| Dr.Dietz | 09.08.2012 09:56 |
Firewall lässt sich nicht einschalten / keinerlei Netzwerkzugriff
Hallo
so langsam komm ich mit meinem Latein ans Ende...
BS: Windows 7 Pro 64bit
Fehler: Bekomme seit 3 Tagen keinerlei Zugriff auf das Netzwerk/ die Netzwerkdienste, WLAN Netze werden zwar angezeigt aber mit dem Zusatz "Eingeschränkter Zugriff"
mit dem Iphone Netzwerk(Hotspot) lässt sich der PC auch nich verbinden --> kurzum keinerlei Internet verfügbar und die Firewall von MS ist ausgeschaltet und lässt sich nicht mehr einschalten, weder automatisch noch manuell...
Virenschutz: AntiVir Premium
Firewall: Microsoft (wenn sie denn gehen würde)
Drüber laufen hab ich lassen den AntiVir Premium sowie EmsiSoft Antimalware und den Msert Schadsoftware Scanner von Microsoft sowie zu guter Letzt den S&D Spybot und HiJackThis....
Folgender Eintrag wird von HJT noch als schädlich eingestuft:
O10 - Broken Internet access because of LSP provider 'd:\programme\vsocklib.dll' missing
Das LSPFix läuft net wirklich und habe auch sonst die Meldung nicht wegbekommen...
Anbei noch die Scanauswertung mit ODT:OTL Logfile: Code:
OTL logfile created on: 09.08.2012 11:04:43 - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\AstaLaVista\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8,00 Gb Total Physical Memory | 6,24 Gb Available Physical Memory | 78,01% Memory free
15,99 Gb Paging File | 13,46 Gb Available in Paging File | 84,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 189,19 Gb Total Space | 118,93 Gb Free Space | 62,87% Space Free | Partition Type: NTFS
Drive D: | 52,92 Gb Total Space | 19,17 Gb Free Space | 36,24% Space Free | Partition Type: NTFS
Drive E: | 21,61 Gb Total Space | 6,14 Gb Free Space | 28,41% Space Free | Partition Type: NTFS
Drive F: | 2,97 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive G: | 5,30 Gb Total Space | 0,90 Gb Free Space | 17,07% Space Free | Partition Type: NTFS
Drive H: | 15,03 Gb Total Space | 3,31 Gb Free Space | 22,03% Space Free | Partition Type: FAT32
Drive M: | 141,19 Gb Total Space | 38,24 Gb Free Space | 27,09% Space Free | Partition Type: FAT32
Computer Name: ASTALAVISTA-PC | User Name: AstaLaVista | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.08.09 10:36:56 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\AstaLaVista\Desktop\OTL.exe
PRC - [2012.05.14 14:18:25 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
PRC - [2012.05.14 14:18:25 | 000,375,760 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
PRC - [2012.05.14 14:18:25 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.14 14:18:25 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.14 14:18:25 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.12 14:39:58 | 003,065,120 | ---- | M] (Emsisoft GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
PRC - [2012.03.01 02:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.02.29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.02.01 09:11:34 | 001,083,264 | ---- | M] (Nokia) -- C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
PRC - [2012.01.04 13:32:36 | 000,718,888 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PRC - [2012.01.04 13:32:06 | 000,148,520 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.05.25 22:54:38 | 000,136,616 | ---- | M] () -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
PRC - [2010.11.05 10:28:14 | 000,083,248 | ---- | M] (iAnywhere Solutions, Inc.) -- C:\Program Files (x86)\Sybase\SQL Anywhere 9\win32\dbsrv9.exe
PRC - [2010.10.19 15:38:54 | 000,465,536 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
PRC - [2010.09.21 03:41:38 | 000,334,384 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe
PRC - [2010.09.21 03:41:34 | 000,404,016 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe
PRC - [2010.09.21 02:42:44 | 000,539,184 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
PRC - [2010.03.10 11:17:10 | 000,358,448 | ---- | M] (National Instruments Corporation) -- C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
PRC - [2010.03.10 11:17:04 | 000,053,808 | ---- | M] (National Instruments Corporation) -- C:\Windows\SysWOW64\lktsrv.exe
PRC - [2010.03.10 11:17:02 | 000,043,056 | ---- | M] (National Instruments Corporation) -- C:\Windows\SysWOW64\lkads.exe
PRC - [2010.03.08 09:27:49 | 000,041,800 | ---- | M] (AOL Inc.) -- C:\Program Files (x86)\Common Files\aol\1286106206\ee\aolsoftware.exe
PRC - [2009.12.09 22:12:50 | 001,118,208 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files (x86)\SITECOM\300N USB Wireless LAN Utility\RtWlan.exe
PRC - [2009.12.07 13:49:24 | 000,040,960 | ---- | M] (Realtek) -- C:\Program Files (x86)\SITECOM\300N USB Wireless LAN Utility\RtlService.exe
PRC - [2009.10.20 11:00:22 | 000,013,896 | ---- | M] (National Instruments Corporation) -- C:\Windows\SysWOW64\nisvcloc.exe
PRC - [2009.09.29 13:56:52 | 000,695,136 | ---- | M] (National Instruments, Inc.) -- C:\Windows\SysWOW64\lkcitdl.exe
PRC - [2009.01.26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
========== Modules (No Company Name) ==========
MOD - [2012.02.01 09:12:34 | 000,423,808 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll
MOD - [2012.02.01 09:12:32 | 000,058,240 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll
MOD - [2012.02.01 09:12:30 | 000,272,768 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll
MOD - [2012.02.01 09:12:30 | 000,095,104 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\qjson.dll
MOD - [2012.02.01 09:12:14 | 000,384,896 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QxtCore.dll
MOD - [2012.02.01 09:12:14 | 000,165,248 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QxtWeb.dll
MOD - [2012.02.01 09:12:12 | 010,843,520 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll
MOD - [2012.02.01 09:12:12 | 002,557,312 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll
MOD - [2012.02.01 09:12:12 | 000,346,496 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll
MOD - [2012.02.01 09:12:08 | 001,294,208 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll
MOD - [2012.02.01 09:12:08 | 000,196,480 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll
MOD - [2012.02.01 09:12:06 | 000,919,936 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll
MOD - [2012.02.01 09:12:06 | 000,682,880 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll
MOD - [2012.02.01 09:12:06 | 000,517,504 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll
MOD - [2012.02.01 09:12:04 | 008,172,928 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll
MOD - [2012.02.01 09:12:04 | 002,252,672 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll
MOD - [2012.02.01 09:12:02 | 002,288,512 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll
MOD - [2012.02.01 09:12:00 | 000,422,272 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
MOD - [2012.02.01 09:11:56 | 000,202,624 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qjpeg4.dll
MOD - [2012.02.01 09:11:56 | 000,034,688 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qico4.dll
MOD - [2012.02.01 09:11:54 | 000,032,640 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qgif4.dll
MOD - [2012.02.01 09:11:36 | 000,388,480 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\OviShareLib.dll
MOD - [2012.02.01 09:11:28 | 000,437,632 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll
MOD - [2012.02.01 09:11:18 | 001,037,696 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\Maps Service API.dll
MOD - [2012.02.01 09:10:52 | 000,758,656 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll
MOD - [2012.01.05 15:19:12 | 000,112,640 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\mediaservice\dsengine.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011.12.14 13:23:22 | 000,035,648 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.08.05 01:23:18 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.05.14 14:18:25 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2012.05.14 14:18:25 | 000,375,760 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2012.05.14 14:18:25 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.05.14 14:18:25 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.12 14:39:58 | 003,065,120 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2012.03.01 02:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.02.29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.01.04 13:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.12.14 13:23:34 | 002,123,584 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011.12.14 13:23:22 | 000,028,992 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011.05.25 22:54:38 | 000,136,616 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe -- (AODService)
SRV - [2010.11.05 10:28:14 | 000,083,248 | ---- | M] (iAnywhere Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Sybase\SQL Anywhere 9\win32\dbsrv9.exe -- (Lexware_Datenbank_Plus)
SRV - [2010.09.21 03:41:38 | 000,334,384 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2010.09.21 03:41:34 | 000,404,016 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2010.09.21 02:42:44 | 000,539,184 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService)
SRV - [2010.05.17 19:18:44 | 001,007,616 | ---- | M] (Macrovision Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe -- (NILM License Manager)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.10 11:17:10 | 000,358,448 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe -- (NIDomainService)
SRV - [2010.03.10 11:17:04 | 000,053,808 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Windows\SysWOW64\lktsrv.exe -- (lkTimeSync)
SRV - [2010.03.10 11:17:02 | 000,043,056 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Windows\SysWOW64\lkads.exe -- (lkClassAds)
SRV - [2009.12.07 13:49:24 | 000,040,960 | ---- | M] (Realtek) [Auto | Running] -- C:\Program Files (x86)\SITECOM\300N USB Wireless LAN Utility\RtlService.exe -- (Realtek11nSU)
SRV - [2009.10.20 11:00:22 | 000,013,896 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Windows\SysWOW64\nisvcloc.exe -- (niSvcLoc)
SRV - [2009.09.29 13:56:52 | 000,695,136 | ---- | M] (National Instruments, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\lkcitdl.exe -- (LkCitadelServer)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007.12.17 04:00:00 | 000,163,840 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE -- (EPSON_EB_RPCV4_01)
SRV - [2007.01.11 04:02:00 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01)
SRV - [2006.10.23 14:50:35 | 000,046,640 | R--- | M] (AOL LLC) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.05.14 14:18:25 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.05.14 14:18:25 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.12.15 16:00:00 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.11.03 11:10:42 | 000,395,752 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011.11.03 11:10:42 | 000,130,536 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011.11.01 10:07:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2011.11.01 10:07:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2011.11.01 10:07:24 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011.11.01 10:07:24 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2011.08.02 18:38:44 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2011.08.01 16:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2011.03.18 13:46:20 | 000,074,376 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2011.03.18 13:46:06 | 000,085,384 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.10.20 20:05:18 | 000,014,592 | ---- | M] (ASUSTek Computer Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AiCharger.sys -- (AiCharger)
DRV:64bit: - [2010.09.21 03:43:06 | 000,068,656 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
DRV:64bit: - [2010.09.21 03:43:00 | 000,080,944 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:64bit: - [2010.09.21 03:41:08 | 000,031,792 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd)
DRV:64bit: - [2010.09.21 03:40:56 | 000,030,256 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2010.09.21 02:42:38 | 000,038,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2010.09.21 00:18:14 | 000,045,104 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2010.09.21 00:18:14 | 000,037,680 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmusb.sys -- (vmusb)
DRV:64bit: - [2010.09.21 00:18:14 | 000,020,016 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2010.09.07 08:27:24 | 000,038,912 | R--- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PcaSp60.sys -- (PcaSp60)
DRV:64bit: - [2010.03.09 12:09:32 | 000,676,864 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192su.sys -- (RTL8192su)
DRV:64bit: - [2010.01.14 14:27:46 | 000,032,544 | R--- | M] (Realtek ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2010.01.14 14:27:30 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT)
DRV:64bit: - [2010.01.14 14:27:18 | 000,029,472 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (RTVLANPT)
DRV:64bit: - [2009.08.24 00:55:32 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2009.07.16 05:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.02.17 19:11:25 | 000,031,400 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2008.08.28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2007.02.16 02:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV:64bit: - [2006.11.30 00:24:49 | 000,024,064 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wanatw64.sys -- (wanatw)
DRV - [2012.03.25 21:21:09 | 000,063,880 | ---- | M] (Emsi Software GmbH) [File_System | On_Demand | Stopped] -- C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys -- (a2acc)
DRV - [2012.03.25 21:21:06 | 000,041,728 | ---- | M] (Emsi Software GmbH) [File_System | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys -- (a2injectiondriver)
DRV - [2011.11.08 22:25:24 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2011.05.25 22:52:56 | 000,055,424 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys -- (AODDriver4.01)
DRV - [2011.05.19 14:10:34 | 000,023,208 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys -- (A2DDA)
DRV - [2010.09.07 08:27:24 | 000,038,912 | R--- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\PcaSp60.sys -- (PcaSp60)
DRV - [2010.05.05 09:40:54 | 000,014,720 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys -- (a2util)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2007.02.16 02:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys -- (ElbyCDFL)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 30 54 B1 1A D7 3C CC 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=19948&mntrId=6483418f000000000000000cf689a74ba74b
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searcerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{7B5057B6-7C53-49CE-B86D-B948E4930454}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;*.local
========== FireFox ==========
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_270.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: D:\Picasa3\npPicasa3.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fe_3.6@nokia.com: C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_3.6 [2012.04.17 21:39:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.03.15 23:01:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.07.16 10:07:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_9.0@nokia.com: C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012.04.17 21:39:31 | 000,000,000 | ---D | M]
[2012.07.22 16:00:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\AstaLaVista\AppData\Roaming\mozilla\Extensions
[2012.07.22 16:00:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\AstaLaVista\AppData\Roaming\mozilla\Extensions\ideskbrowser@haufe.de
[2012.08.07 12:58:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\AstaLaVista\AppData\Roaming\mozilla\Firefox\Profiles\i5dygax2.default\extensions
[2011.07.26 13:30:48 | 000,000,000 | ---D | M] (Aardvark) -- C:\Users\AstaLaVista\AppData\Roaming\mozilla\Firefox\Profiles\i5dygax2.default\extensions\aardvark@rob.brown
[2012.08.07 12:58:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.06.01 12:19:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.06.05 09:48:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.07.17 09:41:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2012.07.16 10:07:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2008.12.10 15:49:34 | 000,023,040 | ---- | M] (National Instruments) -- C:\Program Files (x86)\mozilla firefox\plugins\nplv86win32.dll
[2010.10.19 19:15:20 | 000,025,088 | ---- | M] (National Instruments) -- C:\Program Files (x86)\mozilla firefox\plugins\nplv90win32.dll
[2011.12.14 19:07:43 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.07.20 16:09:25 | 000,002,291 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2011.12.14 19:07:43 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.12.14 19:07:43 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.12.14 19:07:43 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.12.14 19:07:43 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - No CLSID value found.
O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUS Ai Charger] C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [HostManager] C:\Program Files (x86)\Common Files\AOL\1286106206\ee\AOLSoftware.exe (AOL Inc.)
O4 - HKLM..\Run: [NI Background Service] C:\Program Files (x86)\National Instruments\Shared\Update Service\niupdate.exe (National Instruments)
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - Startup: C:\Users\AstaLaVista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - DD:\Programme\x64\vsocklib.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000016 - DD:\Programme\x64\vsocklib.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000017 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3C673113-BB8E-4CF5-9F28-2F0DD534FC88}: DhcpNameServer = 192.168.1.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7B51B878-A5A1-4291-B0E5-15445FF1C9E5}: DhcpNameServer = 10.74.210.210 10.74.210.211
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A9BF99A1-D919-42FA-B5F7-93C6180B8D1B}: DhcpNameServer = 192.168.1.1 192.168.2.1
O18:64bit: - Protocol\Handler\haufereader - No CLSID value found
O18 - Protocol\Handler\haufereader - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.07.15 21:39:51 | 000,000,122 | R--- | M] () - F:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2010.10.26 21:34:30 | 000,001,813 | ---- | M] () - G:\Automation License Manager.lnk -- [ NTFS ]
O32 - Unable to obtain root file information for disk H:\
O32 - AutoRun File - [2009.06.29 10:50:56 | 000,000,000 | ---- | M] () - M:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{9076c8ff-11a3-11e0-afd5-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{9076c8ff-11a3-11e0-afd5-005056c00008}\Shell\AutoRun\command - "" = K:\KODAK_Software_Downloader.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.08.09 11:04:31 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\AstaLaVista\Desktop\OTL.exe
[2012.08.09 00:51:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.08.09 00:51:28 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.08.09 00:23:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012.08.09 00:23:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012.08.09 00:23:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012.08.09 00:10:43 | 000,000,000 | ---D | C] -- C:\Users\AstaLaVista\Desktop\backups
[2012.08.09 00:02:19 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\AstaLaVista\Desktop\HiJackThis204.exe
[2012.07.24 10:08:01 | 000,000,000 | ---D | C] -- C:\Users\AstaLaVista\Documents\BriefeanHr.Semmler
[2012.07.22 16:00:46 | 000,000,000 | ---D | C] -- C:\Users\AstaLaVista\AppData\Roaming\Haufe Mediengruppe
[2012.07.22 16:00:46 | 000,000,000 | ---D | C] -- C:\Users\AstaLaVista\AppData\Local\Haufe Mediengruppe
[2012.07.21 12:33:58 | 000,000,000 | ---D | C] -- C:\Users\AstaLaVista\Documents\netbank_giroLoyal_Antrag_und_Rueckumschlag_342815
[2012.07.20 23:32:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Haufe
[2012.07.20 23:30:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Haufe
[2012.07.20 23:30:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Haufe
[2012.07.20 22:23:08 | 000,000,000 | ---D | C] -- C:\ProgramData\DownloadManager
[2012.07.20 20:07:21 | 000,000,000 | ---D | C] -- C:\Users\AstaLaVista\Desktop\TAXMAN 2012
[2012.07.17 15:28:11 | 000,000,000 | ---D | C] -- C:\Users\AstaLaVista\Documents\IMG_1073
[2012.07.16 10:07:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.07.16 10:06:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012.07.13 21:01:27 | 000,000,000 | ---D | C] -- C:\Users\AstaLaVista\Documents\(BestätigungHerrSemmler14.-15.07.2012)
[2012.07.12 19:48:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASM104xUSB3
[2012.07.12 19:47:28 | 000,000,000 | ---D | C] -- C:\Users\AstaLaVista\Desktop\Asmedia_USB3_V11430_XPVistaWin7
[2012.07.12 13:56:10 | 000,000,000 | ---D | C] -- C:\Users\AstaLaVista\Documents\p1locStarzik
[3 C:\Users\AstaLaVista\Documents\*.tmp files -> C:\Users\AstaLaVista\Documents\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.08.09 10:36:56 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\AstaLaVista\Desktop\OTL.exe
[2012.08.09 10:23:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.09 09:36:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.09 02:00:02 | 000,018,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.09 02:00:02 | 000,018,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.09 01:52:02 | 2146,000,895 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.09 00:51:31 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.08.09 00:23:34 | 000,001,258 | ---- | M] () -- C:\Users\AstaLaVista\Desktop\Spybot - Search & Destroy.lnk
[2012.08.08 23:58:54 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\AstaLaVista\Desktop\HiJackThis204.exe
[2012.08.08 22:43:03 | 000,002,562 | ---- | M] () -- C:\Windows\diagwrn.xml
[2012.08.08 22:43:03 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2012.08.08 22:41:13 | 000,007,132 | ---- | M] () -- C:\Users\AstaLaVista\Desktop\Windows-Kompatibilitätsbericht.htm
[2012.08.08 01:09:52 | 001,984,382 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.08 01:09:52 | 000,833,142 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.08.08 01:09:52 | 000,776,498 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.08 01:09:52 | 000,202,846 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.08.08 01:09:52 | 000,169,058 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.08.07 00:34:40 | 000,000,432 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2012.08.07 00:25:53 | 001,730,354 | ---- | M] () -- C:\Users\AstaLaVista\Documents\Anmeldung_Fortbildungspruefung.pdf
[2012.08.05 11:21:24 | 000,026,849 | ---- | M] () -- C:\Users\AstaLaVista\Desktop\6-schuljahr,-schuelerband.jpg
[2012.07.25 20:16:37 | 000,382,898 | ---- | M] () -- C:\Users\AstaLaVista\Documents\TAXMAN_2012_Dasi.zip
[2012.07.24 10:08:01 | 003,762,774 | ---- | M] () -- C:\Users\AstaLaVista\Documents\BriefeanHr.Semmler.zip
[2012.07.23 16:12:38 | 001,453,631 | ---- | M] () -- C:\Users\AstaLaVista\Desktop\Contract Vertrag Holiday Frankreich001.jpg
[2012.07.21 12:33:58 | 000,767,279 | ---- | M] () -- C:\Users\AstaLaVista\Documents\netbank_giroLoyal_Antrag_und_Rueckumschlag_342815.zip
[2012.07.21 11:11:50 | 000,019,863 | ---- | M] () -- C:\Users\AstaLaVista\Documents\IhreRetoure6510214669.pdf
[2012.07.21 00:24:33 | 000,002,669 | ---- | M] () -- C:\Users\Public\Desktop\TAXMAN 2012.lnk
[2012.07.20 23:32:38 | 000,002,319 | ---- | M] () -- C:\Users\Public\Desktop\TAXMAN Bibliothek 2012.lnk
[2012.07.19 20:42:52 | 000,012,750 | ---- | M] () -- C:\Users\AstaLaVista\Documents\=windows-1250QBank=E4nderung=2EPDF=
[2012.07.19 16:45:13 | 000,012,750 | ---- | M] () -- C:\Users\AstaLaVista\Documents\Kennwort.pdf
[2012.07.19 13:46:15 | 002,268,071 | ---- | M] () -- C:\Users\AstaLaVista\Desktop\diego001.jpg
[2012.07.17 15:57:56 | 001,199,146 | ---- | M] () -- C:\Users\AstaLaVista\Desktop\Pattex Conrad rechnung002.jpg
[2012.07.17 15:52:35 | 001,211,176 | ---- | M] () -- C:\Users\AstaLaVista\Desktop\Pattex Conrad rechnung001.jpg
[2012.07.17 15:28:11 | 002,132,203 | ---- | M] () -- C:\Users\AstaLaVista\Documents\IMG_1073.zip
[2012.07.13 21:01:27 | 000,379,198 | ---- | M] () -- C:\Users\AstaLaVista\Documents\(BestätigungHerrSemmler14.-15.07.2012).zip
[2012.07.12 19:47:15 | 005,294,566 | ---- | M] () -- C:\Users\AstaLaVista\Desktop\Asmedia_USB3_V11430_XPVistaWin7.zip
[2012.07.12 13:56:10 | 002,001,415 | ---- | M] () -- C:\Users\AstaLaVista\Documents\p1locStarzik.zip
[3 C:\Users\AstaLaVista\Documents\*.tmp files -> C:\Users\AstaLaVista\Documents\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.08.09 00:51:31 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.08.09 00:23:34 | 000,001,258 | ---- | C] () -- C:\Users\AstaLaVista\Desktop\Spybot - Search & Destroy.lnk
[2012.08.08 22:41:14 | 000,007,132 | ---- | C] () -- C:\Users\AstaLaVista\Desktop\Windows-Kompatibilitätsbericht.htm
[2012.08.07 00:25:35 | 001,730,354 | ---- | C] () -- C:\Users\AstaLaVista\Documents\Anmeldung_Fortbildungspruefung.pdf
[2012.08.05 11:21:24 | 000,026,849 | ---- | C] () -- C:\Users\AstaLaVista\Desktop\6-schuljahr,-schuelerband.jpg
[2012.07.24 10:07:15 | 003,762,774 | ---- | C] () -- C:\Users\AstaLaVista\Documents\BriefeanHr.Semmler.zip
[2012.07.23 16:12:37 | 001,453,631 | ---- | C] () -- C:\Users\AstaLaVista\Desktop\Contract Vertrag Holiday Frankreich001.jpg
[2012.07.22 18:26:28 | 000,382,898 | ---- | C] () -- C:\Users\AstaLaVista\Documents\TAXMAN_2012_Dasi.zip
[2012.07.21 12:33:49 | 000,767,279 | ---- | C] () -- C:\Users\AstaLaVista\Documents\netbank_giroLoyal_Antrag_und_Rueckumschlag_342815.zip
[2012.07.21 11:11:49 | 000,019,863 | ---- | C] () -- C:\Users\AstaLaVista\Documents\IhreRetoure6510214669.pdf
[2012.07.20 23:32:38 | 000,002,319 | ---- | C] () -- C:\Users\Public\Desktop\TAXMAN Bibliothek 2012.lnk
[2012.07.20 23:31:39 | 000,002,669 | ---- | C] () -- C:\Users\Public\Desktop\TAXMAN 2012.lnk
[2012.07.19 20:42:51 | 000,012,750 | ---- | C] () -- C:\Users\AstaLaVista\Documents\=windows-1250QBank=E4nderung=2EPDF=
[2012.07.19 16:45:13 | 000,012,750 | ---- | C] () -- C:\Users\AstaLaVista\Documents\Kennwort.pdf
[2012.07.19 13:45:57 | 002,268,071 | ---- | C] () -- C:\Users\AstaLaVista\Desktop\diego001.jpg
[2012.07.17 15:57:55 | 001,199,146 | ---- | C] () -- C:\Users\AstaLaVista\Desktop\Pattex Conrad rechnung002.jpg
[2012.07.17 15:52:35 | 001,211,176 | ---- | C] () -- C:\Users\AstaLaVista\Desktop\Pattex Conrad rechnung001.jpg
[2012.07.17 15:27:49 | 002,132,203 | ---- | C] () -- C:\Users\AstaLaVista\Documents\IMG_1073.zip
[2012.07.13 21:01:22 | 000,379,198 | ---- | C] () -- C:\Users\AstaLaVista\Documents\(BestätigungHerrSemmler14.-15.07.2012).zip
[2012.07.12 19:47:14 | 005,294,566 | ---- | C] () -- C:\Users\AstaLaVista\Desktop\Asmedia_USB3_V11430_XPVistaWin7.zip
[2012.07.12 13:55:49 | 002,001,415 | ---- | C] () -- C:\Users\AstaLaVista\Documents\p1locStarzik.zip
[2012.06.16 20:43:00 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2012.06.16 20:43:00 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2012.06.16 20:41:50 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012.06.16 20:41:48 | 000,032,497 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2012.06.16 15:09:23 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2012.06.16 15:09:23 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2012.04.14 23:10:28 | 000,003,997 | ---- | C] () -- C:\Windows\scad3.INI
[2012.02.29 13:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012.02.27 10:41:52 | 000,202,240 | ---- | C] () -- C:\Windows\SysWow64\LXPrnUtil10.dll
[2012.02.27 10:40:44 | 000,304,128 | ---- | C] () -- C:\Windows\SysWow64\LxDNT100.dll
[2012.02.27 10:38:36 | 000,133,120 | ---- | C] () -- C:\Windows\SysWow64\LxDNTvmc100.dll
[2012.02.27 10:38:18 | 000,069,120 | ---- | C] () -- C:\Windows\SysWow64\LxDNTvm100.dll
[2011.12.05 21:54:43 | 000,001,125 | ---- | C] () -- C:\Users\AstaLaVista\Dokumente - Verknüpfung.lnk
[2011.11.10 23:06:31 | 000,000,017 | ---- | C] () -- C:\Users\AstaLaVista\AppData\Local\resmon.resmoncfg
[2011.09.03 13:19:30 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011.08.09 12:48:39 | 000,000,153 | ---- | C] () -- C:\Windows\ODBC.INI
[2011.08.05 23:17:56 | 000,009,216 | ---- | C] () -- C:\Users\AstaLaVista\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.13 10:03:16 | 000,303,104 | ---- | C] () -- C:\Windows\SysWow64\dnt27VC8.dll
[2011.05.13 10:01:22 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\dntvmc27VC8.dll
[2011.05.13 10:01:00 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\dntvm27VC8.dll
[2010.10.13 20:58:31 | 001,961,340 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.10.03 23:46:25 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010.10.03 23:46:25 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\BD2030.DAT
[2010.10.03 13:19:08 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.10.03 13:07:44 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
========== LOP Check ==========
[2012.02.07 22:09:32 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Arduino
[2012.02.01 09:25:02 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Ashampoo
[2012.04.26 23:47:58 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Asxany
[2011.10.09 20:30:22 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\CadSoft
[2011.01.11 01:12:33 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Dev-Cpp
[2011.11.02 18:45:18 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\DVSE GmbH
[2011.10.09 12:02:29 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\EPSON
[2012.02.22 17:59:11 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Fritzing
[2011.01.08 14:38:25 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\GetRightToGo
[2012.07.22 16:00:46 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Haufe Mediengruppe
[2012.04.15 23:23:57 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\HeidiSQL
[2012.04.14 21:20:57 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\ibf
[2011.02.27 16:05:02 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\ImgBurn
[2010.10.10 01:23:01 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Leadertech
[2011.04.24 11:07:49 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\LEGO Media
[2011.08.09 17:13:59 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Lexware
[2012.04.14 23:07:57 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\LTC
[2012.01.15 19:51:50 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\National Instruments
[2012.04.18 08:29:10 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Nokia
[2011.09.23 19:55:34 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Nokia Ovi Suite
[2010.10.03 14:29:08 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\OpenOffice.org
[2010.10.03 13:53:50 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Opera
[2011.10.31 09:47:13 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Origin
[2012.04.27 15:03:22 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Oxota
[2011.09.23 19:59:54 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\PC Suite
[2010.12.27 13:49:19 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Skinux
[2011.11.25 00:04:35 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\TuneUp Software
[2012.03.23 21:52:21 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Ucoz
[2011.10.19 20:28:42 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Vocup
[2012.07.04 18:29:42 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 24 bytes -> C:\Windows:8FEEB0BF75CBDF76
< End of report >
--- --- --- EXTRA.txt.OTL Logfile: Code:
OTL Extras logfile created on: 09.08.2012 11:04:43 - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\AstaLaVista\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8,00 Gb Total Physical Memory | 6,24 Gb Available Physical Memory | 78,01% Memory free
15,99 Gb Paging File | 13,46 Gb Available in Paging File | 84,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 189,19 Gb Total Space | 118,93 Gb Free Space | 62,87% Space Free | Partition Type: NTFS
Drive D: | 52,92 Gb Total Space | 19,17 Gb Free Space | 36,24% Space Free | Partition Type: NTFS
Drive E: | 21,61 Gb Total Space | 6,14 Gb Free Space | 28,41% Space Free | Partition Type: NTFS
Drive F: | 2,97 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive G: | 5,30 Gb Total Space | 0,90 Gb Free Space | 17,07% Space Free | Partition Type: NTFS
Drive H: | 15,03 Gb Total Space | 3,31 Gb Free Space | 22,03% Space Free | Partition Type: FAT32
Drive M: | 141,19 Gb Total Space | 38,24 Gb Free Space | 27,09% Space Free | Partition Type: FAT32
Computer Name: ASTALAVISTA-PC | User Name: AstaLaVista | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{121B05EA-49C6-4967-9F3D-A524738EF466}" = rport=445 | protocol=6 | dir=out | app=system |
"{14FEF1B3-2D9B-448F-A41E-6AFF62B59048}" = rport=10243 | protocol=6 | dir=out | app=system |
"{181691D7-5AE6-46FE-BF0E-C43FB7B71441}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{1874E7EA-1607-4B25-850E-6ECD0CD5DAC0}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{1DD3EC0F-BD8A-4A6F-BC57-C21EF8B3879F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3624DAE8-FF37-4C7D-82EA-648FA0DBC2F9}" = lport=137 | protocol=17 | dir=in | app=system |
"{391362B2-1F70-42FA-9440-5A2812469572}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3A62F956-BC36-49FC-9064-161D7189F800}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3D06744D-A4B9-4E75-8684-2E2BA85A485E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3F5859A5-C564-4FE2-B357-A2DC48921FB1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{45087C81-A404-48D8-9B40-92F45F9C99E0}" = lport=10243 | protocol=6 | dir=in | app=system |
"{460D1B51-F99C-4FDA-B1B8-E20D95C3547F}" = lport=138 | protocol=17 | dir=in | app=system |
"{4FB320D4-B274-49A6-A559-B19C64E7A161}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5566E58E-3914-4B01-8EA3-5C1AE5F91CB8}" = rport=139 | protocol=6 | dir=out | app=system |
"{566E0AE6-8CF8-47C0-83FF-D18781E6A559}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5CD6E2F9-5B8F-4ACA-889D-BA6531BAD955}" = lport=2869 | protocol=6 | dir=in | app=system |
"{65434C8C-A0F2-4217-ADEE-1557F16DC364}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{66EC20EF-A4CC-439C-8EB9-BD49590C0ADB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6A382021-9F2A-47A1-A9BD-B635D4072249}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{6BFE4453-C2A1-41D0-AC9E-5CBCCEE2B967}" = lport=1542 | protocol=6 | dir=in | name=realtek wps tcp prot |
"{6D4A4710-6CD4-45CB-9614-D864D57F7A82}" = lport=53 | protocol=17 | dir=in | name=realtek ap udp prot |
"{75C91A0F-0134-4583-9CE9-FC92E879E9DA}" = lport=445 | protocol=6 | dir=in | app=system |
"{92AD8858-CFED-4329-9D36-9799755982BD}" = lport=139 | protocol=6 | dir=in | app=system |
"{9A08DFCC-E54B-408D-91C5-636A139C08C8}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{AE21704A-4429-4FCF-9139-6E5F8061ACF6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AF15764C-8F60-403C-B3AB-9CD30860EC3F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BCC15698-6158-48C5-86C6-11C99129E656}" = rport=138 | protocol=17 | dir=out | app=system |
"{C380B045-5C9C-42BD-8C09-711DB5C1DE74}" = rport=137 | protocol=17 | dir=out | app=system |
"{C8E45625-3429-4CEC-9AC0-582CEB84AB32}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E2C7DA95-B005-4AE4-9932-732E6337FDEF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E76BBDB2-D13F-4EC6-83D5-52A984DFBF02}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E92B02F8-1840-4FBA-92B5-6836D1C68476}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{ED174098-656E-47BA-9815-B61E8EEE2688}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{FC4C24A8-F4D3-4A3F-AB14-90BABC935DF0}" = lport=1542 | protocol=17 | dir=in | name=realtek wps udp prot |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0687B906-F5EF-4BED-AA23-C191D1CB5345}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\acs\aoldial.exe |
"{08618EC7-5913-4E8D-A940-B5C95D29723B}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe |
"{086F28B8-BCE6-4E90-8555-4A53CC746BF8}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\acs\aoldial.exe |
"{0D31A316-1819-4EBF-96ED-F919DA36D06B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{1073BFDF-C7BB-410F-B430-8AD4D60E5FF8}" = protocol=6 | dir=in | app=c:\program files (x86)\sitecom\300n usb wireless lan utility\rtwlan.exe |
"{12F4EB3F-D8C7-4F98-81F9-95CC09C87F50}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{17D818A1-C257-4267-B7DD-377B0D275634}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\system information\sinf.exe |
"{199B1715-D112-4EEA-9C58-3D30472B1FBE}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\acs\aolacsd.exe |
"{1D4AE342-80D3-42E4-B858-595B7283FF8C}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\acs\aoldial.exe |
"{213C0F9F-4976-4F42-9466-3FE092781E7E}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\system information\sinf.exe |
"{22689738-C5B8-4E85-96F1-FD530363F8BD}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{23818030-1F55-47CE-8851-009D176D0961}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe |
"{324936A8-429B-497D-B357-15FD677ADAA2}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\fifa 12\game\fifa.exe |
"{352460CD-B631-421E-A098-923643EFB503}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3C9BD508-E308-4FBB-B73F-51D95BB5A569}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{40A7E5FF-0FA6-4D9D-BBE8-19DCFE2CA1EA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{50445194-3CDE-4039-A336-0A4DF083F2D7}" = protocol=6 | dir=in | app=c:\program files (x86)\sybase\sql anywhere 9\win32\dbsrv9.exe |
"{51C25E29-4B84-4024-B9DF-DA08BDFA557D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{51F13C9F-246A-4D72-AACB-EF49E44E0929}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{550F4015-14E7-425E-844E-79DAD94BF9B3}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{56F96A08-B9DA-4A2B-8163-A440E36E68A5}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\acs\aoldial.exe |
"{593928AD-9700-4AC4-A4BC-B6E217B0CA40}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\1286106206\ee\aolsoftware.exe |
"{6131ACA1-A7AA-4DB5-B5B1-3FB5DD6003D2}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{68D741D2-2331-48F1-A053-79C7BD5693F9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6BEEA514-F9F6-4932-BB5A-D5AD0965DFB9}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\1286106206\ee\aolsoftware.exe |
"{70A070B5-FB5C-4CE2-A289-3686835362FC}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\acs\aolacsd.exe |
"{74183B9C-A223-4CA3-AA47-B2DBDA3080A9}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{76A036E9-D3AE-4415-9D5B-5F719DCF277E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7C1C97BB-6027-4030-BBF3-6CD581DB7A6D}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{81E20C74-D38D-4899-AD64-04E92961BFA7}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{82835B4E-ACEF-42EA-B597-DC847FF8ED20}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{85F9DAF0-D1AF-46ED-AEAC-62CF20433928}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{92B897D7-9F1A-4879-BA54-8DC864394B16}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\acs\aolacsd.exe |
"{93F57C00-4E0B-42CF-B0BC-4F771ED2DDC0}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\1286106206\ee\aolsoftware.exe |
"{A02F53C5-279C-42B7-BF58-9FCE52A8A50A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A252C970-ED17-44CB-94D4-5610EFB8C24C}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{A3D152DE-8EFD-43D0-BA2E-A1F21FF148D1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A64323F6-E23F-48A4-9E98-784969D28237}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{AB90F3DD-5CAA-4B53-B84B-17F6E3921693}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{AC59179E-A039-4E17-B3D8-9B3ADBA74C46}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{AF65953B-55E8-403B-BBE6-DC21022E522B}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\fifa 12\game\fifa.exe |
"{B8097C66-BCA2-4B2D-8D92-2D417D0E5A82}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{B84C5A9D-42E7-422F-8D8E-ABC8B81B16E2}" = protocol=17 | dir=in | app=c:\program files (x86)\sitecom\300n usb wireless lan utility\rtwlan.exe |
"{BCF82093-781B-44A5-8D27-BC09047751B7}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C5A59AB2-CCB4-4E92-A755-312A9148A2E3}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{C8B46F28-0DFF-426E-A407-3C0E9CD00FFC}" = protocol=17 | dir=in | app=c:\program files (x86)\sybase\sql anywhere 9\win32\dbsrv9.exe |
"{C96B7694-73F5-4D27-BE7A-1B12AAB47D61}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CAED408A-4C77-44A0-B3D3-3183084F1725}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\1286106206\ee\aolsoftware.exe |
"{CBED26BD-4878-4BBF-9274-1506C9B94A95}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D06D02E5-AFAF-4974-90F6-5731DA6BE7C2}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{D17B905D-F362-4C53-B5F2-6E529146259F}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\acs\aolacsd.exe |
"{D6AB1DAC-B40C-406F-8371-C840344CF0E5}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{D6B63EE3-6CCF-41B6-83B6-96DE0423CA5B}" = protocol=6 | dir=out | app=system |
"{E8FE35AE-A843-4F8F-986C-7C9D46DA871D}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{EEE758CD-C96D-4DE2-8990-5780BD46724F}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{F01121A6-AB7A-4174-A5DC-DBEC894CB93D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F40A0307-E4A1-4AA2-A624-232C557DA5D9}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{F507F49F-1498-4417-AE63-1CAA2A933B42}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F7AF57F2-F511-417C-8D3F-8D02D7575349}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FD8D08EB-BA43-4ED1-92E3-5C242C7AC5DA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FDA0250C-43C9-4494-8AAE-363DAB8B6F8C}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\topspeed\3.0\aoltpsd3.exe |
"TCP Query User{3E973B62-F048-4FCF-B46C-B0015C1A22A4}C:\users\astalavista\downloads\kicad-20120121-r3372-windows\eeschema.exe" = protocol=6 | dir=in | app=c:\users\astalavista\downloads\kicad-20120121-r3372-windows\eeschema.exe |
"UDP Query User{7438D975-F806-45BB-9B0B-DE18A23FB3FB}C:\users\astalavista\downloads\kicad-20120121-r3372-windows\eeschema.exe" = protocol=17 | dir=in | app=c:\users\astalavista\downloads\kicad-20120121-r3372-windows\eeschema.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{09782D89-1CA6-4B7D-82C5-2DE01AF5601B}" = Microsoft SQL Server 2008 Common Files
"{0ADF605D-2D94-4467-91F7-D75C71CF328D}" = Microsoft SQL Server 2008 Database Engine Shared
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{21903252-3854-48D6-8F0C-F648CFA818C9}" = NI Help Assistant (64bit)
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416013FF}" = Java(TM) 6 Update 13 (64-bit)
"{28D06854-572C-4A65-83E5-F8CAF26B9FDC}" = Microsoft SQL Server VSS Writer
"{2DF4C5DD-7417-301D-935D-939D3B7B5997}" = Microsoft Help Viewer 1.0 Language Pack - DEU
"{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}" = Sql Server Customer Experience Improvement Program
"{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU
"{3DD68F17-2C5D-49AC-9280-13C90FE19B71}" = NI Logos64 5.1.3
"{440668AA-7524-40DB-966A-60BE535E1B3F}" = Microsoft SQL Server 2008 Database Engine Services
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{4EBBC187-6988-4B10-A846-E1DBD2AD2B8D}" = NI Math Kernel Libraries (64-bit)
"{52167B0C-FB5D-43E7-BEC5-24EE6BEE2BA0}" = DVSE Updater
"{5340A3B5-3853-4745-BED2-DD9FF5371331}" = Microsoft SQL Server 2008 Common Files
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{62140B07-129A-2BD0-81D2-2A1A7408ADC8}" = ATI Catalyst Install Manager
"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{6AF73222-EE90-434C-AE7E-B96F70A68D89}" = Unterstützungsdateien für Microsoft SQL Server 2008-Setup
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7ACE202B-1B01-4B43-B6AE-03D66D621CDE}" = Microsoft SQL Server 2008 RsFx Driver
"{7C39E0D1-E138-42B1-B083-213EC2CF7692}" = Microsoft SQL Server Native Client
"{8325FD0C-2FDB-46C3-921A-3A78385EA972}" = Microsoft SQL Server 2008 Native Client
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-0015-0407-1000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-1000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-1000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-1000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-1000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-003D-0000-1000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0407-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (German) 2010
"{90140000-006E-0407-1000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{945CF655-4A32-4667-B085-70A9D53C5A86}" = NI VC2008MSMs x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{B092C4EE-F80B-48DD-B57D-C42B66543BE0}" = NI VC2005MSMs x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{C342A5D7-9D75-4D37-879A-BAA68D168670}" = NI Logos64 XT Support
"{C3EAE456-7E7A-451F-80EF-F34C7A13C558}" = Microsoft SQL Server Compact 3.5 SP2 x64 DEU
"{CA7DAF6F-D5F4-46FD-A824-7E0B472C3211}" = NI USI 1.7.0 64-Bit
"{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}" = Microsoft SQL Server 2008 Database Engine Shared
"{CCC79B52-19CF-4A50-BE60-AEE3DE96B3EA}" = NI Web Pipeline 2.0.1 64-bit support
"{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes
"{D8C0E5E1-3B66-465D-8F9B-F591F5CDA726}" = NI Trace Engine (64-bit)
"{E63A64BC-6458-432B-A5FA-A61BFD34EA6E}" = NI TDMS (64-bit)
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = Microsoft SQL Server 2008 Database Engine Services
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"CCleaner" = CCleaner
"EPSON SX410 Series" = EPSON SX410 Series Printer Uninstall
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 (64-bit)
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 (64-bit)
"Office14.SingleImage" = Microsoft Office Home and Student 2010
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU
"{0197D136-598D-4968-BEEA-91C1B764F05D}" = Lexware buchhalter 2012
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (JTLWAWI)
"{02B6E651-686D-4BCD-8A93-C07B01761745}" = NI Logos 5.1.3
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}" = HP USB Disk Storage Format Tool
"{0F32914F-A633-4516-B531-7084C8F19F93}" = Haufe iDesk-Browser
"{0FD812C9-3BBE-4CC5-A43C-B7304E3EC581}" = NI Web Pipeline 2.0.1
"{1923679F-C14B-4790-BC54-EFA3FCDE147B}" = Lexware Elster
"{1D081AB0-B1CC-11E0-80C0-005056B12123}" = Haufe iDesk-Service
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200927E3-5E45-493A-9343-508613BC59CE}" = NI LabVIEW Web Services Runtime
"{213B996A-A55B-4F9F-B897-2F8C4397EF97}" = WinFunktion Mathematik + 16
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 33
"{2DBC8A34-0646-4F3D-B005-414E317FB281}" = NI Circuit Design Suite 11.0.2 Edu Licenses
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{2FFCCA65-E775-4636-8274-B382F72F6D24}" = Cadence Allegro Free Physical Viewers 16.5
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{3526C5B8-60EE-4199-BEFD-6BCC86F051B9}" = TAXMAN 2011
"{37BC8FCE-15B1-456E-A62C-EEB175B71340}" = Lexware reisekosten plus 2011
"{3A05B900-A3E7-11DE-A9B7-005056806466}" = Google Earth
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11
"{41A0986C-CED7-4C93-AFF2-DC8566253B7B}" = NI MetaSuite Installer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA68A73-DB9C-439D-9481-981C82BD008B}" = Nokia Connectivity Cable Driver
"{4AF2248C-B3DF-46FB-9596-87F5DB193689}" = Microsoft SQL Server 2008 Browser
"{4FFBBF14-D82E-483D-8C1D-FCECAABD399E}" = NI LabWindows/CVI 9.0.1 Run-Time Engine
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{57B77060-04B4-468E-89A9-F68EEE466F57}" = NI USI 1.7.0
"{5C0BBD9F-2D3F-4093-AD7B-3F7377E0EDCA}" = NI LabVIEW Real-Time NBFifo
"{5DC29616-B2BD-4E55-BDA1-AA81D30F83D5}" = LTpowerPlay
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{604D1BD4-7EE3-4704-8D53-0675FA94AE57}" = NI MDF Support
"{63E19B33-DD24-4EAB-9E77-6735C2171CE4}" = NI VC2005MSMs x86
"{644DAD90-2083-4871-BD49-721BF8FAE295}" = NI LabVIEW Run-Time Engine 8.6.1
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65246CE4-17F2-4896-8828-696086BED5F6}" = NI TDMS
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6C520D64-E109-4A73-82A3-7808592051BC}" = NI Circuit Design Suite 11.0.2 Core
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6F7D11DC-DE87-45C8-A37E-A35B724FC771}" = NI Help Assistant
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries
"{7ACFB216-29F7-4331-A5ED-2563AEB51F21}" = NI Trace Engine
"{7BE5AA0C-E564-430F-B297-2B01121A1C5A}" = NI LabVIEW Real-Time NBFifo
"{7CD0F3A4-AA2F-4F6E-84F4-BFC2905D4BA3}" = NI EULA Depot
"{7FB64E72-9B0E-4460-A821-040C341E414A}" = ASUS Ai Charger
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}" = EPU-4 Engine
"{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}" = Nokia Suite
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B05C597-5509-47C6-87B8-461E1BB6AF5C}" = NI LabVIEW Run-Time Engine 2009
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C049499-055C-4a0c-A916-1D8CA1FF45EB}" = Sitecom 300N USB Wireless LAN Driver and Utility
"{A2AA4204-C05A-4013-888A-AD153139297F}" = PC Connectivity Solution
"{A3752527-E9F5-4EE5-9A09-D6582AFE1D35}" = NI Circuit Design Suite 11.0.2 Education
"{A53A11EA-0095-493F-86FA-A15E8A86A405}" = VMware Player
"{AA027AE9-DD20-4677-AA72-D760A358320B}" = Microsoft VC9 runtime libraries
"{ABD79E99-F9E3-413B-8D18-11070754355F}" = NI Math Kernel Libraries
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B10F8C17-3DB8-4093-92F6-9F85C263D51A}" = NI LabVIEW Run-Time Engine Interop 2009
"{B226F936-42E3-402E-8CF8-C1D92F255A17}" = NI Uninstaller
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BBAAAD82-6242-420F-86D4-BD72BB5E6C86}" = Tools für Microsoft SQL Server 2005 Express Edition
"{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1" = Emsisoft Anti-Malware
"{BE95841B-D741-4B72-B79B-1EC61240F10E}" = NI Service Locator
"{C0FF3C38-FC96-4575-8A7B-89DDA3F9C79D}" = NI-Update-Dienst 1.1
"{C1C50448-C067-454A-80B2-334ECAC8F414}" = Lexware Admintools Plus
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{CFF55EAB-5A2F-4A95-99D4-EF3E585F03FD}" = NI Logos XT Support
"{D34A78EB-78F2-48ab-8CAE-5D4DC255A491}" = Lexware reisekosten plus 2011
"{D361B9E5-E918-48CB-BEC3-8E44A5F6E624}" = NI LabVIEW 2009 SP1 Run-Time Engine Web Services
"{D581FB60-4827-4AB0-9BF0-A1159C1D0579}" = NI License Manager
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DAD5AC93-8518-4F46-A5FE-E63FEE791B6F}" = AMD OverDrive
"{DADC7AB0-E554-4705-9F6A-83EA82ED708E}" = Realtek Ethernet Diagnostic Utility
"{DAF15921-FA90-4427-82A2-1852A9BAC99A}" = Lexware Datenbank plus 2011
"{DB2C5648-700D-4AEF-83E1-70C72F0C34FA}" = NI Math Kernel Libraries
"{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}" = Microsoft Visual C++ 2010 Express - DEU
"{DF344785-0900-471E-B9F5-6F28C89AF638}" = TAXMAN Bibliothek 2012
"{E37CCD6C-56C1-43C7-B2FA-24A32B6B09F7}" = NI Example Finder 9.0
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{EA8ADAA9-6671-4839-A51E-0C6792B78F3E}" = FIFA 12
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EC8BF669-EFEA-40D9-8894-9074E407FC07}" = NI VC2008MSMs x86
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F11F2CA2-F45F-4CC2-8962-28A0F5DC625A}" = NI-Update-Dienst 1.1 Full
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3C2ECAA-1B4D-4B75-9105-106B0D03EF02}" = Lexware Info Service
"{FA3FDB06-3368-4579-B2F2-5AE8AD6E7871}" = TAXMAN 2012
"{FE24BCDF-9231-450D-AA08-D3550B81EE41}" = NI LabVIEW Web Server for Run-Time Engine
"{FEFA778A-05D2-4D0F-80A3-7AE24B8161C0}" = NI LabVIEW Web Server for Run-Time Engine
"{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AOL Emergency Connect Utility 1.0" = Uninstall AOL Emergency Connect Utility 1.0
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE
"Avira AntiVir Desktop" = Avira Antivirus Premium 2012
"bhv Schule total 2008/09 Starter" = bhv Schule total 2008/09 Starter
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"DivX Setup.divx.com" = DivX-Setup
"EAGLE 6.1.0" = EAGLE 6.1.0
"ELECTRA_is1" = ELECTRA 2.8
"EPSON Scanner" = EPSON Scan
"Flugzeuge bauen mit Willy Werkel_is1" = Flugzeuge bauen mit Willy Werkel
"HC51 9.60PL0" = HI-TECH C51-lite V9.60PL0
"HeidiSQL_is1" = HeidiSQL 7.0.0.4053
"Kalo24 - der Freeware-Kaloreinexperte" = Kalo24 - der Freeware-Kaloreinexperte 1.0.0.0
"LTspice IV" = LTspice IV
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Microsoft Visual C++ 2010 Express - DEU" = Microsoft Visual C++ 2010 Express - DEU
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"Mozilla Firefox (3.6.28)" = Mozilla Firefox (3.6.28)
"NI Uninstaller" = Software von National Instruments
"nLite_is1" = nLite 1.4.9.1
"Nokia Suite" = Nokia Suite
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Opera 12.01.1532" = Opera 12.01
"Origin" = Origin
"PICC 9.60PL0" = HI-TECH PICC lite V9.60PL0
"Target 3001! V15 discover" = Target 3001! V15 discover
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"ViewpointMediaPlayer" = Viewpoint Media Player
"VMware_Player" = VMware Player
"Vocup_is1" = Vocup 1.4.3
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FIFA 11 Hybrid Gameplay Patch 3.0.4 AUTO INSTALL by Doctor+" = FIFA 11 Hybrid Gameplay Patch 3.0.4 AUTO INSTALL by Doctor+
"FoxTab PDF Converter" = FoxTab PDF Converter
"WinSetupFromUSB" = WinSetupFromUSB
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 08.08.2012 20:23:26 | Computer Name = AstaLaVista-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 10015
Error - 08.08.2012 20:23:27 | Computer Name = AstaLaVista-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 08.08.2012 20:23:27 | Computer Name = AstaLaVista-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 11013
Error - 08.08.2012 20:23:27 | Computer Name = AstaLaVista-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 11013
Error - 08.08.2012 20:23:28 | Computer Name = AstaLaVista-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 08.08.2012 20:23:28 | Computer Name = AstaLaVista-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 12012
Error - 08.08.2012 20:23:28 | Computer Name = AstaLaVista-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 12012
Error - 08.08.2012 20:23:29 | Computer Name = AstaLaVista-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 08.08.2012 20:23:29 | Computer Name = AstaLaVista-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 13010
Error - 08.08.2012 20:23:29 | Computer Name = AstaLaVista-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 13010
[ System Events ]
Error - 09.08.2012 05:10:32 | Computer Name = AstaLaVista-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%0
Error - 09.08.2012 05:10:32 | Computer Name = AstaLaVista-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem
dienstspezifischem Fehler beendet: %%-1073741288.
Error - 09.08.2012 05:10:35 | Computer Name = AstaLaVista-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%0
Error - 09.08.2012 05:10:35 | Computer Name = AstaLaVista-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem
dienstspezifischem Fehler beendet: %%-1073741288.
Error - 09.08.2012 05:10:38 | Computer Name = AstaLaVista-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%0
Error - 09.08.2012 05:10:38 | Computer Name = AstaLaVista-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem
dienstspezifischem Fehler beendet: %%-1073741288.
Error - 09.08.2012 05:10:41 | Computer Name = AstaLaVista-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%0
Error - 09.08.2012 05:10:41 | Computer Name = AstaLaVista-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem
dienstspezifischem Fehler beendet: %%-1073741288.
Error - 09.08.2012 05:10:44 | Computer Name = AstaLaVista-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%0
Error - 09.08.2012 05:10:44 | Computer Name = AstaLaVista-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem
dienstspezifischem Fehler beendet: %%-1073741288.
< End of report >
--- --- ---
keiner ne idee? ist es überhaupt ein Virus? |
