Erstmal vielen Dank für die Hilfe!
Hier die beiden Dateien: Code:
OTL logfile created on: 20.03.2013 19:52:00 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = E:\
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,90 Gb Total Physical Memory | 6,88 Gb Available Physical Memory | 87,13% Memory free
15,80 Gb Paging File | 14,81 Gb Available in Paging File | 93,72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 464,98 Gb Total Space | 331,49 Gb Free Space | 71,29% Space Free | Partition Type: NTFS
Drive E: | 980,28 Mb Total Space | 919,02 Mb Free Space | 93,75% Space Free | Partition Type: FAT
Drive O: | 298,01 Gb Total Space | 164,93 Gb Free Space | 55,34% Space Free | Partition Type: FAT32
Computer Name: LAPTOP-PC | User Name: Laptop | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - E:\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe (Sophos Limited)
========== Modules (No Company Name) ==========
========== Services (SafeList) ==========
SRV:64bit: - (HPSIService) -- C:\Windows\SysNative\HPSIsvc.exe (HP)
SRV:64bit: - (O2FLASH) -- C:\Windows\SysNative\drivers\o2flash.exe (O2Micro International)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Sophos AutoUpdate Service) -- C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe (Sophos Limited)
SRV - (SAVAdminService) -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe (Sophos Limited)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (swi_service) -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe (Sophos Limited)
SRV - (swi_update_64) -- C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe (Sophos Limited)
SRV - (SAVService) -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe (Sophos Limited)
SRV - (Sophos Web Control Service) -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe (Sophos Limited)
SRV - (UsbClientService) -- C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe ()
SRV - (SynoDrService) -- C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe ()
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (DFEPService) -- c:\Programme\Dell\Feature Enhancement Pack\DFEPService.exe (Dell Inc.)
SRV - (Wave Authentication Manager Service) -- C:\Programme\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe (Wave Systems Corp.)
SRV - (TdmService) -- C:\Programme\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe (Wave Systems Corp.)
SRV - (SecureStorageService) -- C:\Programme\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe (Wave Systems Corp.)
SRV - (XS Stick Service) -- C:\Windows\service4g.exe (4G Systems GmbH & Co. KG)
SRV - (WTGService) -- C:\Program Files (x86)\XSManager\WTGService.exe ()
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (CVPND) -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe (Intel Corporation)
SRV - (tcsd_win32.exe) -- C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe ()
SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (STacSV) -- C:\Programme\IDT\WDM\stacsv64.exe (IDT, Inc.)
SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (ZcfgSvc7) -- C:\Programme\Intel\WiFi\bin\ZCfgSvc7.exe (Intel(R) Corporation)
SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (BrcmMgmtAgent) -- C:\Programme\Broadcom\MgmtAgent\BrcmMgmtAgent.exe (Broadcom Corporation)
SRV - (ATService) -- C:\Programme\Fingerprint Sensor\ATService.exe (AuthenTec, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (AESTFilters) -- C:\Programme\IDT\WDM\AESTSr64.exe (Andrea Electronics Corporation)
SRV - (O2SDIOAssist) -- c:\Windows\SysWOW64\srvany.exe ()
========== Driver Services (SafeList) ==========
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (SAVOnAccess) -- C:\Windows\SysNative\drivers\savonaccess.sys (Sophos Limited)
DRV:64bit: - (sdcfilter) -- C:\Windows\SysNative\drivers\sdcfilter.sys (Sophos Limited)
DRV:64bit: - (SophosBootDriver) -- C:\Windows\SysNative\drivers\SophosBootDriver.sys (Sophos Plc)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (busenum) -- C:\Windows\SysNative\drivers\busenum.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (cmnsusbser) -- C:\Windows\SysNative\drivers\cmnsusbser.sys (Mobile Connector)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (BTWAMPFL) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (NBVol) -- C:\Windows\SysNative\drivers\NBVol.sys (Nero AG)
DRV:64bit: - (NBVolUp) -- C:\Windows\SysNative\drivers\NBVolUp.sys (Nero AG)
DRV:64bit: - (Acceler) -- C:\Windows\SysNative\drivers\accelern.sys (ST Microelectronics)
DRV:64bit: - (HBtnKey) -- C:\Windows\SysNative\drivers\HBtnKey.sys (Dell Inc.)
DRV:64bit: - (stdcfltn) -- C:\Windows\SysNative\drivers\stdcfltn.sys (ST Microelectronics)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV:64bit: - (O2SDJRDR) -- C:\Windows\SysNative\drivers\o2sdjw7x64.sys (O2Micro )
DRV:64bit: - (CVPNDRVA) -- C:\Windows\SysNative\drivers\CVPNDRVA.sys ()
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (O2MDRRDR) -- C:\Windows\SysNative\drivers\O2MDRw7x64.sys (O2Micro )
DRV:64bit: - (O2MDFRDR) -- C:\Windows\SysNative\drivers\o2mdfw7x64.sys (O2Micro )
DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc60.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (SynthVid) -- C:\Windows\SysNative\drivers\VMBusVideoM.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (Blfp) -- C:\Windows\SysNative\drivers\basp.sys (Broadcom Corporation)
DRV:64bit: - (PBADRV) -- C:\Windows\SysNative\drivers\PBADRV.SYS (Dell Inc)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (CVirtA) -- C:\Windows\SysNative\drivers\CVirtA64.sys (Cisco Systems, Inc.)
DRV:64bit: - (CtClsFlt) -- C:\Windows\SysNative\drivers\CtClsFlt.sys (Creative Technology Ltd.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (ATSwpWDF) -- C:\Windows\SysNative\drivers\ATSwpWDF.sys (AuthenTec, Inc.)
DRV:64bit: - (DNE) -- C:\Windows\SysNative\drivers\dne64x.sys (Deterministic Networks, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0EAE1905-3042-4012-B74E-4C0BA8783D60}
IE:64bit: - HKLM\..\SearchScopes\{0EAE1905-3042-4012-B74E-4C0BA8783D60}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLRDF8&pc=MDDR&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0EAE1905-3042-4012-B74E-4C0BA8783D60}
IE - HKLM\..\SearchScopes\{0EAE1905-3042-4012-B74E-4C0BA8783D60}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLRDF8&pc=MDDR&src=IE-SearchBox
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1825897433-1590765505-2489730031-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USREL/8
IE - HKU\S-1-5-21-1825897433-1590765505-2489730031-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/USREL/8
IE - HKU\S-1-5-21-1825897433-1590765505-2489730031-1000\..\SearchScopes,DefaultScope = {0EAE1905-3042-4012-B74E-4C0BA8783D60}
IE - HKU\S-1-5-21-1825897433-1590765505-2489730031-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1825897433-1590765505-2489730031-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "www.spiegel.de"
FF - prefs.js..extensions.enabledAddons: nosquint%40urandom.ca:2.1.6
FF - prefs.js..extensions.enabledAddons: %7BB17C1C5A-04B1-11DB-9804-B622A1EF5492%7D:1.2.1
FF - prefs.js..extensions.enabledAddons: isreaditlater%40ideashower.com:3.0.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013.01.23 14:02:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.08 23:23:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.03.08 23:23:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.4\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.03.12 10:47:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.4\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2013.03.12 10:47:21 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.08 23:23:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.03.08 23:23:29 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.4\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.03.12 10:47:20 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.4\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2013.03.12 10:47:21 | 000,000,000 | ---D | M]
[2012.06.23 13:05:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Laptop\AppData\Roaming\mozilla\Extensions
[2013.02.20 19:52:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Laptop\AppData\Roaming\mozilla\Firefox\Profiles\pse53ekf.default\extensions
[2013.01.08 07:06:41 | 000,223,719 | ---- | M] () (No name found) -- C:\Users\Laptop\AppData\Roaming\mozilla\firefox\profiles\pse53ekf.default\extensions\isreaditlater@ideashower.com.xpi
[2012.09.01 14:19:45 | 000,113,112 | ---- | M] () (No name found) -- C:\Users\Laptop\AppData\Roaming\mozilla\firefox\profiles\pse53ekf.default\extensions\nosquint@urandom.ca.xpi
[2012.06.23 14:56:52 | 000,089,442 | ---- | M] () (No name found) -- C:\Users\Laptop\AppData\Roaming\mozilla\firefox\profiles\pse53ekf.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi
[2013.03.08 23:23:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.03.08 23:23:39 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.06.14 23:46:57 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.07 16:29:25 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.14 23:46:57 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.14 23:46:57 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.14 23:46:57 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.14 23:46:56 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [DFEPApplication] c:\Programme\Dell\Feature Enhancement Pack\DFEPApplication.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [IntelPROSet] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [TdmNotify] C:\Programme\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [NBAgent] C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero BackItUp 4\NBKeyScan.exe" File not found
O4 - HKLM..\Run: [PDVD9LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [QuickFinder Scheduler] C:\Program Files (x86)\WordPerfect Office X3\Programs\QFSCHD130.EXE (Corel Corporation)
O4 - HKLM..\Run: [RemoteControl9] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Sophos AutoUpdate Monitor] C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe (Sophos Limited)
O4 - HKLM..\Run: [starter4g] C:\Windows\starter4g.exe (4G Systems GmbH & Co. KG)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1825897433-1590765505-2489730031-1000..\Run: [Adobe Acrobat Synchronizer] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk = File not found
O4 - Startup: C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Öffnen mit WordPerfect - C:\Program Files (x86)\WordPerfect Office X3\Programs\WPLauncher.hta ()
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Öffnen mit WordPerfect - C:\Program Files (x86)\WordPerfect Office X3\Programs\WPLauncher.hta ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000020 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{616799EC-8CB6-413C-A939-FAEBB4F5FDFE}: DhcpNameServer = 217.237.150.115 217.237.151.205
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C5CDE8B8-5E1F-450C-BA8F-D88ACE81DC2E}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL) - C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL (Sophos Limited)
O20 - AppInit_DLLs: (C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL) - C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Limited)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\spba: DllName - (C:\Program Files\Common Files\SPBA\homefus2.dll) - C:\Programme\Common Files\SPBA\homefus2.dll (UPEK Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30:64bit: - LSA: Authentication Packages - (wvauth) - C:\Windows\SysNative\wvauth.dll (Wave Systems Corp.)
O30 - LSA: Authentication Packages - (wvauth) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2d2ffb79-c235-11e1-8b13-c01885d7c60a}\Shell - "" = AutoRun
O33 - MountPoints2\{2d2ffb79-c235-11e1-8b13-c01885d7c60a}\Shell\AutoRun\command - "" = E:\autorun.exe
O33 - MountPoints2\{d9eb9b48-791b-11e1-8440-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{d9eb9b48-791b-11e1-8440-806e6f6e6963}\Shell\AutoRun\command - "" = D:\autorunmenu.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.03.20 18:45:25 | 000,000,000 | ---D | C] -- C:\FRST
[2013.03.20 18:35:50 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2013.03.20 17:06:06 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Users\Laptop\2441826.dll
[2013.03.20 14:42:06 | 000,000,000 | ---D | C] -- C:\Users\Laptop\Documents\Amazon MP3
[2013.03.20 14:42:06 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Roaming\Amazon
[2013.03.20 14:41:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon
[2013.03.20 14:41:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Amazon
[2013.03.14 18:53:51 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.03.14 18:53:42 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.03.14 18:53:42 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.03.14 18:53:42 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.03.14 18:53:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013.03.13 23:45:31 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.03.13 23:45:31 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.03.13 23:45:31 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.03.13 23:45:30 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.03.13 23:45:30 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.03.13 23:45:30 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.03.13 23:45:30 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.03.13 23:45:30 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.03.13 23:45:29 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.03.13 23:45:29 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.03.13 23:45:29 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.03.13 23:45:29 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.03.13 23:45:28 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.03.13 23:45:28 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.03.13 23:45:28 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.03.12 10:47:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2013.03.08 23:23:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.03.06 20:21:31 | 011,941,376 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\idtsg64.cpl
[2013.03.06 20:21:31 | 004,637,184 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stlang64.dll
[2013.03.06 20:21:31 | 000,442,368 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AESTEC64.dll
[2013.03.06 20:21:31 | 000,162,816 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AESTAC64.dll
[2013.03.06 20:21:31 | 000,068,608 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AESTAR64.dll
[2013.03.06 20:20:35 | 001,499,136 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stapo64.dll
[2013.03.06 20:20:35 | 000,651,776 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stapi64.dll
[2013.03.06 20:20:35 | 000,520,192 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\drivers\stwrt64.sys
[2013.03.06 20:20:35 | 000,431,616 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stcplx64.dll
[2013.03.06 20:20:35 | 000,220,160 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\st646324.dll
[2013.03.06 20:20:31 | 000,000,000 | ---D | C] -- C:\Program Files\IDT
[2013.03.06 14:13:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Synology Data Replicator 3
[2013.03.05 15:03:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Synology
[2013.03.05 15:03:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synology
[2013.03.05 15:02:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Synology
[2013.02.27 18:08:59 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013.02.27 18:08:58 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013.02.27 18:08:58 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013.02.27 18:08:58 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013.02.27 18:08:54 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013.02.27 18:08:54 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013.02.27 18:08:48 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.02.27 18:08:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.02.27 18:08:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.02.27 18:08:45 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013.02.27 18:08:45 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.02.27 18:08:45 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.02.27 18:08:45 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.02.27 18:08:45 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.02.27 18:08:45 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.02.27 18:08:44 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013.02.27 18:08:44 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013.02.27 18:08:44 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013.02.27 18:08:44 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.02.27 18:08:44 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.02.27 18:08:44 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.02.27 18:08:44 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.02.27 18:08:44 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.02.27 18:08:44 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.02.27 18:08:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013.02.27 18:08:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013.02.27 18:08:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.02.27 18:08:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.02.27 18:08:43 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013.02.27 18:08:43 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013.02.27 18:08:43 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013.02.27 18:08:43 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013.02.27 18:08:43 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013.02.27 18:08:43 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013.02.27 18:08:43 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013.02.27 18:08:43 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013.02.27 18:08:42 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013.02.27 18:08:42 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013.02.27 18:08:42 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013.02.27 18:08:42 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013.02.27 18:08:42 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013.02.21 18:23:49 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Roaming\PCDr
[2013.02.21 18:23:47 | 000,000,000 | ---D | C] -- C:\temp
[2013.02.21 12:03:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013.02.21 12:03:03 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013.02.21 12:03:02 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013.02.21 12:03:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013.02.21 12:03:02 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Laptop\Desktop\*.tmp files -> C:\Users\Laptop\Desktop\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.03.20 19:51:41 | 001,621,244 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.03.20 19:51:41 | 000,700,418 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.03.20 19:51:41 | 000,655,090 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.03.20 19:51:41 | 000,149,182 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.03.20 19:51:41 | 000,121,962 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.03.20 19:45:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.20 19:44:37 | 001,641,654 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.03.20 19:38:20 | 503,212,666 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.03.20 19:38:17 | 2066,518,015 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.20 17:11:26 | 095,023,320 | ---- | M] () -- C:\ProgramData\6281442.pad
[2013.03.20 17:11:07 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.03.20 17:06:17 | 000,000,153 | ---- | M] () -- C:\ProgramData\6281442.reg
[2013.03.20 17:06:17 | 000,000,061 | ---- | M] () -- C:\ProgramData\6281442.bat
[2013.03.20 17:06:16 | 000,001,041 | ---- | M] () -- C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk
[2013.03.20 17:06:07 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\Users\Laptop\2441826.dll
[2013.03.20 10:50:19 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.20 10:50:19 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.19 10:26:14 | 002,689,084 | ---- | M] () -- C:\Users\Laptop\Desktop\zatw.2000.112.3.396.pdf
[2013.03.19 09:35:01 | 000,000,438 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2013.03.14 18:53:36 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.03.14 18:53:35 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013.03.14 18:53:35 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.03.14 18:53:35 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.03.14 18:53:35 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.03.14 18:53:34 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013.03.14 15:15:03 | 001,125,848 | ---- | M] () -- C:\Users\Laptop\Desktop\HEBAI-Probeheft-1-2012.pdf
[2013.03.14 12:09:23 | 000,001,056 | -HS- | M] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2013.03.13 14:11:09 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.03.13 14:11:09 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.03.06 14:13:58 | 000,000,956 | ---- | M] () -- C:\Users\Public\Desktop\Synology Data Replicator 3.lnk
[2013.03.06 09:51:26 | 004,649,924 | ---- | M] () -- C:\Users\Laptop\Desktop\Syno_UsersGuide_NAServer_deu.pdf
[2013.03.05 15:03:00 | 000,001,166 | ---- | M] () -- C:\Users\Public\Desktop\Synology Assistant.lnk
[2013.02.21 12:03:15 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.02.20 19:52:42 | 000,000,866 | ---- | M] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Laptop\Desktop\*.tmp files -> C:\Users\Laptop\Desktop\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.03.20 18:35:41 | 503,212,666 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013.03.20 17:06:17 | 000,000,153 | ---- | C] () -- C:\ProgramData\6281442.reg
[2013.03.20 17:06:17 | 000,000,061 | ---- | C] () -- C:\ProgramData\6281442.bat
[2013.03.20 17:06:16 | 000,001,041 | ---- | C] () -- C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk
[2013.03.20 17:06:09 | 095,023,320 | ---- | C] () -- C:\ProgramData\6281442.pad
[2013.03.19 10:26:13 | 002,689,084 | ---- | C] () -- C:\Users\Laptop\Desktop\zatw.2000.112.3.396.pdf
[2013.03.14 15:15:03 | 001,125,848 | ---- | C] () -- C:\Users\Laptop\Desktop\HEBAI-Probeheft-1-2012.pdf
[2013.03.06 14:13:58 | 000,000,956 | ---- | C] () -- C:\Users\Public\Desktop\Synology Data Replicator 3.lnk
[2013.03.06 09:51:25 | 004,649,924 | ---- | C] () -- C:\Users\Laptop\Desktop\Syno_UsersGuide_NAServer_deu.pdf
[2013.03.05 15:03:00 | 000,001,166 | ---- | C] () -- C:\Users\Public\Desktop\Synology Assistant.lnk
[2013.02.21 12:03:15 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.02.20 19:50:20 | 000,000,866 | ---- | C] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2012.12.14 18:48:50 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012.07.28 15:43:12 | 000,000,830 | ---- | C] () -- C:\Windows\wiso.ini
[2012.07.02 14:30:55 | 000,001,056 | -HS- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2012.06.27 16:29:04 | 000,007,609 | ---- | C] () -- C:\Users\Laptop\AppData\Local\Resmon.ResmonCfg
[2012.06.26 17:41:51 | 001,982,464 | ---- | C] () -- C:\Windows\SysWow64\bwbits70.dll
[2012.06.26 15:20:33 | 007,533,568 | ---- | C] () -- C:\Windows\SysWow64\bwbits80.dll
[2012.06.26 15:20:33 | 000,181,760 | ---- | C] () -- C:\Windows\SysWow64\patchw32.dll
[2012.06.26 15:20:33 | 000,116,736 | ---- | C] () -- C:\Windows\SysWow64\patchw.dll
[2012.06.26 15:20:33 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\bwplay.exe
[2012.06.26 15:20:33 | 000,058,280 | ---- | C] () -- C:\Windows\SysWow64\bwntsend.dll
[2012.06.26 15:20:33 | 000,058,280 | ---- | C] () -- C:\Windows\SysWow64\bwnthook.dll
[2012.06.26 15:20:33 | 000,055,808 | ---- | C] () -- C:\Windows\SysWow64\zlib1.dll
[2012.06.25 13:27:14 | 000,000,039 | ---- | C] () -- C:\Windows\WININIT.INI
[2012.06.25 13:23:37 | 000,057,344 | R--- | C] () -- C:\Windows\CTREBOOT.EXE
[2012.06.24 07:29:06 | 000,003,584 | ---- | C] () -- C:\Users\Laptop\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.06.23 14:35:27 | 000,000,000 | ---- | C] () -- C:\Windows\HPMProp.INI
[2012.06.23 14:35:11 | 000,316,928 | ---- | C] () -- C:\Windows\SysWow64\hpcc3118.dll
[2012.03.29 06:42:34 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012.03.29 06:42:30 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012.03.29 06:42:24 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.03.29 06:42:17 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2012.03.29 06:42:08 | 013,906,944 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2012.03.29 05:53:53 | 000,080,368 | ---- | C] () -- C:\Windows\SysWow64\pbadrvdll.dll
[2012.03.29 05:53:35 | 000,000,438 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012.03.29 05:53:14 | 000,000,206 | ---- | C] () -- C:\Windows\hbcikrnl.ini
[2012.03.29 05:50:05 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\instsrv.exe
[2012.03.29 05:50:05 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
< End of report >
Code:
OTL Extras logfile created on: 20.03.2013 19:52:00 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = E:\
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,90 Gb Total Physical Memory | 6,88 Gb Available Physical Memory | 87,13% Memory free
15,80 Gb Paging File | 14,81 Gb Available in Paging File | 93,72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 464,98 Gb Total Space | 331,49 Gb Free Space | 71,29% Space Free | Partition Type: NTFS
Drive E: | 980,28 Mb Total Space | 919,02 Mb Free Space | 93,75% Space Free | Partition Type: FAT
Drive O: | 298,01 Gb Total Space | 164,93 Gb Free Space | 55,34% Space Free | Partition Type: FAT32
Computer Name: LAPTOP-PC | User Name: Laptop | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_USERS\S-1-5-21-1825897433-1590765505-2489730031-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
"" =
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"9000:TCP" = 9000:TCP:*:Enabled:Logitech Media Server 9000 tcp (UI)
"9001:TCP" = 9001:TCP:*:Enabled:Logitech Media Server 9001 tcp (UI)
"9002:TCP" = 9002:TCP:*:Enabled:Logitech Media Server 9002 tcp (UI)
"9003:TCP" = 9003:TCP:*:Enabled:Logitech Media Server 9003 tcp (UI)
"9004:TCP" = 9004:TCP:*:Enabled:Logitech Media Server 9004 tcp (UI)
"9005:TCP" = 9005:TCP:*:Enabled:Logitech Media Server 9005 tcp (UI)
"9006:TCP" = 9006:TCP:*:Enabled:Logitech Media Server 9006 tcp (UI)
"9007:TCP" = 9007:TCP:*:Enabled:Logitech Media Server 9007 tcp (UI)
"9008:TCP" = 9008:TCP:*:Enabled:Logitech Media Server 9008 tcp (UI)
"9009:TCP" = 9009:TCP:*:Enabled:Logitech Media Server 9009 tcp (UI)
"9010:TCP" = 9010:TCP:*:Enabled:Logitech Media Server 9010 tcp (UI)
"9100:TCP" = 9100:TCP:*:Enabled:Logitech Media Server 9100 tcp (UI)
"8000:TCP" = 8000:TCP:*:Enabled:Logitech Media Server 8000 tcp (UI)
"10000:TCP" = 10000:TCP:*:Enabled:Logitech Media Server 10000 tcp (UI)
"9090:TCP" = 9090:TCP:*:Enabled:Logitech Media Server 9090 tcp (UI)
"3483:UDP" = 3483:UDP:*:Enabled:Logitech Media Server 3483 udp
"3483:TCP" = 3483:TCP:*:Enabled:Logitech Media Server 3483 tcp
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"9000:TCP" = 9000:TCP:*:Enabled:Logitech Media Server 9000 tcp (UI)
"9001:TCP" = 9001:TCP:*:Enabled:Logitech Media Server 9001 tcp (UI)
"9002:TCP" = 9002:TCP:*:Enabled:Logitech Media Server 9002 tcp (UI)
"9003:TCP" = 9003:TCP:*:Enabled:Logitech Media Server 9003 tcp (UI)
"9004:TCP" = 9004:TCP:*:Enabled:Logitech Media Server 9004 tcp (UI)
"9005:TCP" = 9005:TCP:*:Enabled:Logitech Media Server 9005 tcp (UI)
"9006:TCP" = 9006:TCP:*:Enabled:Logitech Media Server 9006 tcp (UI)
"9007:TCP" = 9007:TCP:*:Enabled:Logitech Media Server 9007 tcp (UI)
"9008:TCP" = 9008:TCP:*:Enabled:Logitech Media Server 9008 tcp (UI)
"9009:TCP" = 9009:TCP:*:Enabled:Logitech Media Server 9009 tcp (UI)
"9010:TCP" = 9010:TCP:*:Enabled:Logitech Media Server 9010 tcp (UI)
"9100:TCP" = 9100:TCP:*:Enabled:Logitech Media Server 9100 tcp (UI)
"8000:TCP" = 8000:TCP:*:Enabled:Logitech Media Server 8000 tcp (UI)
"10000:TCP" = 10000:TCP:*:Enabled:Logitech Media Server 10000 tcp (UI)
"9090:TCP" = 9090:TCP:*:Enabled:Logitech Media Server 9090 tcp (UI)
"3483:UDP" = 3483:UDP:*:Enabled:Logitech Media Server 3483 udp
"3483:TCP" = 3483:TCP:*:Enabled:Logitech Media Server 3483 tcp
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{097D1238-3F27-4225-9034-96E15F0EEF58}" = rport=10243 | protocol=6 | dir=out | app=system |
"{18B28607-3A87-4EA4-8A4F-B7C81D810B74}" = rport=138 | protocol=17 | dir=out | app=system |
"{1C380364-14E6-4E40-949A-E3926EAD0908}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{28CF1430-8F66-44BB-BFC0-77EE0A740C4D}" = rport=139 | protocol=6 | dir=out | app=system |
"{2BF0389A-E004-4ACD-B1E5-F48B4C728B0B}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{2E70C2A7-1C0D-4898-B049-5747F0BF2035}" = lport=138 | protocol=17 | dir=in | app=system |
"{36EA6242-6FE6-4F1E-9DA3-72C4948097D5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{51404974-B233-4137-885D-E11E8CEC6733}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5269AE04-00D1-435C-B853-0E4F65AC5287}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{65B8DC1A-44EC-4981-BC1E-D494972D20A0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6AFFCC3C-1EFF-4491-9B31-73F2009B70F7}" = rport=137 | protocol=17 | dir=out | app=system |
"{6C6BA696-3DBC-47C2-87A5-8AE184378DA8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{6F011672-DDDA-4C37-92EE-3734E500D3C5}" = lport=10243 | protocol=6 | dir=in | app=system |
"{822445B2-DA0D-49CE-9A67-B025CE71E990}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{869A650B-13F6-4AFA-AE1A-9CBF62BDD09C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{89D37D50-D310-41D1-975B-98116C37F906}" = lport=139 | protocol=6 | dir=in | app=system |
"{8B6E9E13-09A6-4BF9-9557-A986B15B6255}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{99C854EC-B667-40BD-8D73-915FC48EE76F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9A961127-DA3C-4153-A0DC-F06AD4CE1C48}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A3A67626-282C-44A1-98B1-8FCE6D0389C4}" = rport=445 | protocol=6 | dir=out | app=system |
"{B0014023-0105-41DC-BBBC-4F678445871A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BDE05ED0-A2ED-4BF9-B9BB-F897DBADBF68}" = lport=161 | protocol=6 | dir=in | name=advanced tcp/ip snmp port |
"{C459E63F-971B-4178-9175-ACC2D89F7320}" = lport=9100 | protocol=6 | dir=in | name=advanced tcp/ip printer port |
"{C827EB66-F42F-4B66-A6E7-9AD919EECD31}" = lport=445 | protocol=6 | dir=in | app=system |
"{D109FD07-DC4A-43AE-846B-8FF4162017F7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{DE75B842-3C65-4824-BD35-248FD1CB584B}" = lport=137 | protocol=17 | dir=in | app=system |
"{E7C03E32-45B8-44A4-AD1A-9CEB7C8EC83F}" = lport=427 | protocol=6 | dir=in | name=advanced tcp/ip slp port |
"{EB014590-5329-40F3-8598-57E308152238}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F1940D33-A03B-46CE-87D7-0879150E15D1}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{011B08D9-0D6F-4F7A-8D3F-1E0E75A7F2BB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{0331334E-C21A-4556-B827-2AB9A5251B71}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{06271F45-2AF1-4FED-9EA7-D7E5DBF4371A}" = dir=in | app=c:\program files (x86)\squeezebox\server\squeezesvr.exe |
"{07E841FB-8F9F-4B39-ADD8-BA5214BF108C}" = dir=in | app=c:\program files (x86)\squeezebox\server\squeezesvr.exe |
"{0FA84872-7B0C-480A-9B8C-1282703C2EE6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{10502024-2FEF-43F7-A711-AD6700B1D8C5}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{11B68D7F-020C-4848-A9AA-019F6273D04B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{156754AC-BA19-4E88-9A18-9D638109CA28}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{1B5ED085-C3E9-4EAE-BF5F-082E7256F3E2}" = protocol=17 | dir=in | app=c:\users\laptop\appdata\local\temp\7zs334e\easyinst64.exe |
"{25D3B40D-482A-48B8-A1AA-914F136C73C5}" = protocol=6 | dir=out | app=system |
"{25F5F877-05B5-46D7-961C-89900F432629}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2BE35DFE-90EC-4ADF-8216-E5E7A2355F41}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{363CFFFE-99BF-41E2-B37B-9322922752CA}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{36A87D31-095B-442B-958E-5527E4811678}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{38DAC988-C1F6-4F16-8D9F-BED51BC2F5F1}" = dir=in | app=c:\program files (x86)\squeezebox\server\squeezesvr.exe |
"{3B6ED2D3-9C86-42F0-807D-20F9023D3357}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{41AE7E49-24C4-40C8-90BA-E00917A3AB38}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{475A8F1C-4BF8-4A4F-B1DD-C4EF758F97DB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4847C4FC-4206-401B-8084-5FADD02989B4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{58EDBC7D-13D1-4292-8786-C87E94F7055E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{59311BD4-EDFC-443F-A435-E55E057AB2D2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5A8064CF-6FD7-4388-B82E-D4E30EFD3DB9}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{5AC48674-F140-45EF-9358-7BF7378CEACD}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |
"{5EF5041B-7B45-46AA-807D-3A8BE46BA699}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe |
"{60054B78-6ADF-49CF-9B72-86143C7C665E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{64A740B0-FD59-424D-A0DA-E4F5B9BE45E9}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{697076BF-DE62-4BDF-8398-8195651FF553}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{6A7DC857-8A22-4FD9-AB84-42BD5403F71D}" = dir=in | app=c:\program files (x86)\squeezebox\server\squeezesvr.exe |
"{70EBEA62-5430-4E7D-8893-3894A4E33E99}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7BF02339-CAF3-4A11-A615-9C1057560AA6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{8415FE27-0C76-4DF7-8654-DEC9B849C3AB}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{880E4E7E-CB3E-4AD7-8A51-9F3D5F80CF76}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{896FA209-800E-4A19-9FBB-A3CA297B4698}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{91E5C2E0-8868-4C70-98EC-4967696FC4FA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{AC79D65E-A69A-48FB-8328-E6CE8C3C14DF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B26DE176-8703-486C-8E8A-5CF9E0B858D8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B9280930-F298-40C9-9640-F603A689EBE0}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{B98C0AC4-F3E9-41FC-B3C6-8C5238B1E3E2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{BC7FE536-3996-4123-AEC6-2DC42EED43B2}" = dir=in | app=c:\program files (x86)\squeezebox\server\squeezesvr.exe |
"{BD1FD318-65DF-46BE-8596-072CE9822B46}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BDE1AF39-EE28-4146-8951-E68142915651}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{BF1A0EBC-5A4C-44C1-8B1C-8D41CA5485A8}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{C0B9C138-F413-411B-8F17-D7CF3B38EABD}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{D3D8F99A-87BA-4156-8FBF-B9590108B0DB}" = protocol=6 | dir=in | app=c:\users\laptop\appdata\local\temp\7zs334e\easyinst64.exe |
"{D67EFF67-73DD-4118-9AFD-92FCA37F134A}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{D784981C-1F16-46D0-8C83-530C9EE7BB2C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{D8D53F46-A6E0-448F-B1DF-6C4A2508BF85}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{DD41961C-31B7-492F-8B0A-67319DF33543}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{DF3B97B3-4C0D-4A64-AAFD-D33D837107FB}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{F9802446-8F19-4CFA-A9DF-BC7002B5BA80}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{31CB3BD8-C42C-40E5-91AE-3ECB490207FF}C:\program files (x86)\synology\assistant\dsassistant.exe" = protocol=6 | dir=in | app=c:\program files (x86)\synology\assistant\dsassistant.exe |
"TCP Query User{5F56E808-0DC8-4DEB-B838-3679CE5C5B9C}C:\program files (x86)\phoner\phoner.exe" = protocol=6 | dir=in | app=c:\program files (x86)\phoner\phoner.exe |
"TCP Query User{60C6F678-AD12-46D1-AB7C-2CFF845336B9}C:\windows\syswow64\msiexec.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"TCP Query User{AD58B8A7-25BE-45F6-9FA9-7953E35FCEDA}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{FA702204-3AFB-4845-95EC-7CB7BC97086A}C:\program files (x86)\nero\nero 11\nero backitup\backitup.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero 11\nero backitup\backitup.exe |
"UDP Query User{782DD7B7-5CE9-42D3-8BBA-9FF44081B938}C:\windows\syswow64\msiexec.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"UDP Query User{7A919106-964E-4C54-B274-036FBD327B3B}C:\program files (x86)\synology\assistant\dsassistant.exe" = protocol=17 | dir=in | app=c:\program files (x86)\synology\assistant\dsassistant.exe |
"UDP Query User{8C187257-BD88-4E91-85C7-E0B1AB110D12}C:\program files (x86)\phoner\phoner.exe" = protocol=17 | dir=in | app=c:\program files (x86)\phoner\phoner.exe |
"UDP Query User{A6AB4DEF-D55B-4932-884E-753076EAC51F}C:\program files (x86)\nero\nero 11\nero backitup\backitup.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero 11\nero backitup\backitup.exe |
"UDP Query User{CFD0A0E3-05A6-4837-BC2E-360D4C854E6C}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0225AD21-F3E2-4916-BFF3-65D3F9052582}" = iTunes
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{0335701D-8E28-4A7F-B0EF-312974755BB2}" = Modem Diagnostic Tool
"{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software Installer
"{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417001FF}" = Java(TM) 7 Update 1 (64-bit)
"{2EECD5EF-5095-467C-B80C-4AB3096EFD60}" = SPBA 5.9
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{3A6BE9F4-5FC8-44BB-BE7B-32A29607FEF6}" = Preboot Manager
"{3DCDFCDB-4D96-4CF0-9BB3-C91DAE9073F3}" = PC-CCID
"{414B7B9C-B353-4821-9393-78AE034079E7}" = NTRU TCG Software Stack
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
"{4C1CCA11-0D08-4D5E-8444-2D9FB48BCABF}" = Intel(R) PROSet/Wireless WiFi-Software
"{4E60E212-3177-4B16-BCB3-616CCC52357D}" = Upek Touchchip Fingerprint Reader
"{560DCF39-61D1-43B0-86DA-5EFF8F7A5144}" = AuthenTec Fingerprint Software
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}" = Cisco Systems VPN Client 5.0.07.0440
"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
"{627673ff-f4ea-43fd-893d-28fc6176fb2d}" = Gigaset QuickSync
"{64973F6A-8754-43D1-BDD0-FC6F0546347B}" = Broadcom NetXtreme-I Netlink Driver and Management Installer
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6AC87FB3-ACFC-4416-890C-8976D5A9B371}" = Trusted Drive Manager
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7206B668-FEE0-455B-BB1F-9B5A2E0EC94A}" = Custom
"{732D0C79-C6E3-4EDE-8D11-67D58697E0DE}" = O2Micro OZ776 SCR Driver
"{777FF553-493D-4068-BAC7-EE2D73DB7434}" = Wave Infrastructure Installer
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{91CE5F03-3A2A-4268-935A-04944F058AE9}" = Gemalto
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{992D1CE7-A20F-4AB0-9D9D-AFC3418844DA}" = Dell Feature Enhancement Pack
"{9DAED4FC-2B0E-4F3F-8141-F2ABF02CCFCB}" = BioAPI Framework
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{ABBA2EA4-740E-4052-902B-9CA70B081E3F}" = Dell Data Protection | Access
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{BC741628-0AFC-405C-8946-DD46D1005A0A}" = 64 Bit HP CIO Components Installer
"{C4852924-8548-4FA6-A822-5B3840C5E0E7}" = Biblical Hebrew (SIL)
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D600D357-5CB9-4DE9-8FD4-14E208BD1970}" = Nero Backup Drivers
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E2A59F15-F731-4062-9BB7-3C99D8F15756}" = HP Scanjet G3010
"{EEAFE1E5-076B-430A-96D9-B567792AFA88}" = EMBASSY Security Center
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F839C6BD-E92E-48FA-9CE6-7BFAF94F7096}" = DellAccess
"9512AA21B791B05A54E27065C45BBC417AB282DF" = Windows-Treiberpaket - Dell Inc. PBADRV System (09/11/2009 1.0.1.6)
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP LaserJet Professional P1100-P1560-P1600 Series" = HP LaserJet Professional P1100-P1560-P1600 Series
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"ProInst" = Intel PROSet Wireless
"VLC media player" = VLC media player 2.0.2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi
"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11
"{086a7d8c-0a38-4c7f-819a-620275550d5c}" = Nero Burning ROM Help
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CB3B7EE-52C7-4136-AF40-605567D90318}" = O2Micro Flash Memory Card Windows Driver
"{0CC1DAFB-40C8-4903-953D-471E541477C7}" = WISO Steuer-Sparbuch 2012
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11
"{15C418EB-7675-42be-B2B3-281952DA014D}" = Sophos AutoUpdate
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2432E589-6256-4513-B0BF-EFA8E325D5F0}" = Nero SharedVideoCodecs
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{27E3BC84-8151-4F76-9D53-A810394CADAC}" = hpg3010
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2B2B45B1-3CA0-4F8D-BBB3-AC77ED46A0FE}" = Dell Client System Update
"{2CA7225D-CB12-462A-9DD1-50319E158BA5}" = Nero 11 PiP Effects Basic
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{390757AA-8830-43DC-AEE0-4E5B6F8439EB}" = Nero SoundTrax 11 Help (CHM)
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = Netwaiting
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E4E65EE-C456-45AC-B5AD-C62C3A325BD0}" = Dell Data Protection | Access | Drivers
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{4F88C5CF-AB12-4FC1-AA10-AF11CCA9BC7E}" = WordPerfect Office X3
"{51865D9D-8F63-46F2-87AB-9E72F93B618C}" = Welcome App (Start-up experience)
"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)
"{55C2143E-FBA5-442F-9AFA-726FF068F39D}" = Nero CoverDesigner 11 Help (CHM)
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{57F80ECF-E27C-4EEE-AB58-E971BACE2639}" = Nero Recode 11 Help (CHM)
"{5A212B2D-140D-46F4-B625-2D1CA5A00594}" = Nero 11 Kwik Themes Basic
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6AB2427E-A18F-4809-9A12-29F5EBABBB3A}" = Nero BackItUp 11 Help (CHM)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{810B7362-6B05-4714-AF6A-EF3A20CCD634}" = Nero 11
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841CBDD5-4BB5-403E-AEE3-2FADC3890BE8}" = Dell Data Protection | Access | Middleware
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{87434D51-51DB-4109-B68F-A829ECDCF380}" = AccelerometerP11
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E310838-457C-4269-B177-3EFB300CBDDC}" = Synology Data Replicator 3
"{90140000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2010
"{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.STANDARD_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.STANDARD_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.STANDARD_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.STANDARD_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.STANDARD_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.STANDARD_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.STANDARD_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.STANDARD_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.STANDARD_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.STANDARD_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.STANDARD_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.STANDARD_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.STANDARD_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.STANDARD_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9193490D-5229-4FC4-9BB9-A6D63C09574A}" = High-Definition Video Playback
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{942E0955-C67C-474C-8D4E-63C23E93C13A}" = BibleWorks 7
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ACB414D-9347-40B6-A453-5EFB2DB59DFA}" = Sophos Anti-Virus
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{A7D91856-258D-4C87-8041-B170851CE432}" = Dell Data Protection | Access
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9.5
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB2BBC64-8AC8-4E66-BBF3-E22D5EACEECA}" = Nero BackItUp 11
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B038A58E-EAF0-44CB-ADCA-3895ECD0812D}" = BibleWorks 8
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11
"{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}" = Nero Kwik Media Help (CHM)
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BE814218-3919-4EA3-868A-2F60BC135CB4}" = Nero Kwik Media
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11
"{C01A86F5-56E7-101F-9BC9-E3F1025EB779}" = Intel(R) Identity Protection Technology 1.1.2.0
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC}" = Nero Express 11 Help (CHM)
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E51BC4B0-EA5E-49CC-AF3B-93B5C627EC22}" = Nero 11 Effects Basic
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{EB8DED20-A887-4A9C-BB5A-F3E7523DFB44}" = Nero WaveEditor 11 Help (CHM)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
"{F49EF443-B2BD-4F10-8A46-87AFCDB90EDD}" = Nero 11 Disc Menus Basic
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1" = StreamTransport version: 1.0.2.2171
"{FAC3C37E-EDAB-4F3A-A173-A7C70CC88F09}" = Nero Video 11 Help (CHM)
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF44BCE5-5A18-4051-85F0-BC172D7B4695}" = Nero CoverDesigner 11
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Dell Webcam Central" = Dell Webcam Central
"InstallShield_{0CB3B7EE-52C7-4136-AF40-605567D90318}" = O2Micro Flash Memory Card Windows Driver
"InstallShield_{732D0C79-C6E3-4EDE-8D11-67D58697E0DE}" = O2Micro OZ776 SCR Driver
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9.5
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de)
"Mozilla Thunderbird 17.0.4 (x86 de)" = Mozilla Thunderbird 17.0.4 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.51
"Office14.STANDARD" = Microsoft Office Standard 2010
"Synology Assistant" = Synology Assistant (remove only)
"VLC media player" = VLC media player 2.0.4
"WinLiveSuite" = Windows Live Essentials
"XSManager" = XSManager
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 01.03.2013 16:00:12 | Computer Name = Laptop-PC | Source = BackItUp6 | ID = 3374
Description =
Error - 01.03.2013 18:16:49 | Computer Name = Laptop-PC | Source = WinMgmt | ID = 10
Description =
Error - 02.03.2013 02:47:38 | Computer Name = Laptop-PC | Source = WinMgmt | ID = 10
Description =
Error - 02.03.2013 04:01:18 | Computer Name = Laptop-PC | Source = WinMgmt | ID = 10
Description =
Error - 02.03.2013 05:37:41 | Computer Name = Laptop-PC | Source = Application Hang | ID = 1002
Description = Programm WINWORD.EXE, Version 14.0.6129.5000 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 1b34 Startzeit: 01ce1729733f2e43 Endzeit: 0 Anwendungspfad:
C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE Berichts-ID: cefb79fa-831c-11e2-a7dc-c01885d7c60a
Error - 03.03.2013 16:00:04 | Computer Name = Laptop-PC | Source = BackItUp6 | ID = 6277
Description =
Error - 04.03.2013 06:21:34 | Computer Name = Laptop-PC | Source = BackItUp6 | ID = 3375
Description =
Error - 04.03.2013 06:21:34 | Computer Name = Laptop-PC | Source = BackItUp6 | ID = 3374
Description =
Error - 05.03.2013 04:41:48 | Computer Name = Laptop-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: ATService.exe, Version: 8.4.4.20,
Zeitstempel: 0x4be85d08 Name des fehlerhaften Moduls: ATService.exe, Version: 8.4.4.20,
Zeitstempel: 0x4be85d08 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000000002b339
ID
des fehlerhaften Prozesses: 0x32c Startzeit der fehlerhaften Anwendung: 0x01ce197d3c453efd
Pfad
der fehlerhaften Anwendung: C:\Program Files\Fingerprint Sensor\ATService.exe Pfad
des fehlerhaften Moduls: C:\Program Files\Fingerprint Sensor\ATService.exe Berichtskennung:
83fa36a5-8570-11e2-9bcd-c01885d7c60a
Error - 05.03.2013 04:41:48 | Computer Name = Laptop-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 20.03.2013 14:39:08 | Computer Name = Laptop-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 20.03.2013 14:39:08 | Computer Name = Laptop-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 20.03.2013 14:39:08 | Computer Name = Laptop-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 20.03.2013 14:40:09 | Computer Name = Laptop-PC | Source = DCOM | ID = 10005
Description =
Error - 20.03.2013 14:40:09 | Computer Name = Laptop-PC | Source = DCOM | ID = 10005
Description =
Error - 20.03.2013 14:40:10 | Computer Name = Laptop-PC | Source = DCOM | ID = 10005
Description =
Error - 20.03.2013 14:40:09 | Computer Name = Laptop-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 20.03.2013 14:43:57 | Computer Name = Laptop-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 20.03.2013 14:44:59 | Computer Name = Laptop-PC | Source = DCOM | ID = 10005
Description =
Error - 20.03.2013 14:50:50 | Computer Name = Laptop-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
< End of report >
|
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.