Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Firewall lässt sich nicht einschalten / keinerlei Netzwerkzugriff

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 09.08.2012, 09:56   #1
Dr.Dietz
 
Firewall lässt sich nicht einschalten / keinerlei Netzwerkzugriff - Standard

Firewall lässt sich nicht einschalten / keinerlei Netzwerkzugriff



Hallo
so langsam komm ich mit meinem Latein ans Ende...

BS: Windows 7 Pro 64bit


Fehler: Bekomme seit 3 Tagen keinerlei Zugriff auf das Netzwerk/ die Netzwerkdienste, WLAN Netze werden zwar angezeigt aber mit dem Zusatz "Eingeschränkter Zugriff"
mit dem Iphone Netzwerk(Hotspot) lässt sich der PC auch nich verbinden --> kurzum keinerlei Internet verfügbar und die Firewall von MS ist ausgeschaltet und lässt sich nicht mehr einschalten, weder automatisch noch manuell...

Virenschutz: AntiVir Premium

Firewall: Microsoft (wenn sie denn gehen würde)

Drüber laufen hab ich lassen den AntiVir Premium sowie EmsiSoft Antimalware und den Msert Schadsoftware Scanner von Microsoft sowie zu guter Letzt den S&D Spybot und HiJackThis....

Folgender Eintrag wird von HJT noch als schädlich eingestuft:

O10 - Broken Internet access because of LSP provider 'd:\programme\vsocklib.dll' missing


Das LSPFix läuft net wirklich und habe auch sonst die Meldung nicht wegbekommen...



Anbei noch die Scanauswertung mit ODT:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 09.08.2012 11:04:43 - Run 1
OTL by OldTimer - Version 3.2.56.0     Folder = C:\Users\AstaLaVista\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 6,24 Gb Available Physical Memory | 78,01% Memory free
15,99 Gb Paging File | 13,46 Gb Available in Paging File | 84,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 189,19 Gb Total Space | 118,93 Gb Free Space | 62,87% Space Free | Partition Type: NTFS
Drive D: | 52,92 Gb Total Space | 19,17 Gb Free Space | 36,24% Space Free | Partition Type: NTFS
Drive E: | 21,61 Gb Total Space | 6,14 Gb Free Space | 28,41% Space Free | Partition Type: NTFS
Drive F: | 2,97 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive G: | 5,30 Gb Total Space | 0,90 Gb Free Space | 17,07% Space Free | Partition Type: NTFS
Drive H: | 15,03 Gb Total Space | 3,31 Gb Free Space | 22,03% Space Free | Partition Type: FAT32
Drive M: | 141,19 Gb Total Space | 38,24 Gb Free Space | 27,09% Space Free | Partition Type: FAT32
 
Computer Name: ASTALAVISTA-PC | User Name: AstaLaVista | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.08.09 10:36:56 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\AstaLaVista\Desktop\OTL.exe
PRC - [2012.05.14 14:18:25 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
PRC - [2012.05.14 14:18:25 | 000,375,760 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
PRC - [2012.05.14 14:18:25 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.14 14:18:25 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.14 14:18:25 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.12 14:39:58 | 003,065,120 | ---- | M] (Emsisoft GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
PRC - [2012.03.01 02:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.02.29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.02.01 09:11:34 | 001,083,264 | ---- | M] (Nokia) -- C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
PRC - [2012.01.04 13:32:36 | 000,718,888 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PRC - [2012.01.04 13:32:06 | 000,148,520 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.05.25 22:54:38 | 000,136,616 | ---- | M] () -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
PRC - [2010.11.05 10:28:14 | 000,083,248 | ---- | M] (iAnywhere Solutions, Inc.) -- C:\Program Files (x86)\Sybase\SQL Anywhere 9\win32\dbsrv9.exe
PRC - [2010.10.19 15:38:54 | 000,465,536 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
PRC - [2010.09.21 03:41:38 | 000,334,384 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe
PRC - [2010.09.21 03:41:34 | 000,404,016 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe
PRC - [2010.09.21 02:42:44 | 000,539,184 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
PRC - [2010.03.10 11:17:10 | 000,358,448 | ---- | M] (National Instruments Corporation) -- C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
PRC - [2010.03.10 11:17:04 | 000,053,808 | ---- | M] (National Instruments Corporation) -- C:\Windows\SysWOW64\lktsrv.exe
PRC - [2010.03.10 11:17:02 | 000,043,056 | ---- | M] (National Instruments Corporation) -- C:\Windows\SysWOW64\lkads.exe
PRC - [2010.03.08 09:27:49 | 000,041,800 | ---- | M] (AOL Inc.) -- C:\Program Files (x86)\Common Files\aol\1286106206\ee\aolsoftware.exe
PRC - [2009.12.09 22:12:50 | 001,118,208 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files (x86)\SITECOM\300N USB Wireless LAN Utility\RtWlan.exe
PRC - [2009.12.07 13:49:24 | 000,040,960 | ---- | M] (Realtek) -- C:\Program Files (x86)\SITECOM\300N USB Wireless LAN Utility\RtlService.exe
PRC - [2009.10.20 11:00:22 | 000,013,896 | ---- | M] (National Instruments Corporation) -- C:\Windows\SysWOW64\nisvcloc.exe
PRC - [2009.09.29 13:56:52 | 000,695,136 | ---- | M] (National Instruments, Inc.) -- C:\Windows\SysWOW64\lkcitdl.exe
PRC - [2009.01.26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.02.01 09:12:34 | 000,423,808 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll
MOD - [2012.02.01 09:12:32 | 000,058,240 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll
MOD - [2012.02.01 09:12:30 | 000,272,768 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll
MOD - [2012.02.01 09:12:30 | 000,095,104 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\qjson.dll
MOD - [2012.02.01 09:12:14 | 000,384,896 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QxtCore.dll
MOD - [2012.02.01 09:12:14 | 000,165,248 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QxtWeb.dll
MOD - [2012.02.01 09:12:12 | 010,843,520 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll
MOD - [2012.02.01 09:12:12 | 002,557,312 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll
MOD - [2012.02.01 09:12:12 | 000,346,496 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll
MOD - [2012.02.01 09:12:08 | 001,294,208 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll
MOD - [2012.02.01 09:12:08 | 000,196,480 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll
MOD - [2012.02.01 09:12:06 | 000,919,936 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll
MOD - [2012.02.01 09:12:06 | 000,682,880 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll
MOD - [2012.02.01 09:12:06 | 000,517,504 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll
MOD - [2012.02.01 09:12:04 | 008,172,928 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll
MOD - [2012.02.01 09:12:04 | 002,252,672 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll
MOD - [2012.02.01 09:12:02 | 002,288,512 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll
MOD - [2012.02.01 09:12:00 | 000,422,272 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
MOD - [2012.02.01 09:11:56 | 000,202,624 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qjpeg4.dll
MOD - [2012.02.01 09:11:56 | 000,034,688 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qico4.dll
MOD - [2012.02.01 09:11:54 | 000,032,640 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qgif4.dll
MOD - [2012.02.01 09:11:36 | 000,388,480 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\OviShareLib.dll
MOD - [2012.02.01 09:11:28 | 000,437,632 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll
MOD - [2012.02.01 09:11:18 | 001,037,696 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\Maps Service API.dll
MOD - [2012.02.01 09:10:52 | 000,758,656 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll
MOD - [2012.01.05 15:19:12 | 000,112,640 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\mediaservice\dsengine.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011.12.14 13:23:22 | 000,035,648 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.08.05 01:23:18 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.05.14 14:18:25 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2012.05.14 14:18:25 | 000,375,760 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2012.05.14 14:18:25 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.05.14 14:18:25 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.12 14:39:58 | 003,065,120 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2012.03.01 02:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.02.29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.01.04 13:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.12.14 13:23:34 | 002,123,584 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011.12.14 13:23:22 | 000,028,992 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011.05.25 22:54:38 | 000,136,616 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe -- (AODService)
SRV - [2010.11.05 10:28:14 | 000,083,248 | ---- | M] (iAnywhere Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Sybase\SQL Anywhere 9\win32\dbsrv9.exe -- (Lexware_Datenbank_Plus)
SRV - [2010.09.21 03:41:38 | 000,334,384 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2010.09.21 03:41:34 | 000,404,016 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2010.09.21 02:42:44 | 000,539,184 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService)
SRV - [2010.05.17 19:18:44 | 001,007,616 | ---- | M] (Macrovision Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe -- (NILM License Manager)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.10 11:17:10 | 000,358,448 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe -- (NIDomainService)
SRV - [2010.03.10 11:17:04 | 000,053,808 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Windows\SysWOW64\lktsrv.exe -- (lkTimeSync)
SRV - [2010.03.10 11:17:02 | 000,043,056 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Windows\SysWOW64\lkads.exe -- (lkClassAds)
SRV - [2009.12.07 13:49:24 | 000,040,960 | ---- | M] (Realtek) [Auto | Running] -- C:\Program Files (x86)\SITECOM\300N USB Wireless LAN Utility\RtlService.exe -- (Realtek11nSU)
SRV - [2009.10.20 11:00:22 | 000,013,896 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Windows\SysWOW64\nisvcloc.exe -- (niSvcLoc)
SRV - [2009.09.29 13:56:52 | 000,695,136 | ---- | M] (National Instruments, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\lkcitdl.exe -- (LkCitadelServer)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007.12.17 04:00:00 | 000,163,840 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE -- (EPSON_EB_RPCV4_01)
SRV - [2007.01.11 04:02:00 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01)
SRV - [2006.10.23 14:50:35 | 000,046,640 | R--- | M] (AOL LLC) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.05.14 14:18:25 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.05.14 14:18:25 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.12.15 16:00:00 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.11.03 11:10:42 | 000,395,752 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011.11.03 11:10:42 | 000,130,536 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011.11.01 10:07:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2011.11.01 10:07:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2011.11.01 10:07:24 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011.11.01 10:07:24 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2011.08.02 18:38:44 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2011.08.01 16:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2011.03.18 13:46:20 | 000,074,376 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2011.03.18 13:46:06 | 000,085,384 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.10.20 20:05:18 | 000,014,592 | ---- | M] (ASUSTek Computer Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AiCharger.sys -- (AiCharger)
DRV:64bit: - [2010.09.21 03:43:06 | 000,068,656 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
DRV:64bit: - [2010.09.21 03:43:00 | 000,080,944 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:64bit: - [2010.09.21 03:41:08 | 000,031,792 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd)
DRV:64bit: - [2010.09.21 03:40:56 | 000,030,256 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2010.09.21 02:42:38 | 000,038,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2010.09.21 00:18:14 | 000,045,104 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2010.09.21 00:18:14 | 000,037,680 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmusb.sys -- (vmusb)
DRV:64bit: - [2010.09.21 00:18:14 | 000,020,016 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2010.09.07 08:27:24 | 000,038,912 | R--- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PcaSp60.sys -- (PcaSp60)
DRV:64bit: - [2010.03.09 12:09:32 | 000,676,864 | R--- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192su.sys -- (RTL8192su)
DRV:64bit: - [2010.01.14 14:27:46 | 000,032,544 | R--- | M] (Realtek                                            ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2010.01.14 14:27:30 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT)
DRV:64bit: - [2010.01.14 14:27:18 | 000,029,472 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (RTVLANPT)
DRV:64bit: - [2009.08.24 00:55:32 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2009.07.16 05:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.02.17 19:11:25 | 000,031,400 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2008.08.28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2007.02.16 02:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV:64bit: - [2006.11.30 00:24:49 | 000,024,064 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wanatw64.sys -- (wanatw)
DRV - [2012.03.25 21:21:09 | 000,063,880 | ---- | M] (Emsi Software GmbH) [File_System | On_Demand | Stopped] -- C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys -- (a2acc)
DRV - [2012.03.25 21:21:06 | 000,041,728 | ---- | M] (Emsi Software GmbH) [File_System | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys -- (a2injectiondriver)
DRV - [2011.11.08 22:25:24 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2011.05.25 22:52:56 | 000,055,424 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys -- (AODDriver4.01)
DRV - [2011.05.19 14:10:34 | 000,023,208 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys -- (A2DDA)
DRV - [2010.09.07 08:27:24 | 000,038,912 | R--- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\PcaSp60.sys -- (PcaSp60)
DRV - [2010.05.05 09:40:54 | 000,014,720 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys -- (a2util)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2007.02.16 02:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys -- (ElbyCDFL)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 30 54 B1 1A D7 3C CC 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=19948&mntrId=6483418f000000000000000cf689a74ba74b
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searcerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{7B5057B6-7C53-49CE-B86D-B948E4930454}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;*.local
 
========== FireFox ==========
 
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_270.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: D:\Picasa3\npPicasa3.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fe_3.6@nokia.com: C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_3.6 [2012.04.17 21:39:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.03.15 23:01:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.07.16 10:07:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_9.0@nokia.com: C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012.04.17 21:39:31 | 000,000,000 | ---D | M]
 
[2012.07.22 16:00:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\AstaLaVista\AppData\Roaming\mozilla\Extensions
[2012.07.22 16:00:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\AstaLaVista\AppData\Roaming\mozilla\Extensions\ideskbrowser@haufe.de
[2012.08.07 12:58:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\AstaLaVista\AppData\Roaming\mozilla\Firefox\Profiles\i5dygax2.default\extensions
[2011.07.26 13:30:48 | 000,000,000 | ---D | M] (Aardvark) -- C:\Users\AstaLaVista\AppData\Roaming\mozilla\Firefox\Profiles\i5dygax2.default\extensions\aardvark@rob.brown
[2012.08.07 12:58:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.06.01 12:19:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.06.05 09:48:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.07.17 09:41:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2012.07.16 10:07:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2008.12.10 15:49:34 | 000,023,040 | ---- | M] (National Instruments) -- C:\Program Files (x86)\mozilla firefox\plugins\nplv86win32.dll
[2010.10.19 19:15:20 | 000,025,088 | ---- | M] (National Instruments) -- C:\Program Files (x86)\mozilla firefox\plugins\nplv90win32.dll
[2011.12.14 19:07:43 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.07.20 16:09:25 | 000,002,291 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2011.12.14 19:07:43 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.12.14 19:07:43 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.12.14 19:07:43 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.12.14 19:07:43 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - No CLSID value found.
O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUS Ai Charger] C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [HostManager] C:\Program Files (x86)\Common Files\AOL\1286106206\ee\AOLSoftware.exe (AOL Inc.)
O4 - HKLM..\Run: [NI Background Service] C:\Program Files (x86)\National Instruments\Shared\Update Service\niupdate.exe (National Instruments)
O4 - HKCU..\Run: []  File not found
O4 - HKCU..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - Startup: C:\Users\AstaLaVista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk =  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - DD:\Programme\x64\vsocklib.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000016 - DD:\Programme\x64\vsocklib.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000017 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range -  5)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3C673113-BB8E-4CF5-9F28-2F0DD534FC88}: DhcpNameServer = 192.168.1.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7B51B878-A5A1-4291-B0E5-15445FF1C9E5}: DhcpNameServer = 10.74.210.210 10.74.210.211
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A9BF99A1-D919-42FA-B5F7-93C6180B8D1B}: DhcpNameServer = 192.168.1.1 192.168.2.1
O18:64bit: - Protocol\Handler\haufereader - No CLSID value found
O18 - Protocol\Handler\haufereader - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.07.15 21:39:51 | 000,000,122 | R--- | M] () - F:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2010.10.26 21:34:30 | 000,001,813 | ---- | M] () - G:\Automation License Manager.lnk -- [ NTFS ]
O32 - Unable to obtain root file information for disk H:\
O32 - AutoRun File - [2009.06.29 10:50:56 | 000,000,000 | ---- | M] () - M:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{9076c8ff-11a3-11e0-afd5-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{9076c8ff-11a3-11e0-afd5-005056c00008}\Shell\AutoRun\command - "" = K:\KODAK_Software_Downloader.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.08.09 11:04:31 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\AstaLaVista\Desktop\OTL.exe
[2012.08.09 00:51:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.08.09 00:51:28 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.08.09 00:23:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012.08.09 00:23:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012.08.09 00:23:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012.08.09 00:10:43 | 000,000,000 | ---D | C] -- C:\Users\AstaLaVista\Desktop\backups
[2012.08.09 00:02:19 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\AstaLaVista\Desktop\HiJackThis204.exe
[2012.07.24 10:08:01 | 000,000,000 | ---D | C] -- C:\Users\AstaLaVista\Documents\BriefeanHr.Semmler
[2012.07.22 16:00:46 | 000,000,000 | ---D | C] -- C:\Users\AstaLaVista\AppData\Roaming\Haufe Mediengruppe
[2012.07.22 16:00:46 | 000,000,000 | ---D | C] -- C:\Users\AstaLaVista\AppData\Local\Haufe Mediengruppe
[2012.07.21 12:33:58 | 000,000,000 | ---D | C] -- C:\Users\AstaLaVista\Documents\netbank_giroLoyal_Antrag_und_Rueckumschlag_342815
[2012.07.20 23:32:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Haufe
[2012.07.20 23:30:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Haufe
[2012.07.20 23:30:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Haufe
[2012.07.20 22:23:08 | 000,000,000 | ---D | C] -- C:\ProgramData\DownloadManager
[2012.07.20 20:07:21 | 000,000,000 | ---D | C] -- C:\Users\AstaLaVista\Desktop\TAXMAN 2012
[2012.07.17 15:28:11 | 000,000,000 | ---D | C] -- C:\Users\AstaLaVista\Documents\IMG_1073
[2012.07.16 10:07:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.07.16 10:06:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012.07.13 21:01:27 | 000,000,000 | ---D | C] -- C:\Users\AstaLaVista\Documents\(BestätigungHerrSemmler14.-15.07.2012)
[2012.07.12 19:48:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASM104xUSB3
[2012.07.12 19:47:28 | 000,000,000 | ---D | C] -- C:\Users\AstaLaVista\Desktop\Asmedia_USB3_V11430_XPVistaWin7
[2012.07.12 13:56:10 | 000,000,000 | ---D | C] -- C:\Users\AstaLaVista\Documents\p1locStarzik
[3 C:\Users\AstaLaVista\Documents\*.tmp files -> C:\Users\AstaLaVista\Documents\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.08.09 10:36:56 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\AstaLaVista\Desktop\OTL.exe
[2012.08.09 10:23:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.09 09:36:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.09 02:00:02 | 000,018,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.09 02:00:02 | 000,018,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.09 01:52:02 | 2146,000,895 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.09 00:51:31 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.08.09 00:23:34 | 000,001,258 | ---- | M] () -- C:\Users\AstaLaVista\Desktop\Spybot - Search & Destroy.lnk
[2012.08.08 23:58:54 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\AstaLaVista\Desktop\HiJackThis204.exe
[2012.08.08 22:43:03 | 000,002,562 | ---- | M] () -- C:\Windows\diagwrn.xml
[2012.08.08 22:43:03 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2012.08.08 22:41:13 | 000,007,132 | ---- | M] () -- C:\Users\AstaLaVista\Desktop\Windows-Kompatibilitätsbericht.htm
[2012.08.08 01:09:52 | 001,984,382 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.08 01:09:52 | 000,833,142 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.08.08 01:09:52 | 000,776,498 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.08 01:09:52 | 000,202,846 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.08.08 01:09:52 | 000,169,058 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.08.07 00:34:40 | 000,000,432 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2012.08.07 00:25:53 | 001,730,354 | ---- | M] () -- C:\Users\AstaLaVista\Documents\Anmeldung_Fortbildungspruefung.pdf
[2012.08.05 11:21:24 | 000,026,849 | ---- | M] () -- C:\Users\AstaLaVista\Desktop\6-schuljahr,-schuelerband.jpg
[2012.07.25 20:16:37 | 000,382,898 | ---- | M] () -- C:\Users\AstaLaVista\Documents\TAXMAN_2012_Dasi.zip
[2012.07.24 10:08:01 | 003,762,774 | ---- | M] () -- C:\Users\AstaLaVista\Documents\BriefeanHr.Semmler.zip
[2012.07.23 16:12:38 | 001,453,631 | ---- | M] () -- C:\Users\AstaLaVista\Desktop\Contract Vertrag Holiday Frankreich001.jpg
[2012.07.21 12:33:58 | 000,767,279 | ---- | M] () -- C:\Users\AstaLaVista\Documents\netbank_giroLoyal_Antrag_und_Rueckumschlag_342815.zip
[2012.07.21 11:11:50 | 000,019,863 | ---- | M] () -- C:\Users\AstaLaVista\Documents\IhreRetoure6510214669.pdf
[2012.07.21 00:24:33 | 000,002,669 | ---- | M] () -- C:\Users\Public\Desktop\TAXMAN 2012.lnk
[2012.07.20 23:32:38 | 000,002,319 | ---- | M] () -- C:\Users\Public\Desktop\TAXMAN Bibliothek 2012.lnk
[2012.07.19 20:42:52 | 000,012,750 | ---- | M] () -- C:\Users\AstaLaVista\Documents\=windows-1250QBank=E4nderung=2EPDF=
[2012.07.19 16:45:13 | 000,012,750 | ---- | M] () -- C:\Users\AstaLaVista\Documents\Kennwort.pdf
[2012.07.19 13:46:15 | 002,268,071 | ---- | M] () -- C:\Users\AstaLaVista\Desktop\diego001.jpg
[2012.07.17 15:57:56 | 001,199,146 | ---- | M] () -- C:\Users\AstaLaVista\Desktop\Pattex Conrad rechnung002.jpg
[2012.07.17 15:52:35 | 001,211,176 | ---- | M] () -- C:\Users\AstaLaVista\Desktop\Pattex Conrad rechnung001.jpg
[2012.07.17 15:28:11 | 002,132,203 | ---- | M] () -- C:\Users\AstaLaVista\Documents\IMG_1073.zip
[2012.07.13 21:01:27 | 000,379,198 | ---- | M] () -- C:\Users\AstaLaVista\Documents\(BestätigungHerrSemmler14.-15.07.2012).zip
[2012.07.12 19:47:15 | 005,294,566 | ---- | M] () -- C:\Users\AstaLaVista\Desktop\Asmedia_USB3_V11430_XPVistaWin7.zip
[2012.07.12 13:56:10 | 002,001,415 | ---- | M] () -- C:\Users\AstaLaVista\Documents\p1locStarzik.zip
[3 C:\Users\AstaLaVista\Documents\*.tmp files -> C:\Users\AstaLaVista\Documents\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.08.09 00:51:31 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.08.09 00:23:34 | 000,001,258 | ---- | C] () -- C:\Users\AstaLaVista\Desktop\Spybot - Search & Destroy.lnk
[2012.08.08 22:41:14 | 000,007,132 | ---- | C] () -- C:\Users\AstaLaVista\Desktop\Windows-Kompatibilitätsbericht.htm
[2012.08.07 00:25:35 | 001,730,354 | ---- | C] () -- C:\Users\AstaLaVista\Documents\Anmeldung_Fortbildungspruefung.pdf
[2012.08.05 11:21:24 | 000,026,849 | ---- | C] () -- C:\Users\AstaLaVista\Desktop\6-schuljahr,-schuelerband.jpg
[2012.07.24 10:07:15 | 003,762,774 | ---- | C] () -- C:\Users\AstaLaVista\Documents\BriefeanHr.Semmler.zip
[2012.07.23 16:12:37 | 001,453,631 | ---- | C] () -- C:\Users\AstaLaVista\Desktop\Contract Vertrag Holiday Frankreich001.jpg
[2012.07.22 18:26:28 | 000,382,898 | ---- | C] () -- C:\Users\AstaLaVista\Documents\TAXMAN_2012_Dasi.zip
[2012.07.21 12:33:49 | 000,767,279 | ---- | C] () -- C:\Users\AstaLaVista\Documents\netbank_giroLoyal_Antrag_und_Rueckumschlag_342815.zip
[2012.07.21 11:11:49 | 000,019,863 | ---- | C] () -- C:\Users\AstaLaVista\Documents\IhreRetoure6510214669.pdf
[2012.07.20 23:32:38 | 000,002,319 | ---- | C] () -- C:\Users\Public\Desktop\TAXMAN Bibliothek 2012.lnk
[2012.07.20 23:31:39 | 000,002,669 | ---- | C] () -- C:\Users\Public\Desktop\TAXMAN 2012.lnk
[2012.07.19 20:42:51 | 000,012,750 | ---- | C] () -- C:\Users\AstaLaVista\Documents\=windows-1250QBank=E4nderung=2EPDF=
[2012.07.19 16:45:13 | 000,012,750 | ---- | C] () -- C:\Users\AstaLaVista\Documents\Kennwort.pdf
[2012.07.19 13:45:57 | 002,268,071 | ---- | C] () -- C:\Users\AstaLaVista\Desktop\diego001.jpg
[2012.07.17 15:57:55 | 001,199,146 | ---- | C] () -- C:\Users\AstaLaVista\Desktop\Pattex Conrad rechnung002.jpg
[2012.07.17 15:52:35 | 001,211,176 | ---- | C] () -- C:\Users\AstaLaVista\Desktop\Pattex Conrad rechnung001.jpg
[2012.07.17 15:27:49 | 002,132,203 | ---- | C] () -- C:\Users\AstaLaVista\Documents\IMG_1073.zip
[2012.07.13 21:01:22 | 000,379,198 | ---- | C] () -- C:\Users\AstaLaVista\Documents\(BestätigungHerrSemmler14.-15.07.2012).zip
[2012.07.12 19:47:14 | 005,294,566 | ---- | C] () -- C:\Users\AstaLaVista\Desktop\Asmedia_USB3_V11430_XPVistaWin7.zip
[2012.07.12 13:55:49 | 002,001,415 | ---- | C] () -- C:\Users\AstaLaVista\Documents\p1locStarzik.zip
[2012.06.16 20:43:00 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2012.06.16 20:43:00 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2012.06.16 20:41:50 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012.06.16 20:41:48 | 000,032,497 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2012.06.16 15:09:23 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2012.06.16 15:09:23 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2012.04.14 23:10:28 | 000,003,997 | ---- | C] () -- C:\Windows\scad3.INI
[2012.02.29 13:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012.02.27 10:41:52 | 000,202,240 | ---- | C] () -- C:\Windows\SysWow64\LXPrnUtil10.dll
[2012.02.27 10:40:44 | 000,304,128 | ---- | C] () -- C:\Windows\SysWow64\LxDNT100.dll
[2012.02.27 10:38:36 | 000,133,120 | ---- | C] () -- C:\Windows\SysWow64\LxDNTvmc100.dll
[2012.02.27 10:38:18 | 000,069,120 | ---- | C] () -- C:\Windows\SysWow64\LxDNTvm100.dll
[2011.12.05 21:54:43 | 000,001,125 | ---- | C] () -- C:\Users\AstaLaVista\Dokumente - Verknüpfung.lnk
[2011.11.10 23:06:31 | 000,000,017 | ---- | C] () -- C:\Users\AstaLaVista\AppData\Local\resmon.resmoncfg
[2011.09.03 13:19:30 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011.08.09 12:48:39 | 000,000,153 | ---- | C] () -- C:\Windows\ODBC.INI
[2011.08.05 23:17:56 | 000,009,216 | ---- | C] () -- C:\Users\AstaLaVista\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.13 10:03:16 | 000,303,104 | ---- | C] () -- C:\Windows\SysWow64\dnt27VC8.dll
[2011.05.13 10:01:22 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\dntvmc27VC8.dll
[2011.05.13 10:01:00 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\dntvm27VC8.dll
[2010.10.13 20:58:31 | 001,961,340 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.10.03 23:46:25 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010.10.03 23:46:25 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\BD2030.DAT
[2010.10.03 13:19:08 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.10.03 13:07:44 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
 
========== LOP Check ==========
 
[2012.02.07 22:09:32 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Arduino
[2012.02.01 09:25:02 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Ashampoo
[2012.04.26 23:47:58 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Asxany
[2011.10.09 20:30:22 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\CadSoft
[2011.01.11 01:12:33 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Dev-Cpp
[2011.11.02 18:45:18 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\DVSE GmbH
[2011.10.09 12:02:29 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\EPSON
[2012.02.22 17:59:11 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Fritzing
[2011.01.08 14:38:25 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\GetRightToGo
[2012.07.22 16:00:46 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Haufe Mediengruppe
[2012.04.15 23:23:57 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\HeidiSQL
[2012.04.14 21:20:57 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\ibf
[2011.02.27 16:05:02 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\ImgBurn
[2010.10.10 01:23:01 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Leadertech
[2011.04.24 11:07:49 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\LEGO Media
[2011.08.09 17:13:59 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Lexware
[2012.04.14 23:07:57 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\LTC
[2012.01.15 19:51:50 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\National Instruments
[2012.04.18 08:29:10 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Nokia
[2011.09.23 19:55:34 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Nokia Ovi Suite
[2010.10.03 14:29:08 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\OpenOffice.org
[2010.10.03 13:53:50 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Opera
[2011.10.31 09:47:13 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Origin
[2012.04.27 15:03:22 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Oxota
[2011.09.23 19:59:54 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\PC Suite
[2010.12.27 13:49:19 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Skinux
[2011.11.25 00:04:35 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\TuneUp Software
[2012.03.23 21:52:21 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Ucoz
[2011.10.19 20:28:42 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Vocup
[2012.07.04 18:29:42 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 24 bytes -> C:\Windows:8FEEB0BF75CBDF76

< End of report >
         
--- --- ---




EXTRA.txt.OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 09.08.2012 11:04:43 - Run 1
OTL by OldTimer - Version 3.2.56.0     Folder = C:\Users\AstaLaVista\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 6,24 Gb Available Physical Memory | 78,01% Memory free
15,99 Gb Paging File | 13,46 Gb Available in Paging File | 84,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 189,19 Gb Total Space | 118,93 Gb Free Space | 62,87% Space Free | Partition Type: NTFS
Drive D: | 52,92 Gb Total Space | 19,17 Gb Free Space | 36,24% Space Free | Partition Type: NTFS
Drive E: | 21,61 Gb Total Space | 6,14 Gb Free Space | 28,41% Space Free | Partition Type: NTFS
Drive F: | 2,97 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive G: | 5,30 Gb Total Space | 0,90 Gb Free Space | 17,07% Space Free | Partition Type: NTFS
Drive H: | 15,03 Gb Total Space | 3,31 Gb Free Space | 22,03% Space Free | Partition Type: FAT32
Drive M: | 141,19 Gb Total Space | 38,24 Gb Free Space | 27,09% Space Free | Partition Type: FAT32
 
Computer Name: ASTALAVISTA-PC | User Name: AstaLaVista | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{121B05EA-49C6-4967-9F3D-A524738EF466}" = rport=445 | protocol=6 | dir=out | app=system | 
"{14FEF1B3-2D9B-448F-A41E-6AFF62B59048}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{181691D7-5AE6-46FE-BF0E-C43FB7B71441}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{1874E7EA-1607-4B25-850E-6ECD0CD5DAC0}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{1DD3EC0F-BD8A-4A6F-BC57-C21EF8B3879F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{3624DAE8-FF37-4C7D-82EA-648FA0DBC2F9}" = lport=137 | protocol=17 | dir=in | app=system | 
"{391362B2-1F70-42FA-9440-5A2812469572}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{3A62F956-BC36-49FC-9064-161D7189F800}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{3D06744D-A4B9-4E75-8684-2E2BA85A485E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{3F5859A5-C564-4FE2-B357-A2DC48921FB1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{45087C81-A404-48D8-9B40-92F45F9C99E0}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{460D1B51-F99C-4FDA-B1B8-E20D95C3547F}" = lport=138 | protocol=17 | dir=in | app=system | 
"{4FB320D4-B274-49A6-A559-B19C64E7A161}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{5566E58E-3914-4B01-8EA3-5C1AE5F91CB8}" = rport=139 | protocol=6 | dir=out | app=system | 
"{566E0AE6-8CF8-47C0-83FF-D18781E6A559}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{5CD6E2F9-5B8F-4ACA-889D-BA6531BAD955}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{65434C8C-A0F2-4217-ADEE-1557F16DC364}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{66EC20EF-A4CC-439C-8EB9-BD49590C0ADB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{6A382021-9F2A-47A1-A9BD-B635D4072249}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{6BFE4453-C2A1-41D0-AC9E-5CBCCEE2B967}" = lport=1542 | protocol=6 | dir=in | name=realtek wps tcp prot | 
"{6D4A4710-6CD4-45CB-9614-D864D57F7A82}" = lport=53 | protocol=17 | dir=in | name=realtek ap udp prot | 
"{75C91A0F-0134-4583-9CE9-FC92E879E9DA}" = lport=445 | protocol=6 | dir=in | app=system | 
"{92AD8858-CFED-4329-9D36-9799755982BD}" = lport=139 | protocol=6 | dir=in | app=system | 
"{9A08DFCC-E54B-408D-91C5-636A139C08C8}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{AE21704A-4429-4FCF-9139-6E5F8061ACF6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{AF15764C-8F60-403C-B3AB-9CD30860EC3F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{BCC15698-6158-48C5-86C6-11C99129E656}" = rport=138 | protocol=17 | dir=out | app=system | 
"{C380B045-5C9C-42BD-8C09-711DB5C1DE74}" = rport=137 | protocol=17 | dir=out | app=system | 
"{C8E45625-3429-4CEC-9AC0-582CEB84AB32}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{E2C7DA95-B005-4AE4-9932-732E6337FDEF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{E76BBDB2-D13F-4EC6-83D5-52A984DFBF02}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{E92B02F8-1840-4FBA-92B5-6836D1C68476}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{ED174098-656E-47BA-9815-B61E8EEE2688}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{FC4C24A8-F4D3-4A3F-AB14-90BABC935DF0}" = lport=1542 | protocol=17 | dir=in | name=realtek wps udp prot | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0687B906-F5EF-4BED-AA23-C191D1CB5345}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\acs\aoldial.exe | 
"{08618EC7-5913-4E8D-A940-B5C95D29723B}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe | 
"{086F28B8-BCE6-4E90-8555-4A53CC746BF8}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\acs\aoldial.exe | 
"{0D31A316-1819-4EBF-96ED-F919DA36D06B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{1073BFDF-C7BB-410F-B430-8AD4D60E5FF8}" = protocol=6 | dir=in | app=c:\program files (x86)\sitecom\300n usb wireless lan utility\rtwlan.exe | 
"{12F4EB3F-D8C7-4F98-81F9-95CC09C87F50}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{17D818A1-C257-4267-B7DD-377B0D275634}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\system information\sinf.exe | 
"{199B1715-D112-4EEA-9C58-3D30472B1FBE}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\acs\aolacsd.exe | 
"{1D4AE342-80D3-42E4-B858-595B7283FF8C}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\acs\aoldial.exe | 
"{213C0F9F-4976-4F42-9466-3FE092781E7E}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\system information\sinf.exe | 
"{22689738-C5B8-4E85-96F1-FD530363F8BD}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{23818030-1F55-47CE-8851-009D176D0961}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe | 
"{324936A8-429B-497D-B357-15FD677ADAA2}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\fifa 12\game\fifa.exe | 
"{352460CD-B631-421E-A098-923643EFB503}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{3C9BD508-E308-4FBB-B73F-51D95BB5A569}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{40A7E5FF-0FA6-4D9D-BBE8-19DCFE2CA1EA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{50445194-3CDE-4039-A336-0A4DF083F2D7}" = protocol=6 | dir=in | app=c:\program files (x86)\sybase\sql anywhere 9\win32\dbsrv9.exe | 
"{51C25E29-4B84-4024-B9DF-DA08BDFA557D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{51F13C9F-246A-4D72-AACB-EF49E44E0929}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe | 
"{550F4015-14E7-425E-844E-79DAD94BF9B3}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\topspeed\3.0\aoltpsd3.exe | 
"{56F96A08-B9DA-4A2B-8163-A440E36E68A5}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\acs\aoldial.exe | 
"{593928AD-9700-4AC4-A4BC-B6E217B0CA40}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\1286106206\ee\aolsoftware.exe | 
"{6131ACA1-A7AA-4DB5-B5B1-3FB5DD6003D2}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe | 
"{68D741D2-2331-48F1-A053-79C7BD5693F9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{6BEEA514-F9F6-4932-BB5A-D5AD0965DFB9}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\1286106206\ee\aolsoftware.exe | 
"{70A070B5-FB5C-4CE2-A289-3686835362FC}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\acs\aolacsd.exe | 
"{74183B9C-A223-4CA3-AA47-B2DBDA3080A9}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{76A036E9-D3AE-4415-9D5B-5F719DCF277E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{7C1C97BB-6027-4030-BBF3-6CD581DB7A6D}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe | 
"{81E20C74-D38D-4899-AD64-04E92961BFA7}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe | 
"{82835B4E-ACEF-42EA-B597-DC847FF8ED20}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{85F9DAF0-D1AF-46ED-AEAC-62CF20433928}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{92B897D7-9F1A-4879-BA54-8DC864394B16}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\acs\aolacsd.exe | 
"{93F57C00-4E0B-42CF-B0BC-4F771ED2DDC0}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\1286106206\ee\aolsoftware.exe | 
"{A02F53C5-279C-42B7-BF58-9FCE52A8A50A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{A252C970-ED17-44CB-94D4-5610EFB8C24C}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe | 
"{A3D152DE-8EFD-43D0-BA2E-A1F21FF148D1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{A64323F6-E23F-48A4-9E98-784969D28237}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{AB90F3DD-5CAA-4B53-B84B-17F6E3921693}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\topspeed\3.0\aoltpsd3.exe | 
"{AC59179E-A039-4E17-B3D8-9B3ADBA74C46}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe | 
"{AF65953B-55E8-403B-BBE6-DC21022E522B}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\fifa 12\game\fifa.exe | 
"{B8097C66-BCA2-4B2D-8D92-2D417D0E5A82}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{B84C5A9D-42E7-422F-8D8E-ABC8B81B16E2}" = protocol=17 | dir=in | app=c:\program files (x86)\sitecom\300n usb wireless lan utility\rtwlan.exe | 
"{BCF82093-781B-44A5-8D27-BC09047751B7}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{C5A59AB2-CCB4-4E92-A755-312A9148A2E3}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{C8B46F28-0DFF-426E-A407-3C0E9CD00FFC}" = protocol=17 | dir=in | app=c:\program files (x86)\sybase\sql anywhere 9\win32\dbsrv9.exe | 
"{C96B7694-73F5-4D27-BE7A-1B12AAB47D61}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{CAED408A-4C77-44A0-B3D3-3183084F1725}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\1286106206\ee\aolsoftware.exe | 
"{CBED26BD-4878-4BBF-9274-1506C9B94A95}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{D06D02E5-AFAF-4974-90F6-5731DA6BE7C2}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{D17B905D-F362-4C53-B5F2-6E529146259F}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\acs\aolacsd.exe | 
"{D6AB1DAC-B40C-406F-8371-C840344CF0E5}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe | 
"{D6B63EE3-6CCF-41B6-83B6-96DE0423CA5B}" = protocol=6 | dir=out | app=system | 
"{E8FE35AE-A843-4F8F-986C-7C9D46DA871D}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\topspeed\3.0\aoltpsd3.exe | 
"{EEE758CD-C96D-4DE2-8990-5780BD46724F}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{F01121A6-AB7A-4174-A5DC-DBEC894CB93D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{F40A0307-E4A1-4AA2-A624-232C557DA5D9}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{F507F49F-1498-4417-AE63-1CAA2A933B42}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{F7AF57F2-F511-417C-8D3F-8D02D7575349}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{FD8D08EB-BA43-4ED1-92E3-5C242C7AC5DA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{FDA0250C-43C9-4494-8AAE-363DAB8B6F8C}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\topspeed\3.0\aoltpsd3.exe | 
"TCP Query User{3E973B62-F048-4FCF-B46C-B0015C1A22A4}C:\users\astalavista\downloads\kicad-20120121-r3372-windows\eeschema.exe" = protocol=6 | dir=in | app=c:\users\astalavista\downloads\kicad-20120121-r3372-windows\eeschema.exe | 
"UDP Query User{7438D975-F806-45BB-9B0B-DE18A23FB3FB}C:\users\astalavista\downloads\kicad-20120121-r3372-windows\eeschema.exe" = protocol=17 | dir=in | app=c:\users\astalavista\downloads\kicad-20120121-r3372-windows\eeschema.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{09782D89-1CA6-4B7D-82C5-2DE01AF5601B}" = Microsoft SQL Server 2008 Common Files
"{0ADF605D-2D94-4467-91F7-D75C71CF328D}" = Microsoft SQL Server 2008 Database Engine Shared
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{21903252-3854-48D6-8F0C-F648CFA818C9}" = NI Help Assistant (64bit)
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416013FF}" = Java(TM) 6 Update 13 (64-bit)
"{28D06854-572C-4A65-83E5-F8CAF26B9FDC}" = Microsoft SQL Server VSS Writer
"{2DF4C5DD-7417-301D-935D-939D3B7B5997}" = Microsoft Help Viewer 1.0 Language Pack - DEU
"{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}" = Sql Server Customer Experience Improvement Program
"{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU
"{3DD68F17-2C5D-49AC-9280-13C90FE19B71}" = NI Logos64 5.1.3
"{440668AA-7524-40DB-966A-60BE535E1B3F}" = Microsoft SQL Server 2008 Database Engine Services
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{4EBBC187-6988-4B10-A846-E1DBD2AD2B8D}" = NI Math Kernel Libraries (64-bit)
"{52167B0C-FB5D-43E7-BEC5-24EE6BEE2BA0}" = DVSE Updater
"{5340A3B5-3853-4745-BED2-DD9FF5371331}" = Microsoft SQL Server 2008 Common Files
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{62140B07-129A-2BD0-81D2-2A1A7408ADC8}" = ATI Catalyst Install Manager
"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{6AF73222-EE90-434C-AE7E-B96F70A68D89}" = Unterstützungsdateien für Microsoft SQL Server 2008-Setup 
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7ACE202B-1B01-4B43-B6AE-03D66D621CDE}" = Microsoft SQL Server 2008 RsFx Driver
"{7C39E0D1-E138-42B1-B083-213EC2CF7692}" = Microsoft SQL Server Native Client
"{8325FD0C-2FDB-46C3-921A-3A78385EA972}" = Microsoft SQL Server 2008 Native Client
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-0015-0407-1000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-1000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-1000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-1000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-1000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-003D-0000-1000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0407-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (German) 2010
"{90140000-006E-0407-1000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{945CF655-4A32-4667-B085-70A9D53C5A86}" = NI VC2008MSMs x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{B092C4EE-F80B-48DD-B57D-C42B66543BE0}" = NI VC2005MSMs x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{C342A5D7-9D75-4D37-879A-BAA68D168670}" = NI Logos64 XT Support
"{C3EAE456-7E7A-451F-80EF-F34C7A13C558}" = Microsoft SQL Server Compact 3.5 SP2 x64 DEU
"{CA7DAF6F-D5F4-46FD-A824-7E0B472C3211}" = NI USI 1.7.0 64-Bit
"{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}" = Microsoft SQL Server 2008 Database Engine Shared
"{CCC79B52-19CF-4A50-BE60-AEE3DE96B3EA}" = NI Web Pipeline 2.0.1 64-bit support
"{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes
"{D8C0E5E1-3B66-465D-8F9B-F591F5CDA726}" = NI Trace Engine (64-bit)
"{E63A64BC-6458-432B-A5FA-A61BFD34EA6E}" = NI TDMS (64-bit)
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = Microsoft SQL Server 2008 Database Engine Services
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"CCleaner" = CCleaner
"EPSON SX410 Series" = EPSON SX410 Series Printer Uninstall
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 (64-bit)
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 (64-bit)
"Office14.SingleImage" = Microsoft Office Home and Student 2010
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU
"{0197D136-598D-4968-BEEA-91C1B764F05D}" = Lexware buchhalter 2012
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (JTLWAWI)
"{02B6E651-686D-4BCD-8A93-C07B01761745}" = NI Logos 5.1.3
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}" = HP USB Disk Storage Format Tool
"{0F32914F-A633-4516-B531-7084C8F19F93}" = Haufe iDesk-Browser
"{0FD812C9-3BBE-4CC5-A43C-B7304E3EC581}" = NI Web Pipeline 2.0.1
"{1923679F-C14B-4790-BC54-EFA3FCDE147B}" = Lexware Elster
"{1D081AB0-B1CC-11E0-80C0-005056B12123}" = Haufe iDesk-Service
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200927E3-5E45-493A-9343-508613BC59CE}" = NI LabVIEW Web Services Runtime
"{213B996A-A55B-4F9F-B897-2F8C4397EF97}" = WinFunktion Mathematik + 16
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 33
"{2DBC8A34-0646-4F3D-B005-414E317FB281}" = NI Circuit Design Suite 11.0.2 Edu Licenses
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{2FFCCA65-E775-4636-8274-B382F72F6D24}" = Cadence Allegro Free Physical Viewers 16.5
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{3526C5B8-60EE-4199-BEFD-6BCC86F051B9}" = TAXMAN 2011
"{37BC8FCE-15B1-456E-A62C-EEB175B71340}" = Lexware reisekosten plus 2011
"{3A05B900-A3E7-11DE-A9B7-005056806466}" = Google Earth
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11
"{41A0986C-CED7-4C93-AFF2-DC8566253B7B}" = NI MetaSuite Installer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA68A73-DB9C-439D-9481-981C82BD008B}" = Nokia Connectivity Cable Driver
"{4AF2248C-B3DF-46FB-9596-87F5DB193689}" = Microsoft SQL Server 2008 Browser
"{4FFBBF14-D82E-483D-8C1D-FCECAABD399E}" = NI LabWindows/CVI 9.0.1 Run-Time Engine
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{57B77060-04B4-468E-89A9-F68EEE466F57}" = NI USI 1.7.0
"{5C0BBD9F-2D3F-4093-AD7B-3F7377E0EDCA}" = NI LabVIEW Real-Time NBFifo
"{5DC29616-B2BD-4E55-BDA1-AA81D30F83D5}" = LTpowerPlay
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{604D1BD4-7EE3-4704-8D53-0675FA94AE57}" = NI MDF Support
"{63E19B33-DD24-4EAB-9E77-6735C2171CE4}" = NI VC2005MSMs x86
"{644DAD90-2083-4871-BD49-721BF8FAE295}" = NI LabVIEW Run-Time Engine 8.6.1
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65246CE4-17F2-4896-8828-696086BED5F6}" = NI TDMS
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6C520D64-E109-4A73-82A3-7808592051BC}" = NI Circuit Design Suite 11.0.2 Core
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6F7D11DC-DE87-45C8-A37E-A35B724FC771}" = NI Help Assistant
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries
"{7ACFB216-29F7-4331-A5ED-2563AEB51F21}" = NI Trace Engine
"{7BE5AA0C-E564-430F-B297-2B01121A1C5A}" = NI LabVIEW Real-Time NBFifo
"{7CD0F3A4-AA2F-4F6E-84F4-BFC2905D4BA3}" = NI EULA Depot
"{7FB64E72-9B0E-4460-A821-040C341E414A}" = ASUS Ai Charger
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}" = EPU-4 Engine
"{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}" = Nokia Suite
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B05C597-5509-47C6-87B8-461E1BB6AF5C}" = NI LabVIEW Run-Time Engine 2009
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C049499-055C-4a0c-A916-1D8CA1FF45EB}" = Sitecom 300N USB Wireless LAN Driver and Utility
"{A2AA4204-C05A-4013-888A-AD153139297F}" = PC Connectivity Solution
"{A3752527-E9F5-4EE5-9A09-D6582AFE1D35}" = NI Circuit Design Suite 11.0.2 Education
"{A53A11EA-0095-493F-86FA-A15E8A86A405}" = VMware Player
"{AA027AE9-DD20-4677-AA72-D760A358320B}" = Microsoft VC9 runtime libraries
"{ABD79E99-F9E3-413B-8D18-11070754355F}" = NI Math Kernel Libraries
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B10F8C17-3DB8-4093-92F6-9F85C263D51A}" = NI LabVIEW Run-Time Engine Interop 2009
"{B226F936-42E3-402E-8CF8-C1D92F255A17}" = NI Uninstaller
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BBAAAD82-6242-420F-86D4-BD72BB5E6C86}" = Tools für Microsoft SQL Server 2005 Express Edition
"{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1" = Emsisoft Anti-Malware
"{BE95841B-D741-4B72-B79B-1EC61240F10E}" = NI Service Locator
"{C0FF3C38-FC96-4575-8A7B-89DDA3F9C79D}" = NI-Update-Dienst 1.1
"{C1C50448-C067-454A-80B2-334ECAC8F414}" = Lexware Admintools Plus
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{CFF55EAB-5A2F-4A95-99D4-EF3E585F03FD}" = NI Logos XT Support
"{D34A78EB-78F2-48ab-8CAE-5D4DC255A491}" = Lexware reisekosten plus 2011
"{D361B9E5-E918-48CB-BEC3-8E44A5F6E624}" = NI LabVIEW 2009 SP1 Run-Time Engine Web Services
"{D581FB60-4827-4AB0-9BF0-A1159C1D0579}" = NI License Manager
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DAD5AC93-8518-4F46-A5FE-E63FEE791B6F}" = AMD OverDrive
"{DADC7AB0-E554-4705-9F6A-83EA82ED708E}" = Realtek Ethernet Diagnostic Utility
"{DAF15921-FA90-4427-82A2-1852A9BAC99A}" = Lexware Datenbank plus 2011
"{DB2C5648-700D-4AEF-83E1-70C72F0C34FA}" = NI Math Kernel Libraries
"{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}" = Microsoft Visual C++ 2010 Express - DEU
"{DF344785-0900-471E-B9F5-6F28C89AF638}" = TAXMAN Bibliothek 2012
"{E37CCD6C-56C1-43C7-B2FA-24A32B6B09F7}" = NI Example Finder 9.0
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{EA8ADAA9-6671-4839-A51E-0C6792B78F3E}" = FIFA 12
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EC8BF669-EFEA-40D9-8894-9074E407FC07}" = NI VC2008MSMs x86
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F11F2CA2-F45F-4CC2-8962-28A0F5DC625A}" = NI-Update-Dienst 1.1 Full
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3C2ECAA-1B4D-4B75-9105-106B0D03EF02}" = Lexware Info Service
"{FA3FDB06-3368-4579-B2F2-5AE8AD6E7871}" = TAXMAN 2012
"{FE24BCDF-9231-450D-AA08-D3550B81EE41}" = NI LabVIEW Web Server for Run-Time Engine
"{FEFA778A-05D2-4D0F-80A3-7AE24B8161C0}" = NI LabVIEW Web Server for Run-Time Engine
"{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AOL Emergency Connect Utility 1.0" = Uninstall AOL Emergency Connect Utility 1.0
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE
"Avira AntiVir Desktop" = Avira Antivirus Premium 2012
"bhv Schule total 2008/09 Starter" = bhv Schule total 2008/09 Starter
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"DivX Setup.divx.com" = DivX-Setup
"EAGLE 6.1.0" = EAGLE 6.1.0
"ELECTRA_is1" = ELECTRA 2.8
"EPSON Scanner" = EPSON Scan
"Flugzeuge bauen mit Willy Werkel_is1" = Flugzeuge bauen mit Willy Werkel
"HC51 9.60PL0" = HI-TECH C51-lite V9.60PL0
"HeidiSQL_is1" = HeidiSQL 7.0.0.4053
"Kalo24 - der Freeware-Kaloreinexperte" = Kalo24 - der Freeware-Kaloreinexperte 1.0.0.0 
"LTspice IV" = LTspice IV
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Microsoft Visual C++ 2010 Express - DEU" = Microsoft Visual C++ 2010 Express - DEU
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"Mozilla Firefox (3.6.28)" = Mozilla Firefox (3.6.28)
"NI Uninstaller" = Software von National Instruments
"nLite_is1" = nLite 1.4.9.1
"Nokia Suite" = Nokia Suite
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Opera 12.01.1532" = Opera 12.01
"Origin" = Origin
"PICC 9.60PL0" = HI-TECH PICC lite V9.60PL0
"Target 3001! V15 discover" = Target 3001! V15 discover
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"ViewpointMediaPlayer" = Viewpoint Media Player
"VMware_Player" = VMware Player
"Vocup_is1" = Vocup 1.4.3
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FIFA 11 Hybrid Gameplay Patch 3.0.4 AUTO INSTALL by Doctor+" = FIFA 11 Hybrid Gameplay Patch 3.0.4 AUTO INSTALL by Doctor+
"FoxTab PDF Converter" = FoxTab PDF Converter
"WinSetupFromUSB" = WinSetupFromUSB
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 08.08.2012 20:23:26 | Computer Name = AstaLaVista-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 10015
 
Error - 08.08.2012 20:23:27 | Computer Name = AstaLaVista-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 08.08.2012 20:23:27 | Computer Name = AstaLaVista-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 11013
 
Error - 08.08.2012 20:23:27 | Computer Name = AstaLaVista-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 11013
 
Error - 08.08.2012 20:23:28 | Computer Name = AstaLaVista-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 08.08.2012 20:23:28 | Computer Name = AstaLaVista-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 12012
 
Error - 08.08.2012 20:23:28 | Computer Name = AstaLaVista-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 12012
 
Error - 08.08.2012 20:23:29 | Computer Name = AstaLaVista-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 08.08.2012 20:23:29 | Computer Name = AstaLaVista-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 13010
 
Error - 08.08.2012 20:23:29 | Computer Name = AstaLaVista-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 13010
 
[ System Events ]
Error - 09.08.2012 05:10:32 | Computer Name = AstaLaVista-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%0
 
Error - 09.08.2012 05:10:32 | Computer Name = AstaLaVista-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem 
dienstspezifischem Fehler beendet: %%-1073741288.
 
Error - 09.08.2012 05:10:35 | Computer Name = AstaLaVista-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%0
 
Error - 09.08.2012 05:10:35 | Computer Name = AstaLaVista-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem 
dienstspezifischem Fehler beendet: %%-1073741288.
 
Error - 09.08.2012 05:10:38 | Computer Name = AstaLaVista-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%0
 
Error - 09.08.2012 05:10:38 | Computer Name = AstaLaVista-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem 
dienstspezifischem Fehler beendet: %%-1073741288.
 
Error - 09.08.2012 05:10:41 | Computer Name = AstaLaVista-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%0
 
Error - 09.08.2012 05:10:41 | Computer Name = AstaLaVista-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem 
dienstspezifischem Fehler beendet: %%-1073741288.
 
Error - 09.08.2012 05:10:44 | Computer Name = AstaLaVista-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%0
 
Error - 09.08.2012 05:10:44 | Computer Name = AstaLaVista-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem 
dienstspezifischem Fehler beendet: %%-1073741288.
 
 
< End of report >
         
--- --- ---


keiner ne idee? ist es überhaupt ein Virus?

Geändert von Dr.Dietz (09.08.2012 um 10:16 Uhr)

Alt 15.08.2012, 15:43   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Firewall lässt sich nicht einschalten / keinerlei Netzwerkzugriff - Standard

Firewall lässt sich nicht einschalten / keinerlei Netzwerkzugriff



Zitat:
Drüber laufen hab ich lassen den AntiVir Premium sowie EmsiSoft Antimalware und den Msert Schadsoftware Scanner von Microsoft sowie zu guter Letzt den S&D Spybot
Und wo sind die Logs dazu? Oder gab es keine Funde?
Das ist nicht rein zufällig ein Büro-PC bzw hauptsächlich gewerblich genutzter Rechner um den es hier geht?
__________________

__________________

Antwort

Themen zu Firewall lässt sich nicht einschalten / keinerlei Netzwerkzugriff
7-zip, access, angezeigt, antimalware, antivir, automatisch, document, eingeschränkter zugriff, emsisoft, firewall, gameplay, google earth, guter, hijack, hotspot, install.exe, interne, internet, langsam, meldung, microsoft, national, netzwerkzugriff, nicht mehr, nvidia update, plug-in, programme, safer networking, scan, scanner, schutz, spybot, usb 3.0, verfügbar, visual studio, windows, windows 7, wirklich, wlan, wrapper, zugriff



Ähnliche Themen: Firewall lässt sich nicht einschalten / keinerlei Netzwerkzugriff


  1. Win 7 : Avira lässt sich nicht mehr öffnen und einschalten . Mir fehlen die Rechte zum deinstallieren.
    Log-Analyse und Auswertung - 14.08.2015 (20)
  2. Windows 7 Firewall ist deaktiviert und lässt sich nicht starten & Basisfiltermodul lässt sich nicht starten
    Plagegeister aller Art und deren Bekämpfung - 23.06.2015 (15)
  3. Zone Alarm Antivirus wird ausgeschaltet und lässt sich nicht einschalten/ Online Games und Webseiten mit Passwort lassen sich nicht besuchen
    Log-Analyse und Auswertung - 14.11.2014 (26)
  4. Zone Alarm Antivirus wird ausgeschaltet und lässt sich nicht einschalten/ Online Games und Webseiten mit Passwort lassen sich nicht besuchen
    Plagegeister aller Art und deren Bekämpfung - 05.10.2014 (4)
  5. Netzwerkerkennung lässt sich nicht einschalten
    Plagegeister aller Art und deren Bekämpfung - 26.03.2014 (32)
  6. Trend Micro Titanium Maximum Security lässt sich nicht einschalten
    Log-Analyse und Auswertung - 10.09.2013 (18)
  7. FIREWALL lässt sich nicht einschalten
    Antiviren-, Firewall- und andere Schutzprogramme - 07.09.2013 (4)
  8. Virus erneuert sich selbst und Firewall lässt sich nicht aktivieren. Rootkit?
    Plagegeister aller Art und deren Bekämpfung - 09.11.2012 (11)
  9. Google Chrom entführt die Seite, Sicherheitscenter lässt sich nicht einschalten
    Plagegeister aller Art und deren Bekämpfung - 29.08.2012 (7)
  10. (2x) keinerlei Netzwerkverbindungen Windows lässt sich nicht mehr einschalten
    Mülltonne - 15.08.2012 (1)
  11. Rechner lässt sich erst nach Aus- und Einschalten des Slaves hochfahren
    Netzwerk und Hardware - 02.07.2012 (28)
  12. Windows Firewall lässt sich nicht einschalten Fehlercode 0X80070424
    Plagegeister aller Art und deren Bekämpfung - 14.05.2012 (12)
  13. Windows Firewall lässt sich nicht einschalten
    Plagegeister aller Art und deren Bekämpfung - 08.05.2012 (10)
  14. Windows-Sicherheitscenter (Vista) ist ausgeschaltet und lässt sich nicht einschalten
    Plagegeister aller Art und deren Bekämpfung - 29.03.2012 (9)
  15. Trojaner, der Virenprogramm vorgaukelt eingefangen + Firewall lässt sich nicht mehr einschalten
    Plagegeister aller Art und deren Bekämpfung - 12.01.2012 (2)
  16. Win XP erhält keine IP-Adresse und Firewall lässt sich nicht einschalten - Kein Internetzugiff
    Plagegeister aller Art und deren Bekämpfung - 25.10.2011 (3)
  17. PC lässt sich nicht mehr einschalten!
    Netzwerk und Hardware - 29.08.2011 (21)

Zum Thema Firewall lässt sich nicht einschalten / keinerlei Netzwerkzugriff - Hallo so langsam komm ich mit meinem Latein ans Ende... BS: Windows 7 Pro 64bit Fehler: Bekomme seit 3 Tagen keinerlei Zugriff auf das Netzwerk/ die Netzwerkdienste, WLAN Netze werden - Firewall lässt sich nicht einschalten / keinerlei Netzwerkzugriff...
Archiv
Du betrachtest: Firewall lässt sich nicht einschalten / keinerlei Netzwerkzugriff auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.