | Partition Type: NTFS
Computer Name: ANNESVAIO | User Name: Anne | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3743465012-4140755817-391456211-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{056D4733-F31F-4ABC-9532-CD5DB93328D1}" = lport=445 | protocol=6 | dir=in | app=system |
"{0C470410-3101-4B70-9C47-5E3C7E9503BA}" = rport=138 | protocol=17 | dir=out | app=system |
"{20A8E117-2398-4C7C-82A8-3B336B838956}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{223558E3-EA84-4840-BC38-471615428296}" = rport=139 | protocol=6 | dir=out | app=system |
"{24269167-DC4F-41A8-8F64-936224F36F26}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{266890F8-6FF9-4FAF-B8C5-67ED8BA6B8D4}" = rport=137 | protocol=17 | dir=out | app=system |
"{2DD98B77-2536-40F8-B13E-6B3B49CE8584}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{37E926E2-ED7C-4C27-931D-38A2A9A4569A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3862CE86-FD38-4ACE-BC95-A5FF26957E2C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3F8B4B32-1EA4-4C4B-8F92-6BACE3F7F83A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{41F46EB4-010C-401E-B460-68F1D7152DB4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{46867E89-DEC3-4F9B-B879-BD9B14E18840}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5B8C5472-9AB3-46D3-933C-5B63647E6D90}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{62FEE365-4D6D-47D0-AC6C-97595C879C09}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{67121D20-E093-4D5B-9C26-8C63A6F3AA7C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{69012150-2ACE-40A8-AC9C-6ACC2279881C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{69F3EF8C-9F56-4E7E-A9CD-216796491B56}" = rport=445 | protocol=6 | dir=out | app=system |
"{8E91AA17-FCD8-4131-A825-1530FD499E0C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9204361B-485F-464F-87A0-2EC28EE58E64}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A0BDF778-1164-4B98-AC98-91CAE75AFEA1}" = rport=10243 | protocol=6 | dir=out | app=system |
"{A199EA9E-5420-4749-B50F-14DDF53CE9F1}" = lport=139 | protocol=6 | dir=in | app=system |
"{A4FBCE2E-65C0-4F41-BC8C-3C7345EBAFFE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B35424F4-EEA4-4941-862C-E1AC2EE11C85}" = lport=137 | protocol=17 | dir=in | app=system |
"{BA1B29EA-ABF8-4249-8FFC-6B1060B54AD3}" = lport=138 | protocol=17 | dir=in | app=system |
"{BA86355F-4497-488A-91FE-607C3AE076B8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C0341D5B-F557-401F-ABF8-E453CC6C502D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C0E2EEF1-8A72-4370-9EA4-4648E09516B1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D5B3D39D-C889-4778-B70C-48B7D44E72CB}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{DD370D12-A8D3-4CB7-9CEE-C9ADB84C24BA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0793897B-B6FD-40C0-BBAC-29040C6D710C}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{0E88E3B3-B683-4913-B6CC-F92AC2E16EC3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0E97190A-FC71-4283-BD2D-B70369552502}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{11C58106-2017-4A9D-88E4-BEB83CB92C57}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{15991D85-7F0D-4BFB-9F15-11A747815AA7}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{180D00A0-9DFA-4BD2-9DD3-07978C32DAAC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3515E6CF-DCB1-44FE-9444-99889964F277}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe |
"{3AAA63CA-D8F1-4B78-8C05-5B6353300FB6}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5033D18D-A649-498D-8081-3CE9C69DD333}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5E0CCA78-7C6E-4C40-A45E-847EAC7DA57D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{6833CA71-BD33-4AC1-B9B1-EE1F4DC764C4}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\devicesetup.exe |
"{6B244726-53B4-4F0F-8074-924B87612083}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{73ACCE24-EFC8-4C12-B12B-DE703C12B03D}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{766F90BF-3277-439C-824F-51D6301F56BD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{78C15B88-4B9F-4514-A28A-EC5FB571E648}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{78D3D642-350E-47E2-994B-3FA3EF22F05E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7AD6E0B3-AC06-448E-8856-C714A5C6F300}" = protocol=6 | dir=out | app=system |
"{82E029FD-D1EA-44CD-A5C3-C14AC69FC9BE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{867961BB-C1F6-421C-8FE9-D199778387FE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8B232873-6186-4B29-9FD1-3E82ABA31B08}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{91792B82-49AB-4CA6-A5C6-837718F276B1}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{99EB2242-2C08-4327-9C96-52869BF20204}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9F606A2E-B3E9-4B77-BEA0-83DAE7FAABA4}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{A2DC84B1-9BCC-42A6-8E55-A08FBA92555D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{AC0725A4-A849-4C19-9CD2-A32E48452F49}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\devicesetup.exe |
"{B6EACC12-E34B-41EA-A380-5E4AD8F22C9E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C299C57F-D321-475F-871F-88005993B787}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C69F5954-5464-4625-8BE3-21E317CFEAF5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{DED22738-3646-462C-8B3A-81E7E87AE317}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{E1DE8344-9D33-481B-BA28-D9AB4D43B266}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{E9F1C653-079F-4B1B-BFD3-D55269D532FF}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EC1F8144-F5B7-4834-8C27-7CC8B24E4F0A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FE776B24-22B4-4307-BE60-BFF089CC138C}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe |
"TCP Query User{4B41B4D7-1E29-4635-B154-A2CD08546BD5}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{A6467214-DC3A-47AF-87E8-BDF0EBF1B1E9}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{3030F5A2-FE27-4306-90AE-C11F75E21FC4}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{678D4BB4-0045-44AD-B388-36CF98154174}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86416014FF}" = Java(TM) 6 Update 14 (64-bit)
"{3232F3D4-8348-4FC7-BD26-F60E89837C97}" = Studie zur Verbesserung von HP Deskjet 3050 J610 series Produkten
"{41BC9E31-0D39-462E-8E4C-767B21A3B1C3}" = MobileMe Control Panel
"{4E863B34-E4A3-40E0-B6F1-35CF372A3CFF}" = HP Deskjet 3050 J610 series - Grundlegende Software für das Gerät
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AA7EE74-114A-FFFF-B1D2-AED4707763C9}" = ccc-utility64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{A4BC24CB-F8C7-27FB-41D5-47A405031A41}" = ATI Catalyst Install Manager
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{D0CB24F4-084F-40DE-B6B9-A03626E682F0}" = iCloud
"{D600D357-5CB9-4DE9-8FD4-14E208BD1970}" = Nero Backup Drivers
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{D954C6C2-544B-4091-A47F-11E77162883E}" = Microsoft Security Client
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F83779DF-E1F5-43A2-A7BE-732F856FADB7}" = Microsoft SQL Server Compact 3.5 SP1 x64 English
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0271C003-CED0-2354-818F-A872734088B1}" = CCC Help Dutch
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{0A5F02E5-1A52-4F85-892C-A35227641C75}" = VAIO Content Metadata Intelligent Analyzing Manager
"{0A860E7C-AB8E-455A-9A0A-96379D8DB3E8}}_is1" = FOTOParadies
"{0B311221-05A5-4766-8D03-7A6446794156}" = Nero RescueAgent Help (CHM)
"{0E3368AC-FB29-4C5E-938E-FA11C12D035E}" = Nero BackItUp 12 Essentials
"{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1949A6CF-6D0C-4305-A5DB-8D9A5E1B4A90}" = ChessBase 10
"{1E40FED6-E0D6-0AA2-BA08-75B6C1E2D02F}" = CCC Help Swedish
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{1FE69600-3A33-FFFF-C488-F3E40DBC2F68}" = CCC Help Czech
"{2018C019-30D9-4240-8C01-0865C10DCF5A}" = Unterstützung für VAIO-Präsentation
"{20ACB2F8-3BCA-45A8-80A2-9D3CB5C25F43}" = Safari
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = Einstellungen für VAIO-Inhaltsüberwachung
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 26
"{2BD2FA21-B51D-4F01-94A7-AC16737B2163}" = Adobe Flash Player 10 ActiveX
"{2BE51320-174A-44EC-8041-50E35E091283}" = VAIO Content Metadata Intelligent Analyzing Manager
"{2FC5CB84-9110-DE89-379B-34E87AB8BDC1}" = CCC Help Italian
"{3662480D-028D-BE4E-DEC1-775818519CC2}" = CCC Help Norwegian
"{3AAB08A3-F129-4BD5-B409-AE674F93759D}" = Prerequisite installer
"{3B1168DE-1F8C-471C-AC49-0CA52F096170}" = VAIO Content Metadata Intelligent Network Service Manager
"{3BA4FBA3-35EE-3E3B-62D8-606AF0722950}" = ccc-core-static
"{48E29469-216B-1AE3-B156-A2DAA48E709E}" = Catalyst Control Center InstallProxy
"{48E91AD2-2A80-4E70-98E6-450A189F6048}" = VAIO Movie Story
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D029068-CE21-848B-5654-1409E47507BB}" = CCC Help Chinese Traditional
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{4E7FD54B-D551-70C1-CEE7-88FD59BE8063}" = CCC Help English
"{51BEF30C-58E4-490F-BA40-A2F12AB8B5F9}" = VAIO Content Metadata Manager Settings
"{51CFD8DC-5C66-42ec-9598-72E28FD62ED5}" = MusicStation
"{52AF7D37-EECF-535F-5226-E0DD16543CD1}" = CCC Help Thai
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ
"{54108D57-A606-774B-BA31-6C9363B0B33A}" = Catalyst Control Center Graphics Light
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{575E77D1-29E9-28EC-7D28-F5ABAB72C270}" = Catalyst Control Center Graphics Full Existing
"{57AABF73-E17F-4212-A103-13A9794F0869}" = VAIO Content Metadata XML Interface Library
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F2D882B-A663-4EB5-9851-48CC6C75FD2D}" = VAIO Content Metadata Intelligent Network Service Manager
"{5F5867F0-2D23-4338-A206-01A76C823924}" = VAIO Energie Verwaltung
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{6529B443-1BD5-D7D3-7DAF-D6AD2C98C38A}" = CCC Help Finnish
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{73330752-80F1-65AE-721D-8AA10AEFF99B}" = CCC Help Turkish
"{7395DD51-0D1A-47A7-9993-742073ECF4CE}" = VAIO Content Metadata Manager Settings
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A512C74-7780-43A1-93DA-29C23D0DF374}" = VAIO Content Metadata XML Interface Library
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2
"{7E1D9B1F-A5AE-737C-E0BC-96C42D19E2CC}" = CCC Help Russian
"{7E8DE539-B044-48B3-BC76-4F0A089ABE2F}" = VAIO Content Metadata Intelligent Analyzing Manager
"{876172CF-1095-181F-B037-6A713235417F}" = Catalyst Control Center Graphics Previews Vista
"{8AFAF619-1FD7-71BD-26F1-8EED9C1C8A8D}" = Catalyst Control Center Graphics Previews Common
"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus
"{8EE47674-9AD3-B099-C6E4-7FB9F0D14D38}" = CCC Help Spanish
"{8F47B673-8D71-49E3-98B6-BCF547C82F57}" = Click to Disc
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie
"{931FE23C-BB40-4C7A-A594-DB35908D8E83}" = VAIO Quick Web Access
"{949419DF-F4AF-4693-B60A-522B24F233C6}" = VAIO Content Metadata XML Interface Library
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}" = Google Earth
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" =
"{9B00435C-61FA-BB7F-4B7A-98FCC4881C3F}" = CCC Help French
"{9D179733-28AD-DF80-B74A-5A0F9FD4E332}" = CCC Help Japanese
"{9D912275-85FD-45F6-9AF3-388A0F8AADB2}" = VAIO Content Metadata Intelligent Network Service Manager
"{9E39EA0D-38CD-4739-9E28-DEA4A1155522}" = Sony Home Network Library
"{9EAC0E21-510E-4259-A9C6-F5D5B8969036}" = Catalyst Control Center - Branding
"{A1432157-D6B5-BD3C-42C8-E54BEED3EB0E}" = CCC Help Korean
"{A568DFBD-4A04-484E-86BB-165AA6C53E2B}" = VAIO Content Monitoring Settings
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Funktion Einstellungen
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA56BFBE-E1D1-435D-A805-52A7F788D057}_is1" = CLICK & LEARN DiDi 360° 3.1
"{AB30697D-E02D-2FD7-2EF4-E60887B4B22E}" = CCC Help Chinese Standard
"{ABC88553-8770-4B97-B43E-5A90647A5B63}" = Nero ControlCenter
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.1 - Deutsch
"{ACE78B09-BD0C-E6A4-1250-2482B5A126B8}" = Catalyst Control Center Graphics Full New
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story
"{B2A7278B-6D98-8640-760B-3D34485D1AD6}" = CCC Help Portuguese
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B953732D-B623-4E84-B369-CFFF7B1AE06F}" = Nero RescueAgent
"{BBA68DFD-AA0F-2CD0-932A-17442B41A350}" = CCC Help Danish
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{C994C746-C6D0-4EBA-B09E-DF7B18381B69}" = Nero ControlCenter Help (CHM)
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Music Transfer
"{CF652E2D-6128-49E9-833E-F131C4FC42CA}" = ChessBase 10
"{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}" = Sony Home Network Library
"{D322A9E3-758B-4D60-A7C4-65C88FD378D0}" = Bing Bar
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D8AE7D4E-BA8B-4F7B-BF50-8D2F090034F0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{DA2D3078-A58C-45E8-8EE0-18B8BE6B34F7}" = Nero BackItUp
"{DABF43D9-1104-4764-927B-5BED1274A3B0}" = Runtime
"{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3
"{E23CBEC5-533E-054A-4109-95751B7C3A81}" = CCC Help German
"{E4724E9E-D338-4D86-B9F9-810F825DCDAF}" = Houdini 3 Pro
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{EF0D1292-8FC1-41BE-9740-DBC134F66415}" = Nero BackItUp Help (CHM)
"{F0A034FE-0951-EF71-145E-F0DF36F5A203}" = Catalyst Control Center Core Implementation
"{F0F05BDF-4AE4-096C-C8E9-4B4DAD2DE13D}" = CCC Help Polish
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1432614-6183-49E6-98E8-674485463CFE}" = VAIO Original Function Settings
"{F1D2C6EA-3382-440C-BBEC-8A2B18CAB1DF}" = Registry Optimierer 2.0
"{F3C91479-BDAC-4B42-0B7B-54D37EB63A12}" = CCC Help Hungarian
"{F52EE3CE-A6B2-63E2-9445-EC92EEC1FB90}" = Catalyst Control Center Localization All
"{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}" = HP Deskjet 3050 J610 series Hilfe
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" =
"{FBBF5D9C-1989-4933-AE4E-19EE368385B4}" = VAIO Entertainment Platform
"{FC55ADF1-53B6-269F-92F7-413AB697EE48}" = CCC Help Greek
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"DivX Setup.divx.com" = DivX-Setup
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.33
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Photo Creations" = HP Photo Creations
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.5.0 (Full)
"MarketingTools" = VAIO Marketing Tools
"MFU Module" =
"Mozilla Firefox 23.0.1 (x86 de)" = Mozilla Firefox 23.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PokerStars" = PokerStars
"splashtop" = VAIO Quick Web Access
"Uninstall_is1" = Uninstall 1.0.0.1
"VAIO Help and Support" =
"VAIO NW screensaver" = VAIO NW screensaver
"VAIO Premium Partners 1.00" = VAIO Premium Partners 1.00
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3743465012-4140755817-391456211-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 23.08.2013 09:50:26 | Computer Name = AnnesVAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
(Fehlercode = 0x80042019)
Error - 26.08.2013 14:13:00 | Computer Name = AnnesVAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
(Fehlercode = 0x80042019)
Error - 26.08.2013 14:22:01 | Computer Name = AnnesVAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
(Fehlercode = 0x80042019)
Error - 26.08.2013 14:31:39 | Computer Name = AnnesVAIO | Source = Windows Backup | ID = 4103
Description =
Error - 27.08.2013 14:43:48 | Computer Name = AnnesVAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
(Fehlercode = 0x80042019)
Error - 28.08.2013 11:16:50 | Computer Name = AnnesVAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
(Fehlercode = 0x80042019)
Error - 28.08.2013 16:01:13 | Computer Name = AnnesVAIO | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: uninstall.exe_unknown, Version: 2.6.1562.220,
Zeitstempel: 0x520a4587 Name des fehlerhaften Moduls: uninstall.exe, Version: 2.6.1562.220,
Zeitstempel: 0x520a4587 Ausnahmecode: 0x40000015 Fehleroffset: 0x000f2570 ID des fehlerhaften
Prozesses: 0x15bc Startzeit der fehlerhaften Anwendung: 0x01cea42957ab9838 Pfad der
fehlerhaften Anwendung: C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe
Pfad
des fehlerhaften Moduls: C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe
Berichtskennung:
96971b7d-101c-11e3-9563-8a89db0b329a
Error - 28.08.2013 16:01:52 | Computer Name = AnnesVAIO | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: uninstall.exe_unknown, Version: 2.6.1562.220,
Zeitstempel: 0x520a4587 Name des fehlerhaften Moduls: uninstall.exe, Version: 2.6.1562.220,
Zeitstempel: 0x520a4587 Ausnahmecode: 0x40000015 Fehleroffset: 0x000f2570 ID des fehlerhaften
Prozesses: 0x1798 Startzeit der fehlerhaften Anwendung: 0x01cea429701db92a Pfad der
fehlerhaften Anwendung: C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe
Pfad
des fehlerhaften Moduls: C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe
Berichtskennung:
add1682b-101c-11e3-9563-8a89db0b329a
Error - 28.08.2013 16:21:14 | Computer Name = AnnesVAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
(Fehlercode = 0x80042019)
Error - 29.08.2013 03:46:00 | Computer Name = AnnesVAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
(Fehlercode = 0x80042019)
[ Media Center Events ]
Error - 11.02.2010 08:52:37 | Computer Name = AnnesVAIO | Source = MCUpdate | ID = 0
Description = 13:52:16 - MCESpotlight konnte nicht abgerufen werden (Fehler: Die
Verbindung mit dem Remoteserver kann nicht hergestellt werden.)
Error - 11.02.2010 08:53:20 | Computer Name = AnnesVAIO | Source = MCUpdate | ID = 0
Description = 13:52:58 - MCEClientUX konnte nicht abgerufen werden (Fehler: Die
Verbindung mit dem Remoteserver kann nicht hergestellt werden.)
Error - 11.02.2010 08:53:41 | Computer Name = AnnesVAIO | Source = MCUpdate | ID = 0
Description = 13:53:41 - Broadband konnte nicht abgerufen werden (Fehler: Die Verbindung
mit dem Remoteserver kann nicht hergestellt werden.)
Error - 16.02.2010 04:29:50 | Computer Name = AnnesVAIO | Source = MCUpdate | ID = 0
Description = 09:29:50 - Directory konnte nicht abgerufen werden (Fehler: Die Verbindung
mit dem Remoteserver kann nicht hergestellt werden.)
Error - 16.02.2010 04:30:54 | Computer Name = AnnesVAIO | Source = MCUpdate | ID = 0
Description = 09:30:33 - MCESpotlight konnte nicht abgerufen werden (Fehler: Die
Verbindung mit dem Remoteserver kann nicht hergestellt werden.)
Error - 16.02.2010 04:31:36 | Computer Name = AnnesVAIO | Source = MCUpdate | ID = 0
Description = 09:31:15 - MCEClientUX konnte nicht abgerufen werden (Fehler: Die
Verbindung mit dem Remoteserver kann nicht hergestellt werden.)
Error - 16.02.2010 04:31:57 | Computer Name = AnnesVAIO | Source = MCUpdate | ID = 0
Description = 09:31:57 - Broadband konnte nicht abgerufen werden (Fehler: Die Verbindung
mit dem Remoteserver kann nicht hergestellt werden.)
Error - 17.02.2010 06:00:56 | Computer Name = AnnesVAIO | Source = MCUpdate | ID = 0
Description = 11:00:56 - Directory konnte nicht abgerufen werden (Fehler: Die Verbindung
mit dem Remoteserver kann nicht hergestellt werden.)
Error - 17.02.2010 06:02:00 | Computer Name = AnnesVAIO | Source = MCUpdate | ID = 0
Description = 11:01:39 - MCEClientUX konnte nicht abgerufen werden (Fehler: Die
Verbindung mit dem Remoteserver kann nicht hergestellt werden.)
Error - 17.02.2010 06:02:28 | Computer Name = AnnesVAIO | Source = MCUpdate | ID = 0
Description = 11:02:21 - Broadband konnte nicht abgerufen werden (Fehler: Die Verbindung
mit dem Remoteserver kann nicht hergestellt werden.)
[ OSession Events ]
Error - 03.02.2010 10:44:44 | Computer Name = AnnesVAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2693
seconds with 660 seconds of active time. This session ended with a crash.
Error - 06.03.2011 18:49:03 | Computer Name = AnnesVAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4155
seconds with 4020 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 29.08.2013 03:45:52 | Computer Name = AnnesVAIO | Source = Service Control Manager | ID = 7003
Description = Der Dienst "IKE- und AuthIP IPsec-Schlüsselerstellungsmodule" ist
von folgendem Dienst abhängig: BFE. Dieser Dienst ist eventuell nicht installiert.
Error - 29.08.2013 03:45:52 | Computer Name = AnnesVAIO | Source = Service Control Manager | ID = 7003
Description = Der Dienst "IPsec-Richtlinien-Agent" ist von folgendem Dienst abhängig:
BFE. Dieser Dienst ist eventuell nicht installiert.
Error - 29.08.2013 03:45:52 | Computer Name = AnnesVAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Roxio Upnp Server 10 erreicht.
Error - 29.08.2013 04:05:49 | Computer Name = AnnesVAIO | Source = Microsoft Antimalware | ID = 2001
Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt.
Neue
Signaturversion: Vorherige Signaturversion: 11.159.0.0 Aktualisierungsquelle: %%815
Aktualisierungsphase:
%%854 Quellpfad: Signaturtyp: %%886 Aktualisierungstyp: %%803 Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle
Modulversion: Vorherige Modulversion: 2.0.8001.0 Fehlercode: 0x8007042c Fehlerbeschreibung:
Der Abhängigkeitsdienst oder die Abhängigkeitsgruppe konnte nicht gestartet werden.
Error - 29.08.2013 04:05:49 | Computer Name = AnnesVAIO | Source = Microsoft Antimalware | ID = 2003
Description = Beim Aktualisieren des Moduls wurde von %%860 ein Fehler festgestellt.
Neue
Modulversion: Vorherige Modulversion: 2.0.8001.0 Modultyp: %%886 Benutzer: NT-AUTORITÄT\SYSTEM
Fehlercode:
0x8007042c Fehlerbeschreibung: Der Abhängigkeitsdienst oder die Abhängigkeitsgruppe
konnte nicht gestartet werden.
Error - 29.08.2013 04:05:49 | Computer Name = AnnesVAIO | Source = Service Control Manager | ID = 7003
Description = Der Dienst "Microsoft Network Inspection System" ist von folgendem
Dienst abhängig: BFE. Dieser Dienst ist eventuell nicht installiert.
Error - 29.08.2013 04:05:49 | Computer Name = AnnesVAIO | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Microsoft-Netzwerkinspektion" ist vom Dienst "Microsoft
Network Inspection System" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%1075
Error - 29.08.2013 04:06:04 | Computer Name = AnnesVAIO | Source = Microsoft Antimalware | ID = 2001
Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt.
Neue
Signaturversion: Vorherige Signaturversion: 1.157.676.0 Aktualisierungsquelle: %%859
Aktualisierungsphase:
%%854 Quellpfad: hxxp://www.microsoft.com Signaturtyp: %%800 Aktualisierungstyp: %%803
Benutzer:
NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: Vorherige Modulversion: 1.1.9800.0 Fehlercode:
0x80070643 Fehlerbeschreibung: Schwerwiegender Fehler bei der Installation.
Error - 29.08.2013 04:06:11 | Computer Name = AnnesVAIO | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x80070643 fehlgeschlagen: Definitionsupdate für Microsoft Security Essentials
– KB2310138 (Definition 1.157.676.0)
Error - 29.08.2013 04:59:33 | Computer Name = AnnesVAIO | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem
Fehler beendet: %%-2147023143.
< End of report >
Über Hilfe würde ich mich sehr freuen. Vielen Dank bereits im vorraus. |
Malwarebytes Anti-Malware 
FRST 32-Bit | FRST 64-Bit
SecurityCheck und:
