Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Danke, Republik Österreich ;-(

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 10.08.2012, 15:39   #1
Steirerbluat
 
Danke, Republik Österreich ;-( - Standard

Danke, Republik Österreich ;-(



Hallo Leute! War leider oder besser gesagt Gott sei Dank einige Monate nicht mehr online! Heute Vormittag hat's mich jedoch seit Monaten erwischt! Und zwar - Bundespolizeitrojaner der Republik Österreich! Als "nicht-Profi" war nun auch ich, so wie bereits anscheinend viele vor mir, vorerst ziemlich geschockt, doch Dank Google bin bereits auf einige Beiträge, unter anderem auch hier im Forum, gestoßen!
Als ersters hätte ich jetzt erstmal via Eingabeaufforderung bzw. "regedit" versucht den Infizierten Pfad manuell zu finden, leider negativ! Mit CCleaner und "Avira-Scan" hat sich bis dato auch nichts getan! Leider!
In weiterer Folge lässt mich Windows im Abges. Modus die Software für den Stick nicht öffnen, auch nicht im neu angelegten "Gast-Konto"!
Somit weiß ich als "Laie" nun nicht wie ich "ohne Internet" die empfohlene Malwarebytes Software downloaden kann!
Noch dazu muss ich berufsbedingt noch genau jetzt eine wichtige Arbeit schreiben! Genau jetzt! so, und nun sitz ich da mit meinem IPhone am Boden und wein wie ein kleiner Schlosshund! Hätt jemand eine Idee wie ich am Besten vorgehen könnte??? Herzlichen Dank schon mal im Voraus und lg aus Österreich!!

Alt 10.08.2012, 19:53   #2
t'john
/// Helfer-Team
 
Danke, Republik Österreich ;-( - Standard

Danke, Republik Österreich ;-(





Mit einem sauberen 2. Rechner eine OTLPE-CD erstellen und den infizierten Rechner dann von dieser CD booten:


Falls Du kein Brennprogramm installiert hast, lade dir bitte ISOBurner herunter. Das Programm wird Dir erlauben, OTLPE auf eine CD zu brennen und sie bootfähig zu machen. Du brauchst das Tool nur zu installieren, der Rest läuft automatisch => Wie brenne ich eine ISO Datei auf CD/DVD.
  • Lade OTLPENet.exe von OldTimer herunter und speichere sie auf Deinem Desktop. Anmerkung: Die Datei ist ca. 120 MB groß und es wird bei langsamer Internet-Verbindung ein wenig dauern, bis Du sie runtergeladen hast.
  • Wenn der Download fertig ist, mache einen Doppelklick auf die Datei und beantworte die Frage "Do you want to burn the CD?" mit Yes.
  • Lege eine leere CD in Deinen Brenner.
  • ImgBurn (oder Dein Brennprogramm) wird das Archiv extrahieren und OTLPE Network auf die CD brennen.
  • Wenn der Brenn-Vorgang abgeschlossen ist, wirst Du eine Dialogbox sehen => "Operation successfully completed".
  • Du kannst nun die Fenster des Brennprogramms schließen.
Nun boote von der OTLPE CD. Hinweis: Wie boote ich von CD
  • Dein System sollte nach einigen Minuten den REATOGO-X-PE Desktop anzeigen.
  • Mache einen Doppelklick auf das OTLPE Icon.
  • Hinweis: Damit OTLPE auch das richtige installierte Windows scant, musst du den Windows-Ordner des auf der Platte installierten Windows auswählen, einfach nur C: auswählen gibt einen Fehler!
  • Wenn Du gefragt wirst "Do you wish to load the remote registry", dann wähle Yes.
  • Wenn Du gefragt wirst "Do you wish to load remote user profile(s) for scanning", dann wähle Yes.
  • Vergewissere Dich, dass die Box "Automatically Load All Remaining Users" gewählt ist und drücke OK.
  • OTLpe sollte nun starten.
  • Drücke Run Scan, um den Scan zu starten.
  • Wenn der Scan fertig ist, werden die Dateien C:\OTL.Txt und C:\Extras.Txt erstellt
  • Kopiere diese Datei auf Deinen USB-Stick, wenn Du keine Internetverbindung auf diesem System hast.
  • Bitte poste den Inhalt von C:\OTL.Txt und Extras.Txt.
__________________

__________________

Alt 11.08.2012, 15:10   #3
Steirerbluat
 
Danke, Republik Österreich ;-( - Standard

Danke, Republik Österreich ;-(



Hy!
Danke vorerst für deine prompte Antwort und Hilfe!
Habs jetzt doch irgendwie geschafft, das Internet am Gastprofil zu aktivieren! Hab nun mit OTL gescannt wie es in der Anleitung steht, ich hoffe ich habs richtig gemacht, bzw. es ist vollständig! Es würde mich wahnsinnig freuen wenn ihr da was hilfreiches rauslesen könntet, bzw. ich diesen Miesling bald finden kann! ;-) Wie gesagt, anbei die Daten und nochmals herzlichen Dank inzwischen!OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 11.08.2012 15:24:43 - Run 1
OTL by OldTimer - Version 3.2.56.0     Folder = C:\Users\Gast\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3,92 Gb Total Physical Memory | 1,76 Gb Available Physical Memory | 45,00% Memory free
7,84 Gb Paging File | 5,54 Gb Available in Paging File | 70,70% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 455,66 Gb Total Space | 335,64 Gb Free Space | 73,66% Space Free | Partition Type: NTFS
Drive G: | 12,70 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: TAMARA-VAIO | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [CEWE FOTOBUCH Software] -- "C:\Program Files (x86)\CEWE\CEWE FOTOBUCH Software\CEWE FOTOBUCH Software.exe" "%1" ()
Directory [CEWE FOTOSCHAU] -- "C:\Program Files (x86)\CEWE\CEWE FOTOBUCH Software\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [CEWE FOTOBUCH Software] -- "C:\Program Files (x86)\CEWE\CEWE FOTOBUCH Software\CEWE FOTOBUCH Software.exe" "%1" ()
Directory [CEWE FOTOSCHAU] -- "C:\Program Files (x86)\CEWE\CEWE FOTOBUCH Software\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0868A5B8-6015-4E44-9647-AD016072CF8A}" = lport=445 | protocol=6 | dir=in | app=system | 
"{1365F75E-467A-4A44-9981-2694F6473FFD}" = lport=138 | protocol=17 | dir=in | app=system | 
"{1402DD15-E651-4E58-B463-2C7B57CDDFD7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{159DC213-B94D-432C-89FF-DC6BF8E93351}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{427D21A2-5826-43BF-86D1-9AA18E3889D6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{48C5F2C8-5F9B-4BBD-B878-CDD826B5C3D2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{49649D0E-512D-4806-9409-8714C32B0542}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{5EA237A2-805D-4FD9-A2EF-128A42D24A40}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | 
"{65167D53-A141-4730-83AD-B9C013CD617A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{68F3DF22-61A6-4803-A0EE-D7BFC8B901F1}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{7382EB5E-BD5E-4FAE-916B-A79F7B763E06}" = lport=137 | protocol=17 | dir=in | app=system | 
"{739C4B01-5759-44C0-AB7E-F7941274F1A7}" = rport=139 | protocol=6 | dir=out | app=system | 
"{7728389B-3CBD-481A-B3F0-32738F06EFDC}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{77F218F0-4FCA-4506-B810-901AD033D813}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{87945C25-0EE7-4E23-96AA-48DC58340DFF}" = rport=138 | protocol=17 | dir=out | app=system | 
"{91FDC1D8-6C54-430F-A87B-EFF062AFE025}" = rport=137 | protocol=17 | dir=out | app=system | 
"{9D109167-D049-4CAE-A29D-82DDA4B8503D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{AF0533FC-BF06-43B7-BD2A-7A19FBBFDBA7}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{AF7AF868-C885-4952-877D-7827F561797A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{AF8E5269-0344-4C41-BFD1-449446A53881}" = rport=445 | protocol=6 | dir=out | app=system | 
"{C54AAB43-C83F-4715-8FDB-0A3A8E750CCD}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{CA9E6F2E-918D-4EF2-9C2A-B3EA17D367D9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{CDE9FF93-C6D4-4779-9534-D4A3DB73F247}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{E30F2F0D-5128-43D0-862D-B00B7382F1AA}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{E3E28BB9-F150-42CB-9940-E7C9127E8CE0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{FAB40EC5-1007-46C8-A15E-832344FF001C}" = lport=139 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04E279E1-19B7-463F-AB28-26F8E1249A0C}" = protocol=6 | dir=in | app=c:\program files (x86)\a1\a1 installer\a1_broadband_installer.exe | 
"{20276C0D-9E7A-4AE0-8058-4F7FDD99A2A8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{2E8D63B4-A5A3-4C90-8F16-B42E27DE28ED}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{30F6B868-0096-4F0C-AD68-6543B8290781}" = protocol=17 | dir=in | app=c:\windows\syswow64\lxbvcoms.exe | 
"{385122E1-C92D-465A-BBEE-5B5F28575E14}" = protocol=17 | dir=in | app=c:\program files (x86)\a1\a1 installer\a1_broadband_installer.exe | 
"{38571F3D-31A3-4328-8105-2A7E36717D0F}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{3F46B315-231B-447C-B6F4-66E4180E5380}" = protocol=6 | dir=in | app=c:\windows\syswow64\lxbvcoms.exe | 
"{43746B63-2641-4D4F-BF69-C78C51F4167F}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{4CC5BB10-B14A-4572-A9AE-7D571434821B}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | 
"{50F206ED-1648-4DF4-80DE-2CC46258E409}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | 
"{61C5D9AF-657B-451A-A8EE-6338DBB10E1F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{6797E02A-F7D6-4CF2-8EB9-B2B3CD52F0E9}" = protocol=6 | dir=out | app=system | 
"{67BE339A-E579-49AE-9663-A9421F5CF7D2}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | 
"{6ADB6FDD-D044-480C-A816-E23A4CB6925B}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | 
"{6B9D0A3E-CA02-4397-9AFC-343EA85E5CC6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{71808A1E-8782-47AA-B7A9-4A3FE39381D7}" = protocol=6 | dir=in | app=c:\program files (x86)\a1\a1 installer\a1_broadband_installer.exe | 
"{72FB24C7-B1A6-417C-830A-297F74D70128}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{7850F3CF-FA98-47A0-B9FA-4603DD3A42C9}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe | 
"{7DC8F032-5534-4D1B-A931-60D85ACCAA8A}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{7FE83FAF-35A2-47E2-8053-4594715991AB}" = protocol=17 | dir=in | app=c:\program files (x86)\a1\a1 installer\a1_mobile_installer.exe | 
"{85F27AA8-8D2B-4682-89F8-B3A41FDB285F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{8B98898C-5322-49FF-AB6F-71AC76D6E935}" = dir=in | app=c:\program files (x86)\common files\mcafee\mna\mcnasvc.exe | 
"{8FCF6E7A-B3C5-4E4F-B4CC-3AA4553529AB}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{91B735C4-4922-4C64-B8F2-7FE5BA8C7678}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{94B8EDFF-A8A9-45E4-BE46-9ACB2578280F}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{9AD5198A-987B-46BB-A2AC-A89CC91C88E4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{9CC428FE-F437-4C3F-8120-CF6537516CA3}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{A21977B7-BA8A-44AE-A30F-46F262AC7757}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{A45FECBA-EC65-4DE1-A65F-639474E48828}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{AB774C3C-1728-43D5-AB44-A81969B8FC16}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{B483D4F9-4FE4-43FD-AE99-F77264E3EB71}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{C9F8CC6C-AD35-4BB8-A741-8D404AB71613}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{CD0206E0-CFB3-4D4F-AE73-663730F34A33}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{CEF8AE77-B146-44F3-B517-4EAD9C946A6A}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{D401E6A2-7050-42C5-BC4B-0BC505F8ADE6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{DB6FE497-3923-4AB2-80B6-2399B9074EAA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{E0114F6D-5022-4E90-B069-6A00FA411B14}" = protocol=17 | dir=in | app=c:\program files (x86)\a1\a1 installer\a1_broadband_installer.exe | 
"{E543C71E-BEFB-4541-B486-BC033502ECCF}" = protocol=6 | dir=in | app=c:\program files (x86)\a1\a1 installer\a1_mobile_installer.exe | 
"{E71EC2DB-E1A2-460B-AFDA-39132C762AEE}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{EAB5148C-2F7E-4A0E-9FDE-06B01FDC1F8D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{F2DCEA2A-9186-4DF0-97E9-546BF755D668}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{F7657CD7-C5EF-42D0-8A8A-2755AD101F9B}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{F770FA6A-7731-456E-AD86-6D54D5FC473E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{F9FA9DBA-EF1C-440A-BFB0-6C5CB8413997}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{FD797D24-78A5-46DB-9DF6-9077C395D498}" = protocol=58 | dir=in | app=system | 
"TCP Query User{5236DBE9-9CE2-42F3-AAB5-34A98784B749}C:\program files (x86)\symantec\norton online backup\nobuclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\symantec\norton online backup\nobuclient.exe | 
"UDP Query User{D32DEFFD-08C3-485F-938D-63DEBB426FD4}C:\program files (x86)\symantec\norton online backup\nobuclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\symantec\norton online backup\nobuclient.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series" = Canon MP550 series MP Drivers
"{17B77355-3934-4D0E-8FAC-C420482C8E7D}" = Windows Live Family Safety
"{26A24AE4-039D-4CA4-87B4-2F86416016FF}" = Java(TM) 6 Update 16 (64-bit)
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID-Anmelde-Assistent
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{CCAFF072-4DDB-4846-963D-15F02A8E9472}" = Intel(R) PROSet/Wireless WiFi-Software
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F83779DF-E1F5-43A2-A7BE-732F856FADB7}" = Microsoft SQL Server Compact 3.5 SP1 x64 English
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800)
"930E4792BDAEAFB62A9514EE7578775658A5D07C" = Windows Driver Package - Broadcom Bluetooth  (09/09/2009 6.2.0.9405)
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"ProInst" = Intel PROSet Wireless
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{12D0BE8D-538C-4AB1-86DE-C540308F50DA}" = VAIO Content Metadata Manager Settings
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = PMB VAIO Edition plug-in (VAIO Image Optimizer)
"{1E450972-E996-4EC1-A4C3-1518A46928D0}" = VAIO Content Metadata Intelligent Network Service Manager
"{1ED31028-6D65-4CFD-AD03-8E484A052FE7}" = aonUpdate
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{1FD416D0-CC16-41D1-A25C-C9986CD8BBAB}" = VAIO Content Metadata Intelligent Analyzing Manager
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{208345BE-27BB-4367-B245-A5B6E764FDD0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = Einstellungen für VAIO-Inhaltsüberwachung
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 30
"{291FB4BF-EEC7-4CF9-8469-F39ED1DBC4D8}" = VAIO Content Metadata XML Interface Library
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{34DC654E-6E43-4BFA-9E00-6C16CFA7B9F0}" = VAIO Data Restore Tool
"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
"{37531547-B1F4-45E6-98FC-8AF5F2F0EAA4}" = VAIO Content Metadata Manager Settings
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{4427F384-B5BE-4769-B7D0-C784FC321EB1}" = VAIO Content Metadata Intelligent Network Service Manager
"{4767A89A-F6A5-41B1-903C-734483739882}" = Highspeed-Internet-Installation
"{4882EBF5-CA37-4EF4-BCB8-9B0E78B907D0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc)
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update 5
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6D320CE8-79EB-4D45-8C6D-DEF74D84B49A}" = VAIO Window Organizer
"{6D8ED20E-E792-4DAC-BB66-009836CBD80B}" = VAIO Content Monitoring Settings
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{70991E0A-1108-437E-BA7D-085702C670C0}" = 
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7392AA60-133D-4761-94DB-8FBC9B6CD5EA}" = VAIO Content Metadata Intelligent Network Service Manager
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" = VAIO Energie Verwaltung
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{88C252C8-A7EE-4B60-BF74-8E5919A8048F}" = PMB VAIO Edition Guide
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BE514E8-4486-4730-8B68-FA15EEDC942E}" = Watchtower Library 2011 - Deutsch
"{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}" = iLivid
"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8FA63AA5-7138-4B6F-8404-F18835E2B8F4}" = Media Gallery
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" = 
"{96D8E26D-70CB-44DE-AE50-43095A39E5B2}" = VAIO Entertainment Platform
"{9B163B82-3B46-4CE5-BF01-A53E550A8E58}" = Sony Home Network Library
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DA53D22-D922-494C-B1D7-51CD9BCB9E4A}" = VAIO Hardware Diagnostics
"{A3563827-B0DB-44DC-B037-15CC4E5E692F}" = VAIO Content Metadata XML Interface Library
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Funktion Einstellungen
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A95187EF-BCF4-4468-B501-C0BAB976ADD1}" = VAIO Personalization Manager
"{AB259D46-F851-41B0-9AFA-AED8998AD68A}" = MusicStation
"{AC050677-EAFC-4B57-8F83-8205F65134D2}" = VAIO Content Metadata XML Interface Library
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{AD976243-75CB-4A2B-809F-8C9EC4292377}" = Mobiles Internet für unterwegs
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{AFFA5297-564F-404C-B9D9-CCFC78E4D405}" = A1 Breitband Unlimited Installer
"{B1DADBEB-7F82-4B29-84D6-5F14A020F0A0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{BCA907B6-5A0F-473E-8C63-0FF0CFAEB7B7}" = VAIO Personalization Manager
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}" = Sony Home Network Library
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{DD120B1C-AE3B-46B4-996F-665FD2720558}" = A1 Dashboard
"{DD88F979-FA58-41AC-980C-A6E1A82B61D9}" = Media Gallery
"{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E3DC1111-5D32-40F9-BB81-64E31294C1A4}" = VAIO Personalization Manager
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1432614-6183-49E6-98E8-674485463CFE}" = VAIO Original Function Settings
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" = 
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"3DataManager" = 3DataManager
"7-Zip" = 7-Zip 9.20
"A1 Breitband Unlimited Installer" = A1 Breitband Unlimited Installer
"A1 Dashboard" = A1 Dashboard
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"aonUpdate" = aonUpdate
"AVG Secure Search" = AVG Security Toolbar
"Avira AntiVir Desktop" = Avira Free Antivirus
"Canon MP550 series Benutzerregistrierung" = Canon MP550 series Benutzerregistrierung
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CEWE FOTOBUCH Software" = CEWE FOTOBUCH Software
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.5.3.920
"Free Audio CD to MP3 Converter_is1" = Free Audio CD to MP3 Converter version 1.3.12.1228
"Free Disc Burner_is1" = Free Disc Burner version 3.0.7.1228
"Free DVD Video Burner_is1" = Free DVD Video Burner version 3.1.3.1228
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.15.1228
"Google Chrome" = Google Chrome
"HappyFoto-Designer_is1" = HappyFoto-Designer 4.5
"Hauppauge WinTV 7" = Hauppauge WinTV 7
"Hauppauge WinTV Infrared Remote" = Hauppauge WinTV Infrared Remote
"Highspeed-Internet-Installation" = Highspeed-Internet-Installation
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"iLivid" = iLivid
"InstallShield_{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = PMB VAIO Edition plug-in (VAIO Image Optimizer)
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc)
"InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"InstallShield_{88C252C8-A7EE-4B60-BF74-8E5919A8048F}" = PMB VAIO Edition Guide
"InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"MarketingTools" = VAIO Marketing Tools
"McAfee Security Scan" = McAfee Security Scan Plus
"Megavideo Video Downloader_is1" = Megavideo Video Downloader 3.17
"Mobiles Internet für unterwegs" = Mobiles Internet für unterwegs
"Mozilla Firefox 12.0 (x86 de)" = Mozilla Firefox 12.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"MSC" = McAfee SecurityCenter
"Softonic_Deutsch Toolbar" = Softonic_Deutsch Toolbar
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"VAIO Help and Support" = 
"VAIO Premium Partners" = VAIO Premium Partners
"VAIO screensaver" = VAIO screensaver
"VLC media player" = VLC media player 1.0.5
"WinLiveSuite_Wave3" = Windows Live Essentials
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-325514483-1365890552-4157495871-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-325514483-1365890552-4157495871-501\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 13.06.2012 21:08:58 | Computer Name = ***-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 13.06.2012 21:08:58 | Computer Name = ***-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 19668544
 
Error - 13.06.2012 21:08:58 | Computer Name = ***-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 19668544
 
Error - 13.06.2012 21:08:59 | Computer Name = ***-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 13.06.2012 21:08:59 | Computer Name = ***-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 19669558
 
Error - 13.06.2012 21:08:59 | Computer Name = Tamara-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 19669558
 
Error - 13.06.2012 21:09:00 | Computer Name = ***-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 13.06.2012 21:09:00 | Computer Name = ***-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 19670556
 
Error - 13.06.2012 21:09:00 | Computer Name = ***-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 19670556
 
Error - 13.06.2012 21:09:01 | Computer Name = ***-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
[ System Events ]
Error - 11.08.2012 04:33:49 | Computer Name = ***-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Roxio Upnp Server 10 erreicht.
 
Error - 11.08.2012 04:34:06 | Computer Name = ***-VAIO | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Avira Browser Schutz" wurde mit folgendem dienstspezifischem
 Fehler beendet: %%2.
 
Error - 11.08.2012 04:38:09 | Computer Name = ***-VAIO | Source = DCOM | ID = 10010
Description = 
 
Error - 11.08.2012 04:40:10 | Computer Name = ***-VAIO | Source = DCOM | ID = 10016
Description = 
 
Error - 11.08.2012 04:41:12 | Computer Name = ***-VAIO | Source = DCOM | ID = 10016
Description = 
 
Error - 11.08.2012 04:45:09 | Computer Name = ***-VAIO | Source = DCOM | ID = 10016
Description = 
 
Error - 11.08.2012 05:03:14 | Computer Name = ***-VAIO | Source = DCOM | ID = 10010
Description = 
 
Error - 11.08.2012 06:15:12 | Computer Name = ***-VAIO | Source = DCOM | ID = 10016
Description = 
 
Error - 11.08.2012 08:08:30 | Computer Name = ***-VAIO | Source = DCOM | ID = 10016
Description = 
 
Error - 11.08.2012 09:19:22 | Computer Name = ***-VAIO | Source = DCOM | ID = 10016
Description = 
 
 
< End of report >
         
--- --- ---






OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 11.08.2012 15:24:43 - Run 1
OTL by OldTimer - Version 3.2.56.0     Folder = C:\Users\Gast\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3,92 Gb Total Physical Memory | 1,76 Gb Available Physical Memory | 45,00% Memory free
7,84 Gb Paging File | 5,54 Gb Available in Paging File | 70,70% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 455,66 Gb Total Space | 335,64 Gb Free Space | 73,66% Space Free | Partition Type: NTFS
Drive G: | 12,70 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: TAMARA-VAIO | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Gast\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_270.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe ()
PRC - C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
PRC - C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\McAfee Security Scan\3.0.271\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\3DataManager\3DataManager.exe (WebToGo Mobile Internet GmbH)
PRC - C:\Program Files (x86)\3DataManager\3DataManager_Launcher.exe ()
PRC - C:\Program Files (x86)\3DataManager\WTGService.exe ()
PRC - C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
PRC - C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\McAfee\MSK\MskSrver.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
PRC - C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe (Hauppauge Computer Works, Inc.)
PRC - C:\PROGRA~2\WinTV\TVServer\HAUPPA~1.EXE (Hauppauge Computer Works)
PRC - c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe (McAfee, Inc.)
PRC - c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
PRC - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\SiteSafety.dll ()
MOD - C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\3DataManager\WTGSMSPCClient.Dll ()
MOD - C:\Program Files (x86)\3DataManager\WtgCore.dll ()
MOD - C:\Program Files (x86)\3DataManager\WtgDriverInstall.dll ()
MOD - C:\Program Files (x86)\3DataManager\WtgBluetooth.dll ()
MOD - C:\Program Files (x86)\3DataManager\WtgDetection.dll ()
MOD - C:\Program Files (x86)\3DataManager\WtgDatabase.dll ()
MOD - C:\Program Files (x86)\3DataManager\WtgPorts.dll ()
MOD - C:\Program Files (x86)\3DataManager\WtgDialup.dll ()
MOD - C:\Program Files (x86)\3DataManager\WtgUtil.dll ()
MOD - C:\Program Files (x86)\3DataManager\3DataManager_Launcher.exe ()
MOD - C:\Program Files (x86)\3DataManager\PhoenixUtil.dll ()
MOD - C:\Program Files (x86)\3DataManager\LiveBoxCM.dll ()
MOD - C:\Program Files (x86)\3DataManager\WTGDriverInstallX.Dll ()
MOD - C:\Program Files (x86)\3DataManager\WtgWiFi.dll ()
MOD - C:\Program Files (x86)\3DataManager\WTGDebugs.dll ()
MOD - C:\Program Files (x86)\3DataManager\WTGXMLUtil.dll ()
MOD - C:\Program Files (x86)\3DataManager\WtgMobileBroadband7.dll ()
MOD - C:\PROGRA~2\WinTV\TVServer\HauppaugeTVServerps.dll ()
MOD - C:\Program Files (x86)\3DataManager\LIBEAY32.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\collsvc.exe (Intel Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (vToolbarUpdater11.2.0) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe ()
SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\3.0.271\McCHSvc.exe (McAfee, Inc.)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (WTGService) -- C:\Program Files (x86)\3DataManager\WTGService.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (NOBU) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation)
SRV - (mcmscsvc) -- C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
SRV - (VAIO Power Management) -- C:\Programme\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
SRV - (VAIO Event Service) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (VSNService) -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation)
SRV - (VUAgent) -- C:\Programme\Sony\VAIO Update 5\VUAgent.exe (Sony Corporation)
SRV - (MpfService) -- C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
SRV - (PMBDeviceInfoProvider) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
SRV - (SOHDms) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation)
SRV - (SOHPlMgr) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe (Sony Corporation)
SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
SRV - (SOHDBSvr) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe (Sony Corporation)
SRV - (IAANTMON) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
SRV - (MSK80Service) -- C:\Program Files (x86)\McAfee\MSK\MskSrver.exe (McAfee, Inc.)
SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (VcmIAlzMgr) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV - (VzCdbSvc) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
SRV - (VcmXmlIfHelper) -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation)
SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (VcmINSMgr) -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation)
SRV - (Roxio Upnp Server 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe (Sonic Solutions)
SRV - (Roxio UPnP Renderer 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe (Sonic Solutions)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (HauppaugeTVServer) -- C:\PROGRA~2\WinTV\TVServer\HAUPPA~1.EXE (Hauppauge Computer Works)
SRV - (McProxy) -- c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe (McAfee, Inc.)
SRV - (McNASvc) -- c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe (McAfee, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
SRV - (PSI_SVC_2) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (IviRegMgr) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (ZTEusbser6k) -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys (ZTE Incorporated)
DRV:64bit: - (ZTEusbnmea) -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys (ZTE Incorporated)
DRV:64bit: - (ZTEusbmdm6k) -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
DRV:64bit: - (massfilter) -- C:\Windows\SysNative\drivers\massfilter.sys (ZTE Incorporated)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (Netaapl) -- C:\Windows\SysNative\drivers\netaapl64.sys (Apple Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (rimspci) -- C:\Windows\SysNative\drivers\rimssne64.sys (REDC)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (risdsnpe) -- C:\Windows\SysNative\drivers\risdsne64.sys (REDC)
DRV:64bit: - (NETw5s64) -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation)
DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (NuidFltr) -- C:\Windows\SysNative\drivers\nuidfltr.sys (Microsoft Corporation)
DRV:64bit: - (MPFP) -- C:\Windows\SysNative\drivers\Mpfp.sys (McAfee, Inc.)
DRV:64bit: - (hcw95rc) -- C:\Windows\SysNative\drivers\hcw95rc.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (hcw95bda) -- C:\Windows\SysNative\drivers\hcw95bda.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (DCamUSBET) -- C:\Windows\SysNative\drivers\etDevice64.sys (eMPIA Technology, Inc.)
DRV:64bit: - (FiltUSBET) -- C:\Windows\SysNative\drivers\etFilter64.sys (eMPIA Technology Inc.)
DRV:64bit: - (ScanUSBET) -- C:\Windows\SysNative\drivers\etScan64.sys (eMPIA Technology, Inc.)
DRV:64bit: - (regi) -- C:\Windows\SysNative\drivers\regi.sys (InterVideo)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (regi) -- C:\Windows\SysWOW64\drivers\regi.sys (InterVideo)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files (x86)\Softonic_Deutsch\tbSof1.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1351351
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEC&bmod=EU01
IE - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1351351
IE - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\..\URLSearchHook: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files (x86)\Softonic_Deutsch\tbSof1.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\..\SearchScopes,DefaultScope = {D31670CF-1952-43A1-8456-F73ECEFD4429}
IE - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\..\SearchScopes\{115D34DF-E907-4B74-8D1C-0B5FCC17D246}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-0/4?satitle={searchTerms}
IE - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={16576C5A-EEFD-49BA-B36B-BFBFDBE1F661}&mid=94c4b2f6769a47d1a1e4d16df85384ef-d83bb3c6db8bd7b0263fd745038d2a08c1a7a290&lang=de&ds=tt015&pr=sa&d=2012-01-16 22:15:58&v=8.0.0.34&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1351351
IE - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\..\SearchScopes\{D31670CF-1952-43A1-8456-F73ECEFD4429}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SVEC_deAT370AT370
IE - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\..\SearchScopes\{E35FD7E1-B077-49DA-AC73-0DE09F890416}: "URL" = hxxp://www.zinio.com/search/index.jsp?s={searchTerms}&rf=sonyie8search
IE - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-325514483-1365890552-4157495871-501\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEC&bmod=EU01
IE - HKU\S-1-5-21-325514483-1365890552-4157495871-501\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-325514483-1365890552-4157495871-501\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=SVEC&bmod=EU01
IE - HKU\S-1-5-21-325514483-1365890552-4157495871-501\..\SearchScopes,DefaultScope = {79209EFD-949B-4BD8-BE03-6BDAB0AD50C8}
IE - HKU\S-1-5-21-325514483-1365890552-4157495871-501\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-325514483-1365890552-4157495871-501\..\SearchScopes\{475CDAC3-0566-433E-A524-8FD6546DBDFF}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-0/4?satitle={searchTerms}
IE - HKU\S-1-5-21-325514483-1365890552-4157495871-501\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-325514483-1365890552-4157495871-501\..\SearchScopes\{732A1105-6E6C-4D00-8F7C-D8BD51B5DC1F}: "URL" = hxxp://www.zinio.com/search/index.jsp?s={searchTerms}&rf=sonyie8search
IE - HKU\S-1-5-21-325514483-1365890552-4157495871-501\..\SearchScopes\{79209EFD-949B-4BD8-BE03-6BDAB0AD50C8}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SVEC
IE - HKU\S-1-5-21-325514483-1365890552-4157495871-501\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={16576C5A-EEFD-49BA-B36B-BFBFDBE1F661}&mid=94c4b2f6769a47d1a1e4d16df85384ef-d83bb3c6db8bd7b0263fd745038d2a08c1a7a290&lang=de&ds=tt015&pr=sa&d=2012-01-16 22:15:58&v=11.1.0.12&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-325514483-1365890552-4157495871-501\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_270.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\11.1.0.12\ [2012.08.11 01:45:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.16 20:49:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2011.12.24 14:50:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2012.05.14 21:21:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\4vebdmbk.default\extensions
[2012.02.10 19:25:27 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\4vebdmbk.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.01.16 23:16:11 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\4vebdmbk.default\extensions\avg@toolbar
[2012.07.16 20:50:15 | 000,000,000 | ---D | M] ("Ask Toolbar") -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\4vebdmbk.default\extensions\toolbar@ask.com
[2012.05.14 21:16:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.07.16 20:49:43 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.07.16 20:49:39 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.11 15:34:03 | 000,003,769 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012.07.16 20:49:39 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.07.16 20:49:39 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.16 20:49:39 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.16 20:49:39 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.16 20:49:39 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~2\mcafee\msk\MSKAPB~1.DLL ()
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Programme\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~2\mcafee\msk\mskapbho.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Softonic Deutsch Toolbar) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files (x86)\Softonic_Deutsch\tbSof1.dll (Conduit Ltd.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Softonic Deutsch Toolbar) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files (x86)\Softonic_Deutsch\tbSof1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3:64bit: - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\..\Toolbar\WebBrowser: (Softonic Deutsch Toolbar) - {8DBB6D8E-E4A6-4E3B-9753-AF78B226441C} - C:\Program Files (x86)\Softonic_Deutsch\tbSof1.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3:64bit: - HKU\S-1-5-21-325514483-1365890552-4157495871-501\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-325514483-1365890552-4157495871-501\..\Toolbar\WebBrowser: (Softonic Deutsch Toolbar) - {8DBB6D8E-E4A6-4E3B-9753-AF78B226441C} - C:\Program Files (x86)\Softonic_Deutsch\tbSof1.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-325514483-1365890552-4157495871-501\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [etMonitor] C:\Windows\etMon.exe (EMPIA Technology Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [McENUI] C:\PROGRA~2\McAfee\MHN\McENUI.exe /hide File not found
O4 - HKLM..\Run: [NortonOnlineBackup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe ()
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-325514483-1365890552-4157495871-1000..\Run: [WLanConn] C:\Users\***\AppData\Local\Microsoft\Windows\2222\WLanConn.exe ()
O4 - HKU\S-1-5-21-325514483-1365890552-4157495871-501..\Run: [BrowserChoice] "C:\Windows\System32\browserchoice.exe" /run File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000016 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx (WRC Class)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7E778A13-525C-422B-B8B2-74727DEC43B2}: NameServer = 213.94.78.17 213.94.78.16
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BB8C9484-BDD0-485F-9085-847F9BF303D0}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EA5849FE-886B-4D7C-AA0C-6E025BD39E5E}: DhcpNameServer = 213.94.78.16 213.94.78.17
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll ()
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.06.16 14:22:04 | 000,021,960 | R--- | M] () - G:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2008.06.16 18:14:06 | 000,000,057 | R--- | M] () - G:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{9ed46077-358e-11e1-9360-0024beb76d1c}\Shell - "" = AutoRun
O33 - MountPoints2\{9ed46077-358e-11e1-9360-0024beb76d1c}\Shell\AutoRun\command - "" = G:\.\Autorun.exe -- [2008.06.16 14:22:04 | 000,021,960 | R--- | M] ()
O33 - MountPoints2\{b6978acf-4e38-11df-8053-506313e9e5ed}\Shell - "" = AutoRun
O33 - MountPoints2\{b6978acf-4e38-11df-8053-506313e9e5ed}\Shell\AutoRun\command - "" = G:\Autorun.exe -- [2008.06.16 14:22:04 | 000,021,960 | R--- | M] ()
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\.\Autorun.exe -- [2008.06.16 14:22:04 | 000,021,960 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.08.10 12:09:28 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\ElevatedDiagnostics
[2012.08.10 10:49:05 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\hellomoto
[2012.08.06 20:44:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012.08.06 20:44:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012.08.04 10:03:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012.08.04 10:03:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip
[2012.07.16 20:49:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.07.16 20:49:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012.07.15 12:20:22 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Macromedia
[2012.07.14 13:02:47 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Watchtower
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.08.11 15:21:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.11 14:53:02 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.11 10:41:14 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.11 10:41:14 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.11 10:41:09 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.08.11 10:37:58 | 001,521,178 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.11 10:37:58 | 000,662,786 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.08.11 10:37:58 | 000,623,326 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.11 10:37:58 | 000,133,824 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.08.11 10:37:58 | 000,109,448 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.08.11 10:33:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.11 10:33:02 | 3156,807,680 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.11 10:32:30 | 000,052,695 | ---- | M] () -- C:\Windows\SysNative\Config.MPF
[2012.08.06 20:53:10 | 000,070,379 | ---- | M] () -- C:\Users\***\Desktop\guten-nacht-schrift-als-wandtattoo.jpg
[2012.08.06 20:44:33 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012.08.04 11:21:34 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.08.04 11:21:34 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.07.25 21:56:00 | 000,046,412 | ---- | M] () -- C:\test.xml
[2012.07.15 17:40:00 | 000,001,065 | ---- | M] () -- C:\Users\Public\Desktop\HappyFoto-Designer.lnk
[2012.07.15 01:00:00 | 000,000,372 | ---- | M] () -- C:\Windows\tasks\McDefragTask.job
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.08.06 21:32:18 | 000,070,379 | ---- | C] () -- C:\Users\***\Desktop\guten-nacht-schrift-als-wandtattoo.jpg
[2012.08.06 20:44:33 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012.08.06 20:44:33 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012.07.15 17:40:00 | 000,001,065 | ---- | C] () -- C:\Users\Public\Desktop\HappyFoto-Designer.lnk
[2012.06.24 20:29:02 | 001,541,588 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.01.04 13:30:53 | 001,224,704 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbvserv.dll
[2012.01.04 13:30:53 | 000,995,328 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbvusb1.dll
[2012.01.04 13:30:53 | 000,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbvhbn3.dll
[2012.01.04 13:30:53 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbvcomc.dll
[2012.01.04 13:30:53 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbvpmui.dll
[2012.01.04 13:30:53 | 000,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbvlmpm.dll
[2012.01.04 13:30:53 | 000,537,520 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbvcoms.exe
[2012.01.04 13:30:53 | 000,421,888 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbvcomm.dll
[2012.01.04 13:30:53 | 000,413,696 | ---- | C] () -- C:\Windows\SysWow64\lxbvutil.dll
[2012.01.04 13:30:53 | 000,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbvinpa.dll
[2012.01.04 13:30:53 | 000,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbviesc.dll
[2012.01.04 13:30:53 | 000,385,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbvih.exe
[2012.01.04 13:30:53 | 000,381,872 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbvcfg.exe
[2012.01.04 13:30:53 | 000,274,432 | ---- | C] () -- C:\Windows\SysWow64\LXBVinst.dll
[2012.01.04 13:30:53 | 000,181,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbvppls.exe
[2012.01.04 13:30:53 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbvprox.dll
[2012.01.04 13:30:53 | 000,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbvpplc.dll
[2011.11.10 21:49:14 | 000,017,408 | ---- | C] () -- C:\Users\***\AppData\Local\WebpageIcons.db
[2011.07.17 17:19:15 | 000,362,188 | ---- | C] () -- C:\Users\***\AppData\Roaming\mdbu.bin
[2010.03.25 17:18:01 | 000,000,000 | ---- | C] () -- C:\Users\***\AppData\Roaming\wklnhst.dat
[2010.03.13 18:23:03 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010.03.13 14:50:45 | 000,000,221 | ---- | C] () -- C:\ProgramData\MusicStation.xml

< End of report >
         
--- --- ---
__________________

Alt 11.08.2012, 15:23   #4
t'john
/// Helfer-Team
 
Danke, Republik Österreich ;-( - Standard

Danke, Republik Österreich ;-(



Fixen mit OTL

Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).

  • Deaktiviere etwaige Virenscanner wie Avira, Kaspersky etc.
  • Starte die OTL.exe.
    Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
  • Kopiere folgendes Skript in das Textfeld unterhalb von Benuterdefinierte Scans/Fixes:


Code:
ATTFilter
:OTL
PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe () 
SRV - (vToolbarUpdater11.2.0) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe () 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC 
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 
IE - HKLM\..\URLSearchHook: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files (x86)\Softonic_Deutsch\tbSof1.dll (Conduit Ltd.) 
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC 
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1351351 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\..\URLSearchHook: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files (x86)\Softonic_Deutsch\tbSof1.dll (Conduit Ltd.) 
IE - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\..\SearchScopes,DefaultScope = {D31670CF-1952-43A1-8456-F73ECEFD4429} 
IE - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC 
IE - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\..\SearchScopes\{115D34DF-E907-4B74-8D1C-0B5FCC17D246}: "URL" = http://rover.ebay.com/rover/1/707-37276-16609-0/4?satitle={searchTerms} 
IE - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 
IE - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={16576C5A-EEFD-49BA-B36B-BFBFDBE1F661}&mid=94c4b2f6769a47d1a1e4d16df85384ef-d83bb3c6db8bd7b0263fd745038d2a08c1a7a290&lang=de&ds=tt015&pr=sa&d=2012-01-16 22:15:58&v=8.0.0.34&sap=dsp&q={searchTerms} 
IE - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1351351 
IE - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\..\SearchScopes\{D31670CF-1952-43A1-8456-F73ECEFD4429}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SVEC_deAT370AT370 
IE - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\..\SearchScopes\{E35FD7E1-B077-49DA-AC73-0DE09F890416}: "URL" = http://www.zinio.com/search/index.jsp?s={searchTerms}&rf=sonyie8search 
IE - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\S-1-5-21-325514483-1365890552-4157495871-501\..\SearchScopes,DefaultScope = {79209EFD-949B-4BD8-BE03-6BDAB0AD50C8} 
IE - HKU\S-1-5-21-325514483-1365890552-4157495871-501\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC 
IE - HKU\S-1-5-21-325514483-1365890552-4157495871-501\..\SearchScopes\{475CDAC3-0566-433E-A524-8FD6546DBDFF}: "URL" = http://rover.ebay.com/rover/1/707-37276-16609-0/4?satitle={searchTerms} 
IE - HKU\S-1-5-21-325514483-1365890552-4157495871-501\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 
IE - HKU\S-1-5-21-325514483-1365890552-4157495871-501\..\SearchScopes\{732A1105-6E6C-4D00-8F7C-D8BD51B5DC1F}: "URL" = http://www.zinio.com/search/index.jsp?s={searchTerms}&rf=sonyie8search 
IE - HKU\S-1-5-21-325514483-1365890552-4157495871-501\..\SearchScopes\{79209EFD-949B-4BD8-BE03-6BDAB0AD50C8}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SVEC 
IE - HKU\S-1-5-21-325514483-1365890552-4157495871-501\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={16576C5A-EEFD-49BA-B36B-BFBFDBE1F661}&mid=94c4b2f6769a47d1a1e4d16df85384ef-d83bb3c6db8bd7b0263fd745038d2a08c1a7a290&lang=de&ds=tt015&pr=sa&d=2012-01-16 22:15:58&v=11.1.0.12&sap=dsp&q={searchTerms} 
IE - HKU\S-1-5-21-325514483-1365890552-4157495871-501\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
FF - user.js - File not found 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_270.dll File not found 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found 
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found 
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\11.1.0.12\ [2012.08.11 01:45:24 | 000,000,000 | ---D | M] 
[2012.01.16 23:16:11 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\4vebdmbk.default\extensions\avg@toolbar 
O3:64bit: - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) 
O3 - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\..\Toolbar\WebBrowser: (Softonic Deutsch Toolbar) - {8DBB6D8E-E4A6-4E3B-9753-AF78B226441C} - C:\Program Files (x86)\Softonic_Deutsch\tbSof1.dll (Conduit Ltd.) 
O3 - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) 
O3:64bit: - HKU\S-1-5-21-325514483-1365890552-4157495871-501\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) 
O3 - HKU\S-1-5-21-325514483-1365890552-4157495871-501\..\Toolbar\WebBrowser: (Softonic Deutsch Toolbar) - {8DBB6D8E-E4A6-4E3B-9753-AF78B226441C} - C:\Program Files (x86)\Softonic_Deutsch\tbSof1.dll (Conduit Ltd.) 
O3 - HKU\S-1-5-21-325514483-1365890552-4157495871-501\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) 
O4 - HKLM..\Run: [] File not found 
O4 - HKU\S-1-5-21-325514483-1365890552-4157495871-1000..\Run: [WLanConn] C:\Users\***\AppData\Local\Microsoft\Windows\2222\WLanConn.exe () 
O4 - HKU\S-1-5-21-325514483-1365890552-4157495871-501..\Run: [BrowserChoice] "C:\Windows\System32\browserchoice.exe" /run File not found 
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found 
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found 
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found 
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) 
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) 
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) 
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) 
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) 
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) 
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found 
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found 
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. 
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. 
O32 - HKLM CDRom: AutoRun - 1 
O32 - AutoRun File - [2008.06.16 14:22:04 | 000,021,960 | R--- | M] () - G:\Autorun.exe -- [ CDFS ] 
O32 - AutoRun File - [2008.06.16 18:14:06 | 000,000,057 | R--- | M] () - G:\Autorun.inf -- [ CDFS ] 
O33 - MountPoints2\{9ed46077-358e-11e1-9360-0024beb76d1c}\Shell - "" = AutoRun 
O33 - MountPoints2\{9ed46077-358e-11e1-9360-0024beb76d1c}\Shell\AutoRun\command - "" = G:\.\Autorun.exe -- [2008.06.16 14:22:04 | 000,021,960 | R--- | M] () 
O33 - MountPoints2\{b6978acf-4e38-11df-8053-506313e9e5ed}\Shell - "" = AutoRun 
O33 - MountPoints2\{b6978acf-4e38-11df-8053-506313e9e5ed}\Shell\AutoRun\command - "" = G:\Autorun.exe -- [2008.06.16 14:22:04 | 000,021,960 | R--- | M] () 
O33 - MountPoints2\G\Shell - "" = AutoRun 
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\.\Autorun.exe -- [2008.06.16 14:22:04 | 000,021,960 | R--- | M] () 
 
 
[2012.08.10 10:49:05 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\hellomoto 


[2012.07.16 20:50:15 | 000,000,000 | ---D | M] ("Ask Toolbar") -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\4vebdmbk.default\extensions\toolbar@ask.com 
[2012.08.11 15:21:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job 
[2012.08.11 14:53:02 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job 
[2012.08.11 10:41:14 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 
[2012.08.11 10:41:14 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 
[2012.08.11 10:41:09 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job 
[2012.07.15 01:00:00 | 000,000,372 | ---- | M] () -- C:\Windows\tasks\McDefragTask.job 

:Files

ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[emptyflash]
         
  • Schließe alle Programme.
  • Klicke auf den Fix Button.
  • Wenn OTL einen Neustart verlangt, bitte zulassen.
  • Kopiere den Inhalt des Logfiles hier in Code-Tags in Deinen Thread.
    Nachträglich kannst Du das Logfile hier einsehen => C:\_OTL\MovedFiles\<datum_nummer.log>

Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!
__________________
Mfg, t'john
Das TB unterstützen

Alt 11.08.2012, 15:42   #5
Steirerbluat
 
Danke, Republik Österreich ;-( - Standard

Danke, Republik Österreich ;-(



Error: Unable to interpret <OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 11.08.2012 15:24:43 - Run 1> in the current context!
Error: Unable to interpret <OTL by OldTimer - Version 3.2.56.0     Folder = C:\Users\Gast\Desktop> in the current context!
Error: Unable to interpret <64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation> in the current context!
Error: Unable to interpret <Internet Explorer (Version = 9.0.8112.16421)> in the current context!
Error: Unable to interpret <Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <3,92 Gb Total Physical Memory | 1,76 Gb Available Physical Memory | 45,00% Memory free> in the current context!
Error: Unable to interpret <7,84 Gb Paging File | 5,54 Gb Available in Paging File | 70,70% Paging File free> in the current context!
Error: Unable to interpret <Paging file location(s): ?:\pagefile.sys [binary data]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)> in the current context!
Error: Unable to interpret <Drive C: | 455,66 Gb Total Space | 335,64 Gb Free Space | 73,66% Space Free | Partition Type: NTFS> in the current context!
Error: Unable to interpret <Drive G: | 12,70 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Computer Name: TAMARA-VAIO | User Name: Tamara | Logged in as Administrator.> in the current context!
Error: Unable to interpret <Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans> in the current context!
Error: Unable to interpret <Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Processes (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <PRC - C:\Users\Gast\Desktop\OTL.exe (OldTimer Tools)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe (Avira Operations GmbH & Co. KG)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)> in the current context!
Error: Unable to interpret <PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_270.exe (Adobe Systems, Inc.)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe ()> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\AVG Secure Search\vprot.exe ()> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe (Avira Operations GmbH & Co. KG)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\McAfee Security Scan\3.0.271\SSScheduler.exe (McAfee, Inc.)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\3DataManager\3DataManager.exe (WebToGo Mobile Internet GmbH)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\3DataManager\3DataManager_Launcher.exe ()> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\3DataManager\WTGService.exe ()> in the current context!
Error: Unable to interpret <PRC - C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe (Sony Corporation)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe (Sony Corporation)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe (Sony Corporation)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\McAfee\MSK\MskSrver.exe (McAfee, Inc.)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe (Hauppauge Computer Works, Inc.)> in the current context!
Error: Unable to interpret <PRC - C:\PROGRA~2\WinTV\TVServer\HAUPPA~1.EXE (Hauppauge Computer Works)> in the current context!
Error: Unable to interpret <PRC - c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe (McAfee, Inc.)> in the current context!
Error: Unable to interpret <PRC - c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe (McAfee, Inc.)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Modules (No Company Name) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\SiteSafety.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Program Files (x86)\AVG Secure Search\vprot.exe ()> in the current context!
Error: Unable to interpret <MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Program Files (x86)\3DataManager\WTGSMSPCClient.Dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Program Files (x86)\3DataManager\WtgCore.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Program Files (x86)\3DataManager\WtgDriverInstall.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Program Files (x86)\3DataManager\WtgBluetooth.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Program Files (x86)\3DataManager\WtgDetection.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Program Files (x86)\3DataManager\WtgDatabase.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Program Files (x86)\3DataManager\WtgPorts.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Program Files (x86)\3DataManager\WtgDialup.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Program Files (x86)\3DataManager\WtgUtil.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Program Files (x86)\3DataManager\3DataManager_Launcher.exe ()> in the current context!
Error: Unable to interpret <MOD - C:\Program Files (x86)\3DataManager\PhoenixUtil.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Program Files (x86)\3DataManager\LiveBoxCM.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Program Files (x86)\3DataManager\WTGDriverInstallX.Dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Program Files (x86)\3DataManager\WtgWiFi.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Program Files (x86)\3DataManager\WTGDebugs.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Program Files (x86)\3DataManager\WTGXMLUtil.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Program Files (x86)\3DataManager\WtgMobileBroadband7.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\PROGRA~2\WinTV\TVServer\HauppaugeTVServerps.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Program Files (x86)\3DataManager\LIBEAY32.dll ()> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Win32 Services (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\collsvc.exe (Intel Corporation)> in the current context!
Error: Unable to interpret <SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)> in the current context!
Error: Unable to interpret <SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)> in the current context!
Error: Unable to interpret <SRV - (vToolbarUpdater11.2.0) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe ()> in the current context!
Error: Unable to interpret <SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)> in the current context!
Error: Unable to interpret <SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)> in the current context!
Error: Unable to interpret <SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)> in the current context!
Error: Unable to interpret <SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)> in the current context!
Error: Unable to interpret <SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\3.0.271\McCHSvc.exe (McAfee, Inc.)> in the current context!
Error: Unable to interpret <SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe (TuneUp Software)> in the current context!
Error: Unable to interpret <SRV - (WTGService) -- C:\Program Files (x86)\3DataManager\WTGService.exe ()> in the current context!
Error: Unable to interpret <SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <SRV - (NOBU) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation)> in the current context!
Error: Unable to interpret <SRV - (mcmscsvc) -- C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)> in the current context!
Error: Unable to interpret <SRV - (VAIO Power Management) -- C:\Programme\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)> in the current context!
Error: Unable to interpret <SRV - (VAIO Event Service) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe (Sony Corporation)> in the current context!
Error: Unable to interpret <SRV - (VSNService) -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation)> in the current context!
Error: Unable to interpret <SRV - (VUAgent) -- C:\Programme\Sony\VAIO Update 5\VUAgent.exe (Sony Corporation)> in the current context!
Error: Unable to interpret <SRV - (MpfService) -- C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)> in the current context!
Error: Unable to interpret <SRV - (PMBDeviceInfoProvider) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)> in the current context!
Error: Unable to interpret <SRV - (SOHDms) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation)> in the current context!
Error: Unable to interpret <SRV - (SOHPlMgr) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe (Sony Corporation)> in the current context!
Error: Unable to interpret <SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)> in the current context!
Error: Unable to interpret <SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)> in the current context!
Error: Unable to interpret <SRV - (SOHDBSvr) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe (Sony Corporation)> in the current context!
Error: Unable to interpret <SRV - (IAANTMON) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)> in the current context!
Error: Unable to interpret <SRV - (MSK80Service) -- C:\Program Files (x86)\McAfee\MSK\MskSrver.exe (McAfee, Inc.)> in the current context!
Error: Unable to interpret <SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)> in the current context!
Error: Unable to interpret <SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)> in the current context!
Error: Unable to interpret <SRV - (VcmIAlzMgr) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)> in the current context!
Error: Unable to interpret <SRV - (VzCdbSvc) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)> in the current context!
Error: Unable to interpret <SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)> in the current context!
Error: Unable to interpret <SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)> in the current context!
Error: Unable to interpret <SRV - (VcmXmlIfHelper) -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation)> in the current context!
Error: Unable to interpret <SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)> in the current context!
Error: Unable to interpret <SRV - (VcmINSMgr) -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation)> in the current context!
Error: Unable to interpret <SRV - (Roxio Upnp Server 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe (Sonic Solutions)> in the current context!
Error: Unable to interpret <SRV - (Roxio UPnP Renderer 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe (Sonic Solutions)> in the current context!
Error: Unable to interpret <SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)> in the current context!
Error: Unable to interpret <SRV - (HauppaugeTVServer) -- C:\PROGRA~2\WinTV\TVServer\HAUPPA~1.EXE (Hauppauge Computer Works)> in the current context!
Error: Unable to interpret <SRV - (McProxy) -- c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe (McAfee, Inc.)> in the current context!
Error: Unable to interpret <SRV - (McNASvc) -- c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe (McAfee, Inc.)> in the current context!
Error: Unable to interpret <SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)> in the current context!
Error: Unable to interpret <SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)> in the current context!
Error: Unable to interpret <SRV - (PSI_SVC_2) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)> in the current context!
Error: Unable to interpret <SRV - (IviRegMgr) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Driver Services (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)> in the current context!
Error: Unable to interpret <DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)> in the current context!
Error: Unable to interpret <DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (ZTEusbser6k) -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys (ZTE Incorporated)> in the current context!
Error: Unable to interpret <DRV:64bit: - (ZTEusbnmea) -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys (ZTE Incorporated)> in the current context!
Error: Unable to interpret <DRV:64bit: - (ZTEusbmdm6k) -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)> in the current context!
Error: Unable to interpret <DRV:64bit: - (massfilter) -- C:\Windows\SysNative\drivers\massfilter.sys (ZTE Incorporated)> in the current context!
Error: Unable to interpret <DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)> in the current context!
Error: Unable to interpret <DRV:64bit: - (Netaapl) -- C:\Windows\SysNative\drivers\netaapl64.sys (Apple Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)> in the current context!
Error: Unable to interpret <DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)> in the current context!
Error: Unable to interpret <DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)> in the current context!
Error: Unable to interpret <DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (rimspci) -- C:\Windows\SysNative\drivers\rimssne64.sys (REDC)> in the current context!
Error: Unable to interpret <DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (risdsnpe) -- C:\Windows\SysNative\drivers\risdsne64.sys (REDC)> in the current context!
Error: Unable to interpret <DRV:64bit: - (NETw5s64) -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)> in the current context!
Error: Unable to interpret <DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)> in the current context!
Error: Unable to interpret <DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)> in the current context!
Error: Unable to interpret <DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (NuidFltr) -- C:\Windows\SysNative\drivers\nuidfltr.sys (Microsoft Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (MPFP) -- C:\Windows\SysNative\drivers\Mpfp.sys (McAfee, Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (hcw95rc) -- C:\Windows\SysNative\drivers\hcw95rc.sys (Hauppauge Computer Works, Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (hcw95bda) -- C:\Windows\SysNative\drivers\hcw95bda.sys (Hauppauge Computer Works, Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (DCamUSBET) -- C:\Windows\SysNative\drivers\etDevice64.sys (eMPIA Technology, Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (FiltUSBET) -- C:\Windows\SysNative\drivers\etFilter64.sys (eMPIA Technology Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (ScanUSBET) -- C:\Windows\SysNative\drivers\etScan64.sys (eMPIA Technology, Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (regi) -- C:\Windows\SysNative\drivers\regi.sys (InterVideo)> in the current context!
Error: Unable to interpret <DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys (TuneUp Software)> in the current context!
Error: Unable to interpret <DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)> in the current context!
Error: Unable to interpret <DRV - (regi) -- C:\Windows\SysWOW64\drivers\regi.sys (InterVideo)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Standard Registry (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Internet Explorer ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}> in the current context!
Error: Unable to interpret <IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC> in the current context!
Error: Unable to interpret <IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7> in the current context!
Error: Unable to interpret <IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm> in the current context!
Error: Unable to interpret <IE - HKLM\..\URLSearchHook: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files (x86)\Softonic_Deutsch\tbSof1.dll (Conduit Ltd.)> in the current context!
Error: Unable to interpret <IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}> in the current context!
Error: Unable to interpret <IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC> in the current context!
Error: Unable to interpret <IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7> in the current context!
Error: Unable to interpret <IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1351351> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEC&bmod=EU01> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1351351> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\..\URLSearchHook: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files (x86)\Softonic_Deutsch\tbSof1.dll (Conduit Ltd.)> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\..\SearchScopes,DefaultScope = {D31670CF-1952-43A1-8456-F73ECEFD4429}> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\..\SearchScopes\{115D34DF-E907-4B74-8D1C-0B5FCC17D246}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-0/4?satitle={searchTerms}> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={16576C5A-EEFD-49BA-B36B-BFBFDBE1F661}&mid=94c4b2f6769a47d1a1e4d16df85384ef-d83bb3c6db8bd7b0263fd745038d2a08c1a7a290&lang=de&ds=tt015&pr=sa&d=2012-01-16 22:15:58&v=8.0.0.34&sap=dsp&q={searchTerms}> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1351351> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\..\SearchScopes\{D31670CF-1952-43A1-8456-F73ECEFD4429}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SVEC_deAT370AT370> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\..\SearchScopes\{E35FD7E1-B077-49DA-AC73-0DE09F890416}: "URL" = hxxp://www.zinio.com/search/index.jsp?s={searchTerms}&rf=sonyie8search> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-325514483-1365890552-4157495871-501\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEC&bmod=EU01> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-325514483-1365890552-4157495871-501\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-325514483-1365890552-4157495871-501\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=SVEC&bmod=EU01> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-325514483-1365890552-4157495871-501\..\SearchScopes,DefaultScope = {79209EFD-949B-4BD8-BE03-6BDAB0AD50C8}> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-325514483-1365890552-4157495871-501\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-325514483-1365890552-4157495871-501\..\SearchScopes\{475CDAC3-0566-433E-A524-8FD6546DBDFF}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-0/4?satitle={searchTerms}> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-325514483-1365890552-4157495871-501\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-325514483-1365890552-4157495871-501\..\SearchScopes\{732A1105-6E6C-4D00-8F7C-D8BD51B5DC1F}: "URL" = hxxp://www.zinio.com/search/index.jsp?s={searchTerms}&rf=sonyie8search> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-325514483-1365890552-4157495871-501\..\SearchScopes\{79209EFD-949B-4BD8-BE03-6BDAB0AD50C8}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SVEC> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-325514483-1365890552-4157495871-501\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={16576C5A-EEFD-49BA-B36B-BFBFDBE1F661}&mid=94c4b2f6769a47d1a1e4d16df85384ef-d83bb3c6db8bd7b0263fd745038d2a08c1a7a290&lang=de&ds=tt015&pr=sa&d=2012-01-16 22:15:58&v=11.1.0.12&sap=dsp&q={searchTerms}> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-325514483-1365890552-4157495871-501\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== FireFox ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <FF - user.js - File not found> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_270.dll File not found> in the current context!
Error: Unable to interpret <FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll ()> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll ()> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\11.1.0.12\ [2012.08.11 01:45:24 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.16 20:49:43 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2011.12.24 14:50:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tamara\AppData\Roaming\mozilla\Extensions> in the current context!
Error: Unable to interpret <[2012.05.14 21:21:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tamara\AppData\Roaming\mozilla\Firefox\Profiles\4vebdmbk.default\extensions> in the current context!
Error: Unable to interpret <[2012.02.10 19:25:27 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Tamara\AppData\Roaming\mozilla\Firefox\Profiles\4vebdmbk.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}> in the current context!
Error: Unable to interpret <[2012.01.16 23:16:11 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\Users\Tamara\AppData\Roaming\mozilla\Firefox\Profiles\4vebdmbk.default\extensions\avg@toolbar> in the current context!
Error: Unable to interpret <[2012.07.16 20:50:15 | 000,000,000 | ---D | M] ("Ask Toolbar") -- C:\Users\Tamara\AppData\Roaming\mozilla\Firefox\Profiles\4vebdmbk.default\extensions\toolbar@ask.com> in the current context!
Error: Unable to interpret <[2012.05.14 21:16:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions> in the current context!
Error: Unable to interpret <[2012.07.16 20:49:43 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll> in the current context!
Error: Unable to interpret <[2012.07.16 20:49:39 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml> in the current context!
Error: Unable to interpret <[2012.07.11 15:34:03 | 000,003,769 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml> in the current context!
Error: Unable to interpret <[2012.07.16 20:49:39 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml> in the current context!
Error: Unable to interpret <[2012.07.16 20:49:39 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml> in the current context!
Error: Unable to interpret <[2012.07.16 20:49:39 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml> in the current context!
Error: Unable to interpret <[2012.07.16 20:49:39 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml> in the current context!
Error: Unable to interpret <[2012.07.16 20:49:39 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts> in the current context!
Error: Unable to interpret <O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~2\mcafee\msk\MSKAPB~1.DLL ()> in the current context!
Error: Unable to interpret <O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Programme\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O2:64bit: - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)> in the current context!
Error: Unable to interpret <O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~2\mcafee\msk\mskapbho.dll ()> in the current context!
Error: Unable to interpret <O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)> in the current context!
Error: Unable to interpret <O2 - BHO: (Softonic Deutsch Toolbar) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files (x86)\Softonic_Deutsch\tbSof1.dll (Conduit Ltd.)> in the current context!
Error: Unable to interpret <O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll ()> in the current context!
Error: Unable to interpret <O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)> in the current context!
Error: Unable to interpret <O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)> in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (Softonic Deutsch Toolbar) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files (x86)\Softonic_Deutsch\tbSof1.dll (Conduit Ltd.)> in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll ()> in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)> in the current context!
Error: Unable to interpret <O3:64bit: - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)> in the current context!
Error: Unable to interpret <O3 - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\..\Toolbar\WebBrowser: (Softonic Deutsch Toolbar) - {8DBB6D8E-E4A6-4E3B-9753-AF78B226441C} - C:\Program Files (x86)\Softonic_Deutsch\tbSof1.dll (Conduit Ltd.)> in the current context!
Error: Unable to interpret <O3 - HKU\S-1-5-21-325514483-1365890552-4157495871-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)> in the current context!
Error: Unable to interpret <O3:64bit: - HKU\S-1-5-21-325514483-1365890552-4157495871-501\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)> in the current context!
Error: Unable to interpret <O3 - HKU\S-1-5-21-325514483-1365890552-4157495871-501\..\Toolbar\WebBrowser: (Softonic Deutsch Toolbar) - {8DBB6D8E-E4A6-4E3B-9753-AF78B226441C} - C:\Program Files (x86)\Softonic_Deutsch\tbSof1.dll (Conduit Ltd.)> in the current context!
Error: Unable to interpret <O3 - HKU\S-1-5-21-325514483-1365890552-4157495871-501\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)> in the current context!
Error: Unable to interpret <O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)> in the current context!
Error: Unable to interpret <O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)> in the current context!
Error: Unable to interpret <O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)> in the current context!
Error: Unable to interpret <O4:64bit: - HKLM..\Run: [etMonitor] C:\Windows\etMon.exe (EMPIA Technology Corporation)> in the current context!
Error: Unable to interpret <O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)> in the current context!
Error: Unable to interpret <O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)> in the current context!
Error: Unable to interpret <O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: []  File not found> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [mcagent_exe] C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [McENUI] C:\PROGRA~2\McAfee\MHN\McENUI.exe /hide File not found> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [NortonOnlineBackup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe ()> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-21-325514483-1365890552-4157495871-1000..\Run: [WLanConn] C:\Users\***\AppData\Local\Microsoft\Windows\2222\WLanConn.exe ()> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-21-325514483-1365890552-4157495871-501..\Run: [BrowserChoice] "C:\Windows\System32\browserchoice.exe" /run File not found> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3> in the current context!
Error: Unable to interpret <O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()> in the current context!
Error: Unable to interpret <O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()> in the current context!
Error: Unable to interpret <O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found> in the current context!
Error: Unable to interpret <O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()> in the current context!
Error: Unable to interpret <O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()> in the current context!
Error: Unable to interpret <O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()> in the current context!
Error: Unable to interpret <O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found> in the current context!
Error: Unable to interpret <O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()> in the current context!
Error: Unable to interpret <O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()> in the current context!
Error: Unable to interpret <O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()> in the current context!
Error: Unable to interpret <O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()> in the current context!
Error: Unable to interpret <O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()> in the current context!
Error: Unable to interpret <O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)> in the current context!
Error: Unable to interpret <O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)> in the current context!
Error: Unable to interpret <O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)> in the current context!
Error: Unable to interpret <O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)> in the current context!
Error: Unable to interpret <O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)> in the current context!
Error: Unable to interpret <O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)> in the current context!
Error: Unable to interpret <O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)> in the current context!
Error: Unable to interpret <O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000016 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)> in the current context!
Error: Unable to interpret <O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)> in the current context!
Error: Unable to interpret <O1364bit: - gopher Prefix: missing> in the current context!
Error: Unable to interpret <O13 - gopher Prefix: missing> in the current context!
Error: Unable to interpret <O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)> in the current context!
Error: Unable to interpret <O16:64bit: - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)> in the current context!
Error: Unable to interpret <O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)> in the current context!
Error: Unable to interpret <O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)> in the current context!
Error: Unable to interpret <O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx (WRC Class)> in the current context!
Error: Unable to interpret <O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)> in the current context!
Error: Unable to interpret <O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)> in the current context!
Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7E778A13-525C-422B-B8B2-74727DEC43B2}: NameServer = 213.94.78.17 213.94.78.16> in the current context!
Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BB8C9484-BDD0-485F-9085-847F9BF303D0}: DhcpNameServer = 10.0.0.138> in the current context!
Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EA5849FE-886B-4D7C-AA0C-6E025BD39E5E}: DhcpNameServer = 213.94.78.16 213.94.78.17> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Handler\livecall - No CLSID value found> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Handler\ms-help - No CLSID value found> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Handler\msnim - No CLSID value found> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found> in the current context!
Error: Unable to interpret <O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll ()> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found> in the current context!
Error: Unable to interpret <O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found> in the current context!
Error: Unable to interpret <O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)> in the current context!
Error: Unable to interpret <O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.> in the current context!
Error: Unable to interpret <O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.> in the current context!
Error: Unable to interpret <O32 - HKLM CDRom: AutoRun - 1> in the current context!
Error: Unable to interpret <O32 - AutoRun File - [2008.06.16 14:22:04 | 000,021,960 | R--- | M] () - G:\Autorun.exe -- [ CDFS ]> in the current context!
Error: Unable to interpret <O32 - AutoRun File - [2008.06.16 18:14:06 | 000,000,057 | R--- | M] () - G:\Autorun.inf -- [ CDFS ]> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{9ed46077-358e-11e1-9360-0024beb76d1c}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{9ed46077-358e-11e1-9360-0024beb76d1c}\Shell\AutoRun\command - "" = G:\.\Autorun.exe -- [2008.06.16 14:22:04 | 000,021,960 | R--- | M] ()> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{b6978acf-4e38-11df-8053-506313e9e5ed}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{b6978acf-4e38-11df-8053-506313e9e5ed}\Shell\AutoRun\command - "" = G:\Autorun.exe -- [2008.06.16 14:22:04 | 000,021,960 | R--- | M] ()> in the current context!
Error: Unable to interpret <O33 - MountPoints2\G\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\.\Autorun.exe -- [2008.06.16 14:22:04 | 000,021,960 | R--- | M] ()> in the current context!
Error: Unable to interpret <O34 - HKLM BootExecute: (autocheck autochk *)> in the current context!
Error: Unable to interpret <O35:64bit: - HKLM\..comfile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <O35:64bit: - HKLM\..exefile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <O35 - HKLM\..comfile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <O35 - HKLM\..exefile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*> in the current context!
Error: Unable to interpret <O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*> in the current context!
Error: Unable to interpret <O37 - HKLM\...com [@ = comfile] -- "%1" %*> in the current context!
Error: Unable to interpret <O37 - HKLM\...exe [@ = exefile] -- "%1" %*> in the current context!
Error: Unable to interpret <O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)> in the current context!
Error: Unable to interpret <O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)> in the current context!
Error: Unable to interpret <O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Files/Folders - Created Within 30 Days ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2012.08.10 12:09:28 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\ElevatedDiagnostics> in the current context!
Error: Unable to interpret <[2012.08.10 10:49:05 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\hellomoto> in the current context!
Error: Unable to interpret <[2012.08.06 20:44:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe> in the current context!
Error: Unable to interpret <[2012.08.06 20:44:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe> in the current context!
Error: Unable to interpret <[2012.08.04 10:03:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip> in the current context!
Error: Unable to interpret <[2012.08.04 10:03:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip> in the current context!
Error: Unable to interpret <[2012.07.16 20:49:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla> in the current context!
Error: Unable to interpret <[2012.07.16 20:49:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service> in the current context!
Error: Unable to interpret <[2012.07.15 12:20:22 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Macromedia> in the current context!
Error: Unable to interpret <[2012.07.14 13:02:47 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Watchtower> in the current context!
Error: Unable to interpret <[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Files - Modified Within 30 Days ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2012.08.11 15:21:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job> in the current context!
Error: Unable to interpret <[2012.08.11 14:53:02 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job> in the current context!
Error: Unable to interpret <[2012.08.11 10:41:14 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0> in the current context!
Error: Unable to interpret <[2012.08.11 10:41:14 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0> in the current context!
Error: Unable to interpret <[2012.08.11 10:41:09 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job> in the current context!
Error: Unable to interpret <[2012.08.11 10:37:58 | 001,521,178 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI> in the current context!
Error: Unable to interpret <[2012.08.11 10:37:58 | 000,662,786 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat> in the current context!
Error: Unable to interpret <[2012.08.11 10:37:58 | 000,623,326 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat> in the current context!
Error: Unable to interpret <[2012.08.11 10:37:58 | 000,133,824 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat> in the current context!
Error: Unable to interpret <[2012.08.11 10:37:58 | 000,109,448 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat> in the current context!
Error: Unable to interpret <[2012.08.11 10:33:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat> in the current context!
Error: Unable to interpret <[2012.08.11 10:33:02 | 3156,807,680 | -HS- | M] () -- C:\hiberfil.sys> in the current context!
Error: Unable to interpret <[2012.08.11 10:32:30 | 000,052,695 | ---- | M] () -- C:\Windows\SysNative\Config.MPF> in the current context!
Error: Unable to interpret <[2012.08.06 20:53:10 | 000,070,379 | ---- | M] () -- C:\Users\***\Desktop\guten-nacht-schrift-als-wandtattoo.jpg> in the current context!
Error: Unable to interpret <[2012.08.06 20:44:33 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk> in the current context!
Error: Unable to interpret <[2012.08.04 11:21:34 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe> in the current context!
Error: Unable to interpret <[2012.08.04 11:21:34 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl> in the current context!
Error: Unable to interpret <[2012.07.25 21:56:00 | 000,046,412 | ---- | M] () -- C:\test.xml> in the current context!
Error: Unable to interpret <[2012.07.15 17:40:00 | 000,001,065 | ---- | M] () -- C:\Users\Public\Desktop\HappyFoto-Designer.lnk> in the current context!
Error: Unable to interpret <[2012.07.15 01:00:00 | 000,000,372 | ---- | M] () -- C:\Windows\tasks\McDefragTask.job> in the current context!
Error: Unable to interpret <[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Files Created - No Company Name ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2012.08.06 21:32:18 | 000,070,379 | ---- | C] () -- C:\Users\***\Desktop\guten-nacht-schrift-als-wandtattoo.jpg> in the current context!
Error: Unable to interpret <[2012.08.06 20:44:33 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk> in the current context!
Error: Unable to interpret <[2012.08.06 20:44:33 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk> in the current context!
Error: Unable to interpret <[2012.07.15 17:40:00 | 000,001,065 | ---- | C] () -- C:\Users\Public\Desktop\HappyFoto-Designer.lnk> in the current context!
Error: Unable to interpret <[2012.06.24 20:29:02 | 001,541,588 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI> in the current context!
Error: Unable to interpret <[2012.01.04 13:30:53 | 001,224,704 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbvserv.dll> in the current context!
Error: Unable to interpret <[2012.01.04 13:30:53 | 000,995,328 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbvusb1.dll> in the current context!
Error: Unable to interpret <[2012.01.04 13:30:53 | 000,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbvhbn3.dll> in the current context!
Error: Unable to interpret <[2012.01.04 13:30:53 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbvcomc.dll> in the current context!
Error: Unable to interpret <[2012.01.04 13:30:53 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbvpmui.dll> in the current context!
Error: Unable to interpret <[2012.01.04 13:30:53 | 000,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbvlmpm.dll> in the current context!
Error: Unable to interpret <[2012.01.04 13:30:53 | 000,537,520 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbvcoms.exe> in the current context!
Error: Unable to interpret <[2012.01.04 13:30:53 | 000,421,888 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbvcomm.dll> in the current context!
Error: Unable to interpret <[2012.01.04 13:30:53 | 000,413,696 | ---- | C] () -- C:\Windows\SysWow64\lxbvutil.dll> in the current context!
Error: Unable to interpret <[2012.01.04 13:30:53 | 000,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbvinpa.dll> in the current context!
Error: Unable to interpret <[2012.01.04 13:30:53 | 000,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbviesc.dll> in the current context!
Error: Unable to interpret <[2012.01.04 13:30:53 | 000,385,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbvih.exe> in the current context!
Error: Unable to interpret <[2012.01.04 13:30:53 | 000,381,872 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbvcfg.exe> in the current context!
Error: Unable to interpret <[2012.01.04 13:30:53 | 000,274,432 | ---- | C] () -- C:\Windows\SysWow64\LXBVinst.dll> in the current context!
Error: Unable to interpret <[2012.01.04 13:30:53 | 000,181,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbvppls.exe> in the current context!
Error: Unable to interpret <[2012.01.04 13:30:53 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbvprox.dll> in the current context!
Error: Unable to interpret <[2012.01.04 13:30:53 | 000,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbvpplc.dll> in the current context!
Error: Unable to interpret <[2011.11.10 21:49:14 | 000,017,408 | ---- | C] () -- C:\Users\***\AppData\Local\WebpageIcons.db> in the current context!
Error: Unable to interpret <[2011.07.17 17:19:15 | 000,362,188 | ---- | C] () -- C:\Users\***\AppData\Roaming\mdbu.bin> in the current context!
Error: Unable to interpret <[2010.03.25 17:18:01 | 000,000,000 | ---- | C] () -- C:\Users\***\AppData\Roaming\wklnhst.dat> in the current context!
Error: Unable to interpret <[2010.03.13 18:23:03 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys> in the current context!
Error: Unable to interpret <[2010.03.13 14:50:45 | 000,000,221 | ---- | C] () -- C:\ProgramData\MusicStation.xml> in the current context!
Error: Unable to interpret << End of report >
         
--- --- ---
> in the current context!

OTL by OldTimer - Version 3.2.56.0 log created on 08112012_163847


Alt 11.08.2012, 16:51   #6
t'john
/// Helfer-Team
 
Danke, Republik Österreich ;-( - Standard

Danke, Republik Österreich ;-(



Falsch, du musst den FIX reinkopieren!

Nochmal!
__________________
--> Danke, Republik Österreich ;-(

Alt 09.09.2012, 02:40   #7
t'john
/// Helfer-Team
 
Danke, Republik Österreich ;-( - Standard

Danke, Republik Österreich ;-(



Fehlende Rückmeldung

Gibt es Probleme beim Abarbeiten obiger Anleitung?

Um Kapazitäten für andere Hilfesuchende freizumachen, lösche ich dieses Thema aus meinen Benachrichtigungen.

Solltest Du weitermachen wollen, schreibe mir eine PN oder eröffne ein neues Thema.
http://www.trojaner-board.de/69886-a...-beachten.html


Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner sauber ist.
__________________
Mfg, t'john
Das TB unterstützen

Antwort

Themen zu Danke, Republik Österreich ;-(
besser, beste, besten, ccleaner, downloaden, eingabeaufforderung, erwischt, folge, forum, google, heute, infizierte, internet, leute, malwarebytes, modus, neu, nicht mehr, nicht öffnen, nichts, online, regedit, software, stick, windows, öffnen



Ähnliche Themen: Danke, Republik Österreich ;-(


  1. BKA TROJANER: Der Computer ist für die Verletzung der Gesetze der Republik Österreich blockiert worden
    Plagegeister aller Art und deren Bekämpfung - 17.10.2012 (3)
  2. Trojaner; Die Benützung des Cumputers wurde durch die Republik Österreich blockiert....
    Plagegeister aller Art und deren Bekämpfung - 27.09.2012 (2)
  3. BKA TROJANER _ Der Computer ist für die Verletzung der Gesetze der Republik Österreich blockiert worden
    Log-Analyse und Auswertung - 26.09.2012 (2)
  4. Der Computer ist für die Verletzung der Gesetze der Republik Österreich gesperrt worden
    Log-Analyse und Auswertung - 20.09.2012 (6)
  5. Der Computer ist für die Verletzung der Gesetze der Republik Österreich blockiert worden
    Log-Analyse und Auswertung - 19.09.2012 (3)
  6. Der Computer ist für die Verletzung der Gesetze der Republik Österreich blockiert worden
    Log-Analyse und Auswertung - 15.09.2012 (20)
  7. BKA Trojaner? - der computer ist für die verletzung der gesetze der republik österreich gesperrt
    Plagegeister aller Art und deren Bekämpfung - 11.09.2012 (15)
  8. Der Computer ist für die Verletzung der Gesetze der Republik Österreich blockiert worden
    Log-Analyse und Auswertung - 09.09.2012 (10)
  9. Der Computer ist für die Verletzung der Gesetze der Republik Österreich blockiert worden
    Plagegeister aller Art und deren Bekämpfung - 09.09.2012 (2)
  10. Trojaner Republik Österreich sperrt den Computer - 100€ Zahlungsforderung
    Log-Analyse und Auswertung - 06.09.2012 (5)
  11. Der Computer ist für die Verletzung der Gesetze der Republik Österreich blockiert worden
    Plagegeister aller Art und deren Bekämpfung - 23.08.2012 (3)
  12. Verletzung der Gesetze der Republik Österreich
    Plagegeister aller Art und deren Bekämpfung - 19.08.2012 (2)
  13. Bitte um rasche Hilfe: Das Betriebssystem wurde im Zusammenhang mit Verstoß gegen die Gesetze der Republik Österreich gesperrt...
    Plagegeister aller Art und deren Bekämpfung - 19.08.2012 (15)
  14. Der Computer ist für die Verletzung der Gesetze der Republik Österreich gesperrt worden.
    Log-Analyse und Auswertung - 14.08.2012 (11)
  15. Der Computer ist für die Verletzung der Gesetze der Republik Österreich gesperrt worden.
    Log-Analyse und Auswertung - 11.08.2012 (2)
  16. der computer ist für die verletzung der gesetze der republik österreich blockiert worden
    Plagegeister aller Art und deren Bekämpfung - 07.08.2012 (6)
  17. Verschlüsselungstrojaner Österreich Version "Der Computer ist (...)Republik Österreich blockiert"
    Plagegeister aller Art und deren Bekämpfung - 01.08.2012 (3)

Zum Thema Danke, Republik Österreich ;-( - Hallo Leute! War leider oder besser gesagt Gott sei Dank einige Monate nicht mehr online! Heute Vormittag hat's mich jedoch seit Monaten erwischt! Und zwar - Bundespolizeitrojaner der Republik Österreich! - Danke, Republik Österreich ;-(...
Archiv
Du betrachtest: Danke, Republik Österreich ;-( auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.