| Feuer-Fritz | 13.10.2012 09:58 |
tbhcn - was ist das und wie werde ich es los?
Hallo zusammen, ich hoffe ihr könnt mir helfen.
Auch mir ist beim Aufräumen die tbhcn.exe im Autostart aufgefallen und ich habe danach gegoogelt. Dadurch bin ich hier gelandet.
Was mir sofort ins Auge sprang, war die Aussage: "Rechner ist langsam".
Auch das ist bei mir der Fall, obwohl ich ihn vor einigen Monaten neu aufgesetzt habe.
Die Anweisungen habe ich befolgt:
defogger ausgeführt
OTL siehe hier Zitat:
OTL logfile created on: 13.10.2012 10:25:05 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Feuer-Fritz\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,92 Gb Total Physical Memory | 2,28 Gb Available Physical Memory | 58,18% Memory free
7,84 Gb Paging File | 5,60 Gb Available in Paging File | 71,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,76 Gb Total Space | 404,61 Gb Free Space | 86,87% Space Free | Partition Type: NTFS
Drive D: | 465,66 Gb Total Space | 100,24 Gb Free Space | 21,53% Space Free | Partition Type: NTFS
Computer Name: FRITZ-BOOK | User Name: Feuer-Fritz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.10.13 10:16:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Feuer-Fritz\Desktop\OTL.exe
PRC - [2012.10.10 10:17:56 | 001,011,408 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fssm32.exe
PRC - [2012.10.10 10:17:56 | 000,593,616 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE
PRC - [2012.09.07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.09.07 17:04:44 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.08.31 16:02:02 | 002,754,984 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012.08.25 19:21:29 | 001,193,176 | ---- | M] () -- C:\Users\Feuer-Fritz\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.24 15:28:04 | 000,698,048 | ---- | M] () -- C:\Users\Feuer-Fritz\AppData\Roaming\BrowserCompanion\tbhcn.exe
PRC - [2012.07.24 09:48:45 | 000,801,792 | ---- | M] (Yuna Software) -- C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
PRC - [2012.06.21 13:29:36 | 000,163,536 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\F-Secure\fshoster32.exe
PRC - [2012.03.15 18:00:44 | 000,311,976 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE
PRC - [2012.03.15 18:00:44 | 000,213,672 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE
PRC - [2012.03.15 15:55:34 | 000,062,160 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe
PRC - [2012.01.19 11:06:50 | 000,032,256 | ---- | M] () -- C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
PRC - [2011.08.25 10:50:50 | 000,153,424 | ---- | M] () -- C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe
PRC - [2010.08.29 00:27:22 | 000,024,576 | ---- | M] (ASoft) -- C:\Program Files (x86)\ASoft\AutoExitWHS\AEClientSvc.exe
PRC - [2010.02.05 10:05:08 | 000,182,912 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
PRC - [2010.02.04 14:05:32 | 007,350,912 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2010.01.22 12:29:40 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010.01.05 13:59:12 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
PRC - [2010.01.04 17:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009.09.30 19:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009.09.30 19:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009.09.23 10:11:54 | 001,160,320 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Net4Switch\Net4Switch.exe
PRC - [2009.07.31 10:38:26 | 000,428,600 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
PRC - [2009.07.31 10:38:24 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009.06.19 10:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2009.06.19 10:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2009.06.15 17:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
PRC - [2008.12.22 17:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
PRC - [2008.03.31 02:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2007.11.30 11:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
PRC - [2007.08.08 00:08:40 | 000,094,208 | ---- | M] () -- C:\Programme\ATKGFNEX\GFNEXSrv.exe
PRC - [2007.08.03 12:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files (x86)\ASUS\NB Probe\SPM\spmgr.exe
========== Modules (No Company Name) ==========
MOD - [2012.08.25 19:21:29 | 001,193,176 | ---- | M] () -- C:\Users\Feuer-Fritz\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
MOD - [2012.07.24 15:28:04 | 000,698,048 | ---- | M] () -- C:\Users\Feuer-Fritz\AppData\Roaming\BrowserCompanion\tbhcn.exe
MOD - [2012.06.28 12:07:41 | 010,706,624 | ---- | M] () -- C:\Windows\winsxs\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.2.680_none_a025cb6556b2730a\QtWebKit4.dll
MOD - [2012.06.28 12:07:41 | 008,347,328 | ---- | M] () -- C:\Windows\winsxs\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.2.680_none_a025cb6556b2730a\QtGui4.dll
MOD - [2012.06.28 12:07:41 | 003,051,200 | ---- | M] () -- C:\Windows\winsxs\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.2.680_none_a025cb6556b2730a\QtXmlPatterns4.dll
MOD - [2012.06.28 12:07:41 | 002,256,576 | ---- | M] () -- C:\Windows\winsxs\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.2.680_none_a025cb6556b2730a\QtCore4.dll
MOD - [2012.06.28 12:07:41 | 001,162,944 | ---- | M] () -- C:\Windows\winsxs\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.2.680_none_a025cb6556b2730a\QtScript4.dll
MOD - [2012.06.28 12:07:41 | 001,076,928 | ---- | M] () -- C:\Windows\winsxs\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.2.680_none_a025cb6556b2730a\QtCLucene4.dll
MOD - [2012.06.28 12:07:41 | 000,986,816 | ---- | M] () -- C:\Windows\winsxs\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.2.680_none_a025cb6556b2730a\QtNetwork4.dll
MOD - [2012.06.28 12:07:41 | 000,622,272 | ---- | M] () -- C:\Windows\winsxs\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.2.680_none_a025cb6556b2730a\QtSql4.dll
MOD - [2012.06.28 12:07:41 | 000,450,240 | ---- | M] () -- C:\Windows\winsxs\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.2.680_none_a025cb6556b2730a\QtHelp4.dll
MOD - [2012.06.28 12:07:41 | 000,372,416 | ---- | M] () -- C:\Windows\winsxs\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.2.680_none_a025cb6556b2730a\QtXml4.dll
MOD - [2012.06.21 13:29:36 | 000,241,360 | ---- | M] () -- C:\Program Files (x86)\F-Secure\imageformats\qmng4.dll
MOD - [2012.06.21 13:29:36 | 000,036,048 | ---- | M] () -- C:\Program Files (x86)\F-Secure\imageformats\qico4.dll
MOD - [2012.06.21 13:29:36 | 000,034,000 | ---- | M] () -- C:\Program Files (x86)\F-Secure\imageformats\qgif4.dll
MOD - [2012.03.15 18:00:36 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\FSGUI\strres.eng
MOD - [2012.03.15 18:00:34 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\FSGUI\fsavures.eng
MOD - [2012.03.09 09:46:20 | 000,110,080 | ---- | M] () -- C:\Program Files (x86)\Hardcopy\HcDLL2_36_Win32.dll
MOD - [2012.01.19 11:06:50 | 000,032,256 | ---- | M] () -- C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
MOD - [2012.01.07 10:54:16 | 000,047,616 | ---- | M] () -- C:\Program Files (x86)\Hardcopy\hardcopy_04.dll
MOD - [2011.08.25 10:50:50 | 000,153,424 | ---- | M] () -- C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe
MOD - [2010.01.04 17:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2009.09.17 13:41:42 | 000,267,264 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\ipswcore.dll
MOD - [2009.09.15 16:45:58 | 000,228,864 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\ipswsysmon.dll
MOD - [2009.09.15 10:47:10 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\ResItf.dll
MOD - [2009.09.11 16:40:20 | 000,084,992 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\cxcmrt.dll
MOD - [2009.07.08 11:24:16 | 000,167,424 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\ipsw_cfgmgr.dll
MOD - [2009.07.03 13:40:34 | 000,085,504 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\LogonStartup.dll
MOD - [2009.07.03 13:21:16 | 000,042,496 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\iphelper.dll
MOD - [2009.07.03 13:13:56 | 000,297,984 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\ipswui.dll
MOD - [2009.07.03 13:13:16 | 000,074,752 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\ipswobj.dll
MOD - [2009.07.03 13:12:32 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\ipswhlp.dll
MOD - [2009.07.03 13:12:24 | 000,065,024 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\ipswgblset.dll
MOD - [2009.07.03 13:12:14 | 000,089,088 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\ipswds.dll
MOD - [2009.07.01 16:46:24 | 000,461,824 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\ipswresmgr.dll
MOD - [2007.11.30 11:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
MOD - [2007.06.15 10:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
MOD - [2007.06.01 17:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
========== Services (SafeList) ==========
SRV:64bit: - [2010.01.22 09:01:12 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.12.07 16:16:34 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.10.09 17:04:59 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.10.09 17:02:41 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.09.07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.08.31 16:02:02 | 002,754,984 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.06.21 13:29:36 | 000,163,536 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\F-Secure\fshoster32.exe -- (fshoster)
SRV - [2012.05.30 13:11:34 | 000,149,544 | ---- | M] (Intel(R) Corporation) [On_Demand | Running] -- C:\Programme\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV - [2012.04.01 12:21:52 | 000,957,216 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2012.03.15 18:00:44 | 000,213,672 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE -- (FSMA)
SRV - [2012.03.15 18:00:38 | 000,914,088 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\FWES\Program\fsdfwd.exe -- (FSDFWD)
SRV - [2012.03.15 15:55:34 | 000,062,160 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe -- (FSORSPClient)
SRV - [2011.09.27 21:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2011.08.25 10:50:50 | 000,270,672 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe -- (UI Assistant Service)
SRV - [2011.03.28 21:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2011.01.10 14:48:32 | 000,231,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe -- (arXfrSvc)
SRV - [2011.01.10 14:47:54 | 000,109,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Home Server\esClient.exe -- (esClient)
SRV - [2011.01.10 14:47:42 | 000,489,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Home Server\WHSConnector.exe -- (WHSConnector)
SRV - [2010.10.22 13:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010.09.22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.08.29 00:27:22 | 000,024,576 | ---- | M] (ASoft) [Auto | Running] -- C:\Program Files (x86)\ASoft\AutoExitWHS\AEClientSvc.exe -- (AutoExitClientService)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.09.30 19:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009.09.30 19:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009.06.15 17:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.03.31 02:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
SRV - [2007.08.08 00:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Programme\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2007.08.03 12:24:54 | 000,125,496 | ---- | M] () [On_Demand | Running] -- C:\Program Files (x86)\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.09.07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.08.18 16:04:07 | 000,056,016 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fsbts.sys -- (fsbts)
DRV:64bit: - [2012.07.23 13:32:41 | 000,102,160 | ---- | M] (Yune Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MsgPlusDriver.sys -- (MsgPlusDriver)
DRV:64bit: - [2012.06.28 18:56:18 | 000,594,472 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2012.06.28 18:56:18 | 000,210,984 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2012.06.28 18:56:18 | 000,184,872 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2012.06.28 18:56:17 | 000,039,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2012.06.28 18:56:17 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2012.06.28 11:01:42 | 000,035,384 | ---- | M] (ASUSTek Computer Inc) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\AsDsm.sys -- (AsDsm)
DRV:64bit: - [2012.05.30 13:10:50 | 000,016,168 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2012.05.14 08:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012.03.15 18:00:38 | 000,095,112 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\fsdfw.sys -- (FSFW)
DRV:64bit: - [2012.03.15 18:00:38 | 000,046,024 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\fses.sys -- (FSES)
DRV:64bit: - [2012.03.08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.09.02 08:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011.09.02 08:30:24 | 000,076,056 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2011.09.02 08:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011.09.02 08:30:24 | 000,015,128 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2011.06.27 01:37:00 | 002,753,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011.03.26 10:37:12 | 000,123,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV:64bit: - [2011.03.26 10:37:12 | 000,123,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV:64bit: - [2011.03.26 10:37:12 | 000,123,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV:64bit: - [2011.03.26 10:37:12 | 000,011,776 | ---- | M] (MBB Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.01.22 12:22:22 | 000,180,224 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010.01.22 12:22:18 | 000,077,824 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010.01.22 09:13:24 | 006,233,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010.01.22 09:13:24 | 006,233,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.01.22 08:07:56 | 000,161,280 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.01.18 20:37:58 | 000,128,512 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2009.12.22 09:18:48 | 000,074,280 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2009.12.14 16:03:50 | 000,053,800 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:64bit: - [2009.09.30 09:34:32 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009.09.17 12:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009.08.21 14:48:18 | 000,044,032 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009.08.20 10:41:38 | 001,800,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:64bit: - [2009.08.07 05:24:14 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.07.20 17:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009.07.14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.20 18:04:56 | 000,202,016 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009.05.13 09:07:20 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2008.05.23 17:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2012.10.10 10:17:56 | 000,062,008 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
DRV - [2012.06.28 12:12:31 | 000,199,888 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
DRV - [2012.06.28 12:09:26 | 000,042,672 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\drivers\fsbts.sys -- (fsbts)
DRV - [2012.03.15 18:00:28 | 000,015,016 | ---- | M] () [Kernel | System | Running] -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys -- (fsvista)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2007.08.03 20:26:48 | 000,017,464 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV - [2007.07.24 11:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Programme\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 51 16 90 6D F3 6D CD 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searcerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{79FEDE32-A7FA-4761-95CA-9CB18D49C6D6}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: status4evar@caligonstudios.com:2012.07.08.17
FF - prefs.js..extensions.enabledAddons: support@lastpass.com:2.0.0
FF - prefs.js..extensions.enabledAddons: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.20.8546
FF - prefs.js..extensions.enabledAddons: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:2.0.7
FF - prefs.js..extensions.enabledAddons: {a8ef5f94-bd9b-4f86-adc8-7b1d2d003e14}:0.5.3
FF - prefs.js..extensions.enabledAddons: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.10
FF - prefs.js..extensions.enabledAddons: ich@maltegoetz.de:1.4.3
FF - prefs.js..extensions.enabledAddons: foxmarks@kei.com:4.1.3
FF - prefs.js..extensions.enabledAddons: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:1.4
FF - prefs.js..extensions.enabledAddons: bbrs_002@blabbers.com:1.0.5
FF - prefs.js..extensions.enabledAddons: {403304EE-066A-4a2a-8F41-F12028480A0A}:2.0.8
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Feuer-Fritz\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Feuer-Fritz\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.06.29 13:07:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.11 18:14:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.10.09 17:02:25 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.06.29 13:07:01 | 000,000,000 | ---D | M]
[2012.06.29 13:19:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\Extensions
[2012.10.11 18:15:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\Firefox\Profiles\ctvc0if1.default\extensions
[2012.08.02 12:09:50 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\Firefox\Profiles\ctvc0if1.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2012.07.08 09:28:18 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\Firefox\Profiles\ctvc0if1.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.07.27 17:37:10 | 000,000,000 | ---D | M] (Browser Companion Helper) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\Firefox\Profiles\ctvc0if1.default\extensions\bbrs_002@blabbers.com
[2012.09.18 16:35:49 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\Firefox\Profiles\ctvc0if1.default\extensions\foxmarks@kei.com
[2012.09.16 06:18:50 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\Firefox\Profiles\ctvc0if1.default\extensions\ich@maltegoetz.de
[2012.06.29 13:28:50 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\Firefox\Profiles\ctvc0if1.default\extensions\support@lastpass.com
[2012.09.24 06:24:23 | 000,204,580 | ---- | M] () (No name found) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\firefox\profiles\ctvc0if1.default\extensions\jid0-DY3JlbKAAeLydLoHa0dLJn4735o@jetpack.xpi
[2012.07.10 06:06:45 | 000,163,080 | ---- | M] () (No name found) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\firefox\profiles\ctvc0if1.default\extensions\status4evar@caligonstudios.com.xpi
[2012.09.28 06:04:22 | 000,382,635 | ---- | M] () (No name found) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\firefox\profiles\ctvc0if1.default\extensions\{403304EE-066A-4a2a-8F41-F12028480A0A}.xpi
[2012.08.23 01:36:43 | 000,341,143 | ---- | M] () (No name found) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\firefox\profiles\ctvc0if1.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi
[2012.08.25 19:37:49 | 000,009,164 | ---- | M] () (No name found) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\firefox\profiles\ctvc0if1.default\extensions\{a8ef5f94-bd9b-4f86-adc8-7b1d2d003e14}.xpi
[2012.09.27 08:55:54 | 000,199,396 | ---- | M] () (No name found) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\firefox\profiles\ctvc0if1.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2012.07.25 19:36:44 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\firefox\profiles\ctvc0if1.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.10.11 18:15:05 | 000,252,340 | ---- | M] () (No name found) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\firefox\profiles\ctvc0if1.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2012.09.25 17:44:17 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\firefox\profiles\ctvc0if1.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\0324adea3b6ec02af09ea4ae9424591b _expire
[2012.10.12 18:13:13 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\firefox\profiles\ctvc0if1.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\292124057d00cb0fa73db6b90d079658 _expire
[2012.10.12 18:13:20 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\firefox\profiles\ctvc0if1.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\2a86ac4f3322238b4f27d14a09839275 _expire
[2012.08.04 08:19:53 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\firefox\profiles\ctvc0if1.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\2e74403c227112bec523796d5a77d77e _expire
[2012.08.04 08:19:53 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\firefox\profiles\ctvc0if1.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\3b507b6d0186efd3615b9b9233c5f708 _expire
[2012.08.28 17:26:41 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\firefox\profiles\ctvc0if1.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\4ad053d40dfa5cab7948e9251df6e3d9 _expire
[2012.10.07 17:56:36 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\firefox\profiles\ctvc0if1.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\4d3d10bd28ff623813254a49b26be41f _expire
[2012.09.04 19:07:34 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\firefox\profiles\ctvc0if1.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\4ee61aeb9faeedf9f688a467a779ea96 _expire
[2012.10.12 18:13:21 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\firefox\profiles\ctvc0if1.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\608fb1265439dbf7f648e04f0f11d4c1 _expire
[2012.09.05 12:12:29 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\firefox\profiles\ctvc0if1.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\61e2ae11ba3d1cbe8887ea80f192e299 _expire
[2012.10.13 09:58:01 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\firefox\profiles\ctvc0if1.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\8ffbb13aa6f702b0cafab391f90d1db7 _expire
[2012.09.10 12:06:34 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\firefox\profiles\ctvc0if1.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\905da6432b374359c5f9f9ba2b8cea0d _expire
[2012.10.13 09:58:01 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\firefox\profiles\ctvc0if1.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\9e955ec456f86b7d2225b490c36a440e _expire
[2012.10.12 18:13:18 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\firefox\profiles\ctvc0if1.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\a3305b130a0ed11cd68c58b262aa95b3 _expire
[2012.08.02 12:50:28 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\firefox\profiles\ctvc0if1.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\a35ec2adf572a908b47081c94acefc6d _expire
[2012.10.13 09:58:01 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\firefox\profiles\ctvc0if1.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\a38dbdd1af07f4236d43e8fd995f57a6 _expire
[2012.08.04 08:19:53 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\firefox\profiles\ctvc0if1.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\b590e59d04fbf1a2e539ed0365d8391a _expire
[2012.08.27 17:45:33 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\firefox\profiles\ctvc0if1.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\b5bc7084382de95cb69790e5d10db338 _expire
[2012.09.19 18:07:35 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\firefox\profiles\ctvc0if1.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\b98ec85a6f6b5dca57a81c971a2ec1f5 _expire
[2012.10.12 18:13:14 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\firefox\profiles\ctvc0if1.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\bf73732e1f0b76bac435293ba3880579 _expire
[2012.08.19 19:33:47 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\firefox\profiles\ctvc0if1.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\cbb69a449d3e39b3a3781ffb1d7fa52b _expire
[2012.08.19 19:33:47 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\firefox\profiles\ctvc0if1.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\d6867a63f98943c5d45ac3e1e96e45bb _expire
[2012.08.26 17:41:47 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\firefox\profiles\ctvc0if1.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\d83bb387de1d7c4401815e133de06c6b _expire
[2012.08.25 18:16:32 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\firefox\profiles\ctvc0if1.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\dc6668d28979688b1e2066d1dcaef0f6 _expire
[2012.09.19 18:07:35 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\firefox\profiles\ctvc0if1.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e02b35320e5111f1b626466c13c70a0a _expire
[2012.08.25 19:33:56 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\firefox\profiles\ctvc0if1.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e7215b147326809c45f6cf0952274624 _expire
[2012.10.12 18:13:18 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\firefox\profiles\ctvc0if1.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e919434ec29526b28593c426e4264271 _expire
[2012.10.12 18:13:21 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\firefox\profiles\ctvc0if1.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ece71b71690fad200cbed95871ef4bb2 _expire
[2012.10.12 18:13:19 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\firefox\profiles\ctvc0if1.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\f03527c67e08602d2e4c18ae7867300d _expire
[2012.10.13 10:14:39 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\firefox\profiles\ctvc0if1.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\f4413a9bbae019aa976b741cc45b7e75 _expire
[2012.10.07 17:56:36 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\firefox\profiles\ctvc0if1.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\fa74672918974682c82b8d91dfbe0d6b _expire
[2012.09.03 10:38:34 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\firefox\profiles\ctvc0if1.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\fb2a2d37c3a5abdb2d5c51d90fdaebc4 _expire
[2012.10.07 17:56:36 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\firefox\profiles\ctvc0if1.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f _expire
[2012.08.02 12:10:03 | 000,002,558 | ---- | M] () -- C:\Users\Feuer-Fritz\AppData\Roaming\mozilla\firefox\profiles\ctvc0if1.default\searchplugins\aol-search.xml
[2012.10.11 18:14:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.09.06 03:26:03 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.06.28 17:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012.09.06 04:07:37 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.06 04:07:37 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.09.06 04:07:37 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.09.06 04:07:37 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.09.06 04:07:37 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.09.06 04:07:37 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:se archFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Feuer-Fritz\AppData\Local\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Feuer-Fritz\AppData\Local\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Feuer-Fritz\AppData\Local\Google\Chrome\Application\22.0.1229.79\pdf.dll
CHR - plugin: (Enabled) = C:\Users\Feuer-Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf\1.0.5_0\chromeNPAPI.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll
CHR - Extension: YouTube = C:\Users\Feuer-Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Browser Companion Helper = C:\Users\Feuer-Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf\1.0.5_0\
CHR - Extension: Google-Suche = C:\Users\Feuer-Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Google Mail = C:\Users\Feuer-Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: FTP Client = C:\Users\Feuer-Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\poodjdhopfiiphkpildgjgkbidopdphm\1.0_0\
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll ()
O2:64bit: - BHO: (BrowserHelper Class) - {9A065C65-4EE7-4DDD-9918-F129089A894A} - C:\Programme\Windows Home Server\WHSDeskBands.dll (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Browser Companion Helper) - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files (x86)\BrowserCompanion\jsloader.dll ( )
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll ()
O2 - BHO: (Browser Companion Helper Verifier) - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll ( )
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll ()
O3:64bit: - HKLM\..\Toolbar: (Home Server Banner) - {D73E76A3-F902-45BD-8FC8-95AE8E014671} - C:\Programme\Windows Home Server\WHSDeskBands.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll ()
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL Inc.)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [F-Secure Hoster (666)] C:\Program Files (x86)\F-Secure\fshoster32.exe (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKLM..\Run: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)
O4 - HKLM..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun File not found
O4 - HKLM..\Run: [UIExec] C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe ()
O4 - HKLM..\Run: [WHSClient] C:\Program Files (x86)\ASoft\AutoExitWHS\AEClientTray.exe ()
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Feuer-Fritz\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Feuer-Fritz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk = C:\Users\Feuer-Fritz\AppData\Roaming\Microsoft\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe ()
O4 - Startup: C:\Users\Feuer-Fritz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk = C:\Users\Feuer-Fritz\AppData\Roaming\BrowserCompanion\tbhcn.exe ()
O4 - Startup: C:\Users\Feuer-Fritz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.6.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Feuer-Fritz\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8:64bit: - Extra context menu item: LastPass - file://C:\Users\Feuer-Fritz\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found
O8:64bit: - Extra context menu item: LastPass Fill Forms - file://C:\Users\Feuer-Fritz\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Free YouTube Download - C:\Users\Feuer-Fritz\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: LastPass - file://C:\Users\Feuer-Fritz\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found
O8 - Extra context menu item: LastPass Fill Forms - file://C:\Users\Feuer-Fritz\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll ()
O9:64bit: - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll ()
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll ()
O9 - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{96A89252-3058-4F88-8AAA-EB97796F4F4A}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\base64 - No CLSID value found
O18:64bit: - Protocol\Handler\chrome - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\prox - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\base64 {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\chrome {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\prox {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.09.03 05:39:00 | 000,000,038 | ---- | M] () - D:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.10.13 10:16:02 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Feuer-Fritz\Desktop\OTL.exe
[2012.10.13 10:01:25 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Roaming\Malwarebytes
[2012.10.13 10:01:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.10.13 10:01:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.10.13 10:01:11 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.10.13 10:01:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.10.13 09:30:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RegCleaner
[2012.10.13 08:52:25 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{44D09AAB-CE55-4E60-85D8-20F597097753}
[2012.10.13 08:49:31 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
[2012.10.12 18:09:31 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{D64AD0E3-B3C8-4954-B650-4B6535A072C7}
[2012.10.12 06:01:51 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{41CF62AD-8801-4026-8076-DE823F70716E}
[2012.10.11 08:36:02 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{5B83E33E-01CD-4DA1-8BD7-A66472BF98F0}
[2012.10.10 10:21:47 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{A81547FD-3404-4C3A-BC72-C87E781B260E}
[2012.10.09 20:13:51 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{4DA005FA-8838-4705-A531-769C8F5BDDC0}
[2012.10.09 17:02:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.10.09 08:13:27 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{C4389E0F-B4A2-44E1-B94B-69A140F27C79}
[2012.10.08 20:12:06 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{B5158F9E-9053-4706-A68A-92F1411A13EA}
[2012.10.08 08:11:43 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{6F4C79AF-AE94-4BAD-B98A-4F0A120DCC01}
[2012.10.07 20:11:06 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{8AE85588-0BBC-4F1A-9289-6CFAF96FE631}
[2012.10.07 08:10:31 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{68B3031B-A82A-463E-9801-8EEFB1B66558}
[2012.10.06 19:34:49 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{DCAF3D4E-253F-4C85-ABE2-2AE1895143E7}
[2012.10.06 07:34:25 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{99F5B6BB-A95B-46E1-B08E-5EA63A747BE0}
[2012.10.05 17:10:16 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{434888D6-6F27-4269-A958-FF053931037D}
[2012.10.05 02:36:38 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\ElevatedDiagnostics
[2012.10.04 23:51:31 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{849424A8-D0C4-40C0-842B-84B3E495863B}
[2012.10.04 08:37:35 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{6D95D5D1-7094-40F3-8513-259224296B1B}
[2012.10.03 10:44:02 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{1A8B93F0-3E65-4446-81A3-B1FD300C0654}
[2012.10.02 10:41:31 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{F63AA990-7D72-4081-9473-BEB552341086}
[2012.10.01 20:08:13 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{DA59A8B4-CC67-4CFB-856A-AD59BBF3392E}
[2012.10.01 08:07:49 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{0C293CE3-5BAF-406C-BA86-2A539A7CDC65}
[2012.09.30 12:49:49 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{30A122EF-3094-43A4-8D4F-9ED124A9916B}
[2012.09.29 20:07:55 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{A9E585FC-B2D7-447B-BD34-4CC2286ED45B}
[2012.09.29 16:55:38 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012.09.29 08:07:44 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{CB8B7DCE-6971-4E66-ABD0-F683B961A198}
[2012.09.28 18:05:43 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{97FB0825-6852-4A8B-B02C-0BC1631AF3FC}
[2012.09.28 06:05:06 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{2AEB234A-294D-4F34-B592-6A325369FFE3}
[2012.09.27 09:23:27 | 000,719,872 | ---- | C] (Abysmal Software) -- C:\Windows\SysWow64\devil.dll
[2012.09.27 09:23:27 | 000,369,152 | ---- | C] (The Public) -- C:\Windows\SysWow64\avisynth.dll
[2012.09.27 09:23:26 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\yv12vfw.dll
[2012.09.27 09:23:26 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\i420vfw.dll
[2012.09.27 09:23:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AviSynth 2.5
[2012.09.27 09:20:43 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\SysWow64\pncrt.dll
[2012.09.27 09:20:43 | 000,216,064 | RHS- | C] (MONOGRAM Multimedia, s.r.o.) -- C:\Windows\SysWow64\nbDX.dll
[2012.09.27 09:20:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © - by eRightSoft
[2012.09.27 09:20:42 | 000,163,328 | RHS- | C] (Gabest) -- C:\Windows\SysWow64\flvDX.dll
[2012.09.27 09:20:42 | 000,092,672 | RHS- | C] (RadLight) -- C:\Windows\SysWow64\RLVorbisDec.ax
[2012.09.27 09:20:42 | 000,090,112 | RHS- | C] (-) -- C:\Windows\SysWow64\TTADSSplitter.ax
[2012.09.27 09:20:42 | 000,090,112 | RHS- | C] (-) -- C:\Windows\SysWow64\TTADSDecoder.ax
[2012.09.27 09:20:42 | 000,067,584 | RHS- | C] (RadLight, LLC) -- C:\Windows\SysWow64\RLTheoraDec.ax
[2012.09.27 09:20:42 | 000,031,232 | RHS- | C] (Hans Mayerl) -- C:\Windows\SysWow64\msfDX.dll
[2012.09.27 09:20:41 | 000,186,880 | RHS- | C] (RadLight) -- C:\Windows\SysWow64\RLOgg.ax
[2012.09.27 09:20:41 | 000,161,792 | RHS- | C] (Gabest) -- C:\Windows\SysWow64\RealMediaDX.ax
[2012.09.27 09:20:39 | 000,179,200 | RHS- | C] (Gabest) -- C:\Windows\SysWow64\DiracSplitter.ax
[2012.09.27 09:20:39 | 000,123,904 | RHS- | C] (CoreCodec) -- C:\Windows\SysWow64\AVCDX.ax
[2012.09.27 09:19:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\eRightSoft
[2012.09.27 08:52:42 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{8CF5C6C4-1A57-4D09-A8F0-4D1B28C00B77}
[2012.09.26 18:06:21 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{D99969E9-3769-4BDF-AD89-50080111C550}
[2012.09.26 06:05:46 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{0BE77070-F22C-4C0D-A4DB-09FE5A2DF806}
[2012.09.25 09:33:03 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{92662E81-E059-46B9-8703-A59056C37D9E}
[2012.09.24 18:21:55 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{AD06B3FC-3E5C-41CB-9E9A-86FF8D758E5D}
[2012.09.24 06:21:31 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{C2826A13-793D-40AC-AA66-671C6F3E7014}
[2012.09.23 08:17:40 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{17D484D4-04DF-499C-A520-384D34B06867}
[2012.09.22 12:55:53 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{0EFCC19F-506E-4E8D-B2B0-D941DC024B64}
[2012.09.21 20:23:31 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{D5EFE8B3-C804-4AFC-8FE1-DA4E0727D3F5}
[2012.09.21 08:23:08 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{053BE23B-3812-4949-BC5D-EC867636232C}
[2012.09.20 20:22:44 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{EE4DBF60-453D-452F-9723-8C166DC40C9C}
[2012.09.20 08:22:20 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{52CA936E-A7FC-4A2D-886D-C259DC08A08D}
[2012.09.19 18:03:36 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{C16A161C-F3BF-4217-B1E9-EC2D0595570C}
[2012.09.18 20:14:16 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{C5EF6518-1F95-41E0-8A18-E83E9B0E1191}
[2012.09.18 19:03:40 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Enhanced Mitigation Experience Toolkit
[2012.09.18 19:03:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EMET
[2012.09.18 08:13:44 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{C3582C8D-E486-4743-9057-D6912895D0C8}
[2012.09.17 08:43:50 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{8512895F-86F1-4BB7-A223-1C1B56DC7735}
[2012.09.16 11:14:13 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{AF5C8CCD-7703-44BF-9C9B-DA5DCDB4B3FA}
[2012.09.15 21:12:36 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{9ADE1BB6-01D3-49B9-A0CB-3210025BC158}
[2012.09.15 08:12:32 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{8F7C4A19-CB0E-4F51-9947-CD21B1F18DAD}
[2012.09.14 18:12:28 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{795C5917-6606-4796-B5FF-D388755126E6}
[2012.09.14 06:12:04 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{B3215499-B0D3-409C-9437-12BE88E08316}
[2012.09.13 18:11:19 | 000,000,000 | ---D | C] -- C:\Users\Feuer-Fritz\AppData\Local\{5D2E4FCF-2AD5-4DD6-A874-E91D22946654}
[2012.06.28 15:16:51 | 000,659,456 | ---- | C] (Speed Guide Inc.) -- C:\Program Files (x86)\TCP308Optimizer.exe
========== Files - Modified Within 30 Days ==========
[2012.10.13 10:33:11 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.13 10:16:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Feuer-Fritz\Desktop\OTL.exe
[2012.10.13 10:15:48 | 000,000,000 | ---- | M] () -- C:\Users\Feuer-Fritz\defogger_reenable
[2012.10.13 10:02:16 | 000,013,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.13 10:02:16 | 000,013,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.13 10:01:15 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.10.13 10:00:00 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1354190298-4171099561-3877952289-1001UA.job
[2012.10.13 09:58:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.13 09:53:03 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.13 09:52:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.13 09:52:33 | 3157,114,880 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.13 09:39:50 | 001,617,850 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.10.13 09:39:50 | 000,698,504 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.10.13 09:39:50 | 000,653,782 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.10.13 09:39:50 | 000,149,008 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.10.13 09:39:50 | 000,121,954 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.10.13 09:30:38 | 000,000,962 | ---- | M] () -- C:\Users\Feuer-Fritz\Desktop\RegCleaner.lnk
[2012.10.11 19:34:52 | 002,223,723 | ---- | M] () -- C:\Users\Feuer-Fritz\Desktop\KB2011v6.pdf
[2012.10.11 17:00:01 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1354190298-4171099561-3877952289-1001Core.job
[2012.10.08 18:16:14 | 508,657,894 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.10.08 08:10:45 | 001,979,848 | ---- | M] () -- C:\Users\Feuer-Fritz\Desktop\tasse.jpg
[2012.10.07 08:52:37 | 000,483,945 | ---- | M] () -- C:\Users\Feuer-Fritz\Desktop\1und1-6.jpg
[2012.10.07 08:52:20 | 000,442,583 | ---- | M] () -- C:\Users\Feuer-Fritz\Desktop\1und1-5.jpg
[2012.10.07 08:52:00 | 000,560,996 | ---- | M] () -- C:\Users\Feuer-Fritz\Desktop\1und1-4.jpg
[2012.10.07 08:51:40 | 000,491,097 | ---- | M] () -- C:\Users\Feuer-Fritz\Desktop\1und1-3.jpg
[2012.10.07 08:51:24 | 000,565,436 | ---- | M] () -- C:\Users\Feuer-Fritz\Desktop\1und1-2.jpg
[2012.10.07 08:51:06 | 000,603,368 | ---- | M] () -- C:\Users\Feuer-Fritz\Desktop\1und1-1.jpg
[2012.10.05 17:56:46 | 000,364,131 | ---- | M] () -- C:\Users\Feuer-Fritz\Desktop\verifizierung.jpg
[2012.10.03 19:49:25 | 000,382,288 | ---- | M] () -- C:\Users\Feuer-Fritz\Desktop\Kolbe_KF7703_Grill.pdf
[2012.10.02 03:09:38 | 000,874,233 | ---- | M] () -- C:\Users\Feuer-Fritz\Desktop\CSP_1.pdf
[2012.10.01 08:22:19 | 000,053,248 | ---- | M] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2012.09.30 06:20:53 | 000,001,984 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2012.09.21 18:36:32 | 000,301,820 | ---- | M] () -- C:\Users\Feuer-Fritz\Desktop\profiseller_ralf.jpg
========== Files Created - No Company Name ==========
[2012.10.13 10:15:48 | 000,000,000 | ---- | C] () -- C:\Users\Feuer-Fritz\defogger_reenable
[2012.10.13 10:01:15 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.10.13 09:30:38 | 000,000,962 | ---- | C] () -- C:\Users\Feuer-Fritz\Desktop\RegCleaner.lnk
[2012.10.11 19:34:52 | 002,223,723 | ---- | C] () -- C:\Users\Feuer-Fritz\Desktop\KB2011v6.pdf
[2012.10.08 08:08:59 | 001,979,848 | ---- | C] () -- C:\Users\Feuer-Fritz\Desktop\tasse.jpg
[2012.10.07 08:52:36 | 000,483,945 | ---- | C] () -- C:\Users\Feuer-Fritz\Desktop\1und1-6.jpg
[2012.10.07 08:52:20 | 000,442,583 | ---- | C] () -- C:\Users\Feuer-Fritz\Desktop\1und1-5.jpg
[2012.10.07 08:52:00 | 000,560,996 | ---- | C] () -- C:\Users\Feuer-Fritz\Desktop\1und1-4.jpg
[2012.10.07 08:51:40 | 000,491,097 | ---- | C] () -- C:\Users\Feuer-Fritz\Desktop\1und1-3.jpg
[2012.10.07 08:51:24 | 000,565,436 | ---- | C] () -- C:\Users\Feuer-Fritz\Desktop\1und1-2.jpg
[2012.10.07 08:51:06 | 000,603,368 | ---- | C] () -- C:\Users\Feuer-Fritz\Desktop\1und1-1.jpg
[2012.10.05 17:56:46 | 000,364,131 | ---- | C] () -- C:\Users\Feuer-Fritz\Desktop\verifizierung.jpg
[2012.10.03 19:49:25 | 000,382,288 | ---- | C] () -- C:\Users\Feuer-Fritz\Desktop\Kolbe_KF7703_Grill.pdf
[2012.10.02 03:09:38 | 000,874,233 | ---- | C] () -- C:\Users\Feuer-Fritz\Desktop\CSP_1.pdf
[2012.09.29 16:55:06 | 000,000,932 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1354190298-4171099561-3877952289-1001UA.job
[2012.09.29 16:55:05 | 000,000,880 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1354190298-4171099561-3877952289-1001Core.job
[2012.09.27 09:23:26 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2012.09.27 09:20:42 | 000,121,344 | RHS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.ax
[2012.09.27 09:20:42 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.dll
[2012.09.27 09:20:42 | 000,051,712 | RHS- | C] () -- C:\Windows\SysWow64\RLSpeexDec.ax
[2012.09.27 09:20:41 | 000,120,832 | RHS- | C] () -- C:\Windows\SysWow64\MPCDx.ax
[2012.09.27 09:20:41 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\RLMPCDec.ax
[2012.09.27 09:20:41 | 000,070,656 | RHS- | C] () -- C:\Windows\SysWow64\RLAPEDec.ax
[2012.09.27 09:20:40 | 000,195,584 | RHS- | C] () -- C:\Windows\SysWow64\MatroskaDX.ax
[2012.09.27 09:20:40 | 000,097,280 | RHS- | C] () -- C:\Windows\SysWow64\FLACDX.ax
[2012.09.27 09:20:39 | 000,227,328 | RHS- | C] () -- C:\Windows\SysWow64\ac3DX.ax
[2012.09.27 09:20:39 | 000,175,104 | RHS- | C] () -- C:\Windows\SysWow64\CoreAAC.ax
[2012.09.27 09:20:39 | 000,081,920 | RHS- | C] () -- C:\Windows\SysWow64\aac_parser.ax
[2012.09.21 18:36:32 | 000,301,820 | ---- | C] () -- C:\Users\Feuer-Fritz\Desktop\profiseller_ralf.jpg
[2012.07.19 08:15:05 | 000,909,312 | ---- | C] () -- C:\Windows\SysWow64\vorbisenc.dll
[2012.07.19 08:15:05 | 000,544,256 | ---- | C] () -- C:\Windows\SysWow64\janGraphics.dll
[2012.07.19 08:15:05 | 000,454,656 | ---- | C] () -- C:\Windows\SysWow64\PaintX.dll
[2012.07.19 08:15:05 | 000,182,784 | ---- | C] () -- C:\Windows\SysWow64\DGVorbis.dll
[2012.07.19 08:15:04 | 001,060,864 | ---- | C] () -- C:\Windows\SysWow64\vorbis.dll
[2012.07.19 08:15:04 | 000,175,104 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2012.07.19 08:15:04 | 000,118,784 | ---- | C] () -- C:\Windows\SysWow64\MP3DEE.DLL
[2012.07.19 08:15:04 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\ogg.dll
[2012.07.19 08:15:04 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kwab.dll
[2012.07.09 08:00:13 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012.07.09 08:00:13 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012.07.09 08:00:11 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012.07.09 08:00:03 | 000,079,872 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012.07.01 20:31:13 | 000,000,000 | ---- | C] () -- C:\Windows\Net4Switch.INI
[2012.06.29 15:18:04 | 000,000,000 | ---- | C] () -- C:\Users\Feuer-Fritz\AppData\Roaming\JFritz.lock
[2012.06.29 13:11:46 | 000,241,537 | ---- | C] () -- C:\Windows\hpwins28.dat.temp
[2012.06.29 13:11:46 | 000,000,418 | ---- | C] () -- C:\Windows\hpwmdl28.dat.temp
[2012.06.29 13:03:16 | 000,241,206 | ---- | C] () -- C:\Windows\hpwins28.dat
[2012.06.29 13:03:16 | 000,000,418 | ---- | C] () -- C:\Windows\hpwmdl28.dat
[2012.06.29 12:23:05 | 000,003,584 | ---- | C] () -- C:\Users\Feuer-Fritz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.06.28 15:17:22 | 000,002,048 | ---- | C] () -- C:\Program Files (x86)\sg_backup_2012-06-28-1517.spg
[2012.06.28 15:17:22 | 000,002,048 | ---- | C] () -- C:\Program Files (x86)\FirstBackup.spg
[2012.06.28 12:09:26 | 000,042,672 | ---- | C] () -- C:\Windows\SysWow64\drivers\fsbts.sys
[2012.06.28 12:09:13 | 001,595,680 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.06.28 12:09:11 | 000,019,534 | ---- | C] () -- C:\Windows\prodsett_copy.ini
[2012.06.28 11:35:32 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.06.28 11:03:14 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll
[2012.06.28 08:06:17 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2012.06.28 08:04:08 | 000,001,035 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2012.06.11 18:50:16 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.06.11 18:50:16 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012.10.13 10:33:28 | 000,000,000 | ---D | M] -- C:\Users\Feuer-Fritz\AppData\Roaming\BrowserCompanion
[2012.08.27 20:37:59 | 000,000,000 | ---D | M] -- C:\Users\Feuer-Fritz\AppData\Roaming\Dojotech Software
[2012.07.08 20:40:21 | 000,000,000 | ---D | M] -- C:\Users\Feuer-Fritz\AppData\Roaming\DVDVideoSoft
[2012.07.08 09:28:17 | 000,000,000 | ---D | M] -- C:\Users\Feuer-Fritz\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.10.13 10:23:36 | 000,000,000 | ---D | M] -- C:\Users\Feuer-Fritz\AppData\Roaming\JFritz
[2012.06.29 20:28:36 | 000,000,000 | ---D | M] -- C:\Users\Feuer-Fritz\AppData\Roaming\Leadertech
[2012.06.29 13:58:56 | 000,000,000 | ---D | M] -- C:\Users\Feuer-Fritz\AppData\Roaming\NetSpeedMonitor
[2012.10.05 08:55:23 | 000,000,000 | ---D | M] -- C:\Users\Feuer-Fritz\AppData\Roaming\Spotify
[2012.09.04 10:45:52 | 000,000,000 | ---D | M] -- C:\Users\Feuer-Fritz\AppData\Roaming\TeamViewer
[2012.07.31 19:47:25 | 000,000,000 | ---D | M] -- C:\Users\Feuer-Fritz\AppData\Roaming\TeraCopy
[2012.06.29 15:03:06 | 000,000,000 | ---D | M] -- C:\Users\Feuer-Fritz\AppData\Roaming\Windows Home Server
[2012.06.28 13:25:21 | 000,000,000 | ---D | M] -- C:\Users\Feuer-Fritz\AppData\Roaming\Windows Live Writer
========== Purity Check ==========
< End of report >
| |
