Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Unregelmäßige Weiterleitung beim Surfen auf eine bestimmte Seite

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 29.03.2013, 16:33   #1
Tro70
 
Unregelmäßige Weiterleitung beim Surfen auf eine bestimmte Seite - Standard

Unregelmäßige Weiterleitung beim Surfen auf eine bestimmte Seite



Hallo,

ich habe ein Problem mit dem Internet Explorer 9 (Betriebssystem Win 7 64), wenn ich auf eine bestimmte Seite (www.chatcity.de) gehe: Bei ca. einem von drei Versuchen werde ich auf eine völlig andere Seite weitergeleitet, meistens auf irgendeine laufende Ebay-Auktion. Dabei ist kurzzeitig ein anderer Link in der Adresse zu sehen: hxxp://www.pricerunner.de/track/scripts/transition.php?bt= ...

Interessanterweise habe ich die Probleme nur bei dieser einen Seite und die Weiterleitung erfolgt auch nicht bei jedem Aufruf.

Kann mir jemand weiterhelfen? Der AdwCleaner liefert aktuell keinen auffälligen Fund mehr ...

Viele Grüße & Danke im voraus ...

Alt 30.03.2013, 07:10   #2
t'john
/// Helfer-Team
 
Unregelmäßige Weiterleitung beim Surfen auf eine bestimmte Seite - Standard

Unregelmäßige Weiterleitung beim Surfen auf eine bestimmte Seite





Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers


dann:

Systemscan mit OTL (bebilderte Anleitung)

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden)- Doppelklick auf die OTL.exe

  • Vista und Win7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Wähle Scanne Alle Benuzer
  • Oben findest Du ein Kästchen mit Ausgabe. Wähle bitte Minimale Ausgabe
  • Unter Extra Registrierung, wähle bitte Benutze SafeList
  • Klicke nun auf Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________

__________________

Alt 30.03.2013, 16:39   #3
Tro70
 
Unregelmäßige Weiterleitung beim Surfen auf eine bestimmte Seite - Standard

Unregelmäßige Weiterleitung beim Surfen auf eine bestimmte Seite



Hallo t'john,

danke für die schnelle Antwort.

Hier die gewünschten Logs:

------------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1022
www.malwarebytes.org

Database version: v2013.03.30.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Silberfuchs :: SPIRIT_OF_YALE [administrator]

30.03.2013 16:25:02
mbar-log-2013-03-30 (16-25-02).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 31765
Time elapsed: 10 minute(s), 37 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

------------------------------------------OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 30.03.2013 17:14:37 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Silberfuchs\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,98 Gb Total Physical Memory | 5,19 Gb Available Physical Memory | 65,02% Memory free
15,96 Gb Paging File | 12,96 Gb Available in Paging File | 81,20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1850,15 Gb Total Space | 1625,78 Gb Free Space | 87,87% Space Free | Partition Type: NTFS
Drive J: | 931,28 Gb Total Space | 328,40 Gb Free Space | 35,26% Space Free | Partition Type: FAT32
 
Computer Name: SPIRIT_OF_YALE | User Name: Silberfuchs | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Silberfuchs\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\iRacing\iRacingService.exe (iRacing.com Motorsport Simulations, LLC
Bedford, MA 01730)
PRC - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
PRC - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
PRC - c:\program files (x86)\real\realplayer\update\RealOneMessageCenter.exe (RealNetworks, Inc.)
PRC - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe (RealNetworks, Inc.)
PRC - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe ()
PRC - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
PRC - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
PRC - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)
PRC - C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
PRC - C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe (Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Citrix\Receiver\Receiver.exe (Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe (Citrix Systems, Inc.)
PRC - C:\WINDOWS\SysWOW64\ASGT.exe ()
PRC - C:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\Corel Paint Shop Pro Photo.exe (Corel, Inc.)
PRC - C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe (Corel, Inc.)
PRC - C:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\MediaCataloger.exe (Corel, Inc.)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE (SoftThinks - Dell)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE ()
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks SAS)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe (SoftThinks - Dell)
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
PRC - C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
PRC - C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe (Corel)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe (Alcor Micro Corp.)
PRC - C:\Program Files (x86)\avmwlanstick\WLanGUI.exe (AVM Berlin)
PRC - C:\Program Files (x86)\avmwlanstick\WlanNetService.exe (AVM Berlin)
PRC - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7d8f6866864f78cf83d3701641c46178\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\e963e9f51746f8e23837be7760e187c6\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\40c7a89fe2cbf3c12a2c39e034da54cf\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\ceda881f46083cfb6356ed39e6bf9dcb\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\85a17526c326bfb377b5c2124dce39f2\IAStorCommon.ni.dll ()
MOD - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\b8e60f81fd56934c9f9da7b15bee3376\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\932901ff0ad5e365ffbe705d7459a37e\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\b519f42484e1d488662a9a8a87cb8849\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fc476bbac36944e352c2f547352ffa64\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\8abaedf6aecb073b22f8801aa0b8babf\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\78ecbee4a7444353dce52afb9d9d795c\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\7cd4aa51f6e6b9330b8f50bba8bb62c6\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f93dca0e4baa1dcb37cf75392b7c89da\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\6a1ccc1e1a79ce267d3d1808af382cd6\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\CObjExt.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MOD - c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll ()
MOD - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\WWH4API.dll ()
MOD - C:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\PsiClient.dll ()
MOD - C:\WINDOWS\SysWOW64\APOMngr.DLL ()
MOD - C:\WINDOWS\SysWOW64\CmdRtr.DLL ()
MOD - C:\WINDOWS\SysWOW64\OemSpiE.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
MOD - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.deu ()
MOD - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.DEU ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (MASeuupCleaner) -- C:\WINDOWS\SysNative\FXSCPMEX.exe ()
SRV:64bit: - (HPSIService) -- C:\WINDOWS\SysNative\HPSIsvc.exe (HP)
SRV:64bit: - (AMD External Events Utility) -- C:\WINDOWS\SysNative\atiesrxx.exe (AMD)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)
SRV - (AntiVirMailService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (iRacingService) -- C:\Program Files (x86)\iRacing\iRacingService.exe (iRacing.com Motorsport Simulations, LLC
Bedford, MA 01730)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (RealNetworks Downloader Resolver Service) -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe ()
SRV - (Creative ALchemy AL6 Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe (Creative Labs)
SRV - (ASGT) -- C:\WINDOWS\SysWOW64\ASGT.exe ()
SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks SAS)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (RoxWatch12) -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe (Sonic Solutions)
SRV - (RoxMediaDB12OEM) -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe (Sonic Solutions)
SRV - (CLKMSVC10_9EC60124) -- C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe (CyberLink)
SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (NOBU) -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe (Dell, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (AVM WLAN Connection Service) -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe (AVM Berlin)
SRV - (CTAudSvcService) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
SRV - (PSI_SVC_2) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avipbb) -- C:\WINDOWS\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avgntflt) -- C:\WINDOWS\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avkmgr) -- C:\WINDOWS\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (NVHDA) -- C:\WINDOWS\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (ssudmdm) -- C:\WINDOWS\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (dg_ssudbus) -- C:\WINDOWS\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (ctxusbm) -- C:\WINDOWS\SysNative\drivers\ctxusbm.sys (Citrix Systems, Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\WINDOWS\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\WINDOWS\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\WINDOWS\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\WINDOWS\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) -- C:\WINDOWS\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (iaStor) -- C:\WINDOWS\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (k57nd60a) -- C:\WINDOWS\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (PxHlpa64) -- C:\WINDOWS\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (Impcd) -- C:\WINDOWS\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (AtiHdmiService) -- C:\WINDOWS\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (amdkmdag) -- C:\WINDOWS\SysNative\drivers\atipmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\WINDOWS\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (nusb3xhc) -- C:\WINDOWS\SysNative\drivers\nusb3xhc.sys (NEC Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\WINDOWS\SysNative\drivers\nusb3hub.sys (NEC Electronics Corporation)
DRV:64bit: - (t3) -- C:\WINDOWS\SysNative\drivers\t3.sys (Creative Technology Ltd.)
DRV:64bit: - (amdsbs) -- C:\WINDOWS\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\WINDOWS\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\WINDOWS\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\WINDOWS\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\WINDOWS\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\WINDOWS\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\WINDOWS\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (FWLANUSB) -- C:\WINDOWS\SysNative\drivers\fwlanusb.sys (AVM GmbH)
DRV:64bit: - (avmeject) -- C:\WINDOWS\SysNative\drivers\avmeject.sys (AVM Berlin)
DRV:64bit: - (WimFltr) -- C:\WINDOWS\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (PCDSRVC{1E208CE0-FB7451FF-06020101}_0) -- c:\Programme\Dell Support Center\pcdsrvc_x64.pkms (PC-Doctor, Inc.)
DRV - (WIMMount) -- C:\WINDOWS\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (All) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-1798081178-2521576082-293984026-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
IE - HKU\S-1-5-21-1798081178-2521576082-293984026-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-1798081178-2521576082-293984026-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-1798081178-2521576082-293984026-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = file:///C:/ZZZZZ/Startseite.htm
IE - HKU\S-1-5-21-1798081178-2521576082-293984026-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-1798081178-2521576082-293984026-1000\..\SearchScopes,DefaultScope = {D70DDA23-9F7B-431F-BD31-E9BAB061F8D4}
IE - HKU\S-1-5-21-1798081178-2521576082-293984026-1000\..\SearchScopes\{72E711B8-F384-493F-A1BE-1AEAC380BD09}: "URL" = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=9c3797a1-5c80-4ed8-8e7c-3d5daecd291d&pid=proxtubede&mode=bounce&k=0
IE - HKU\S-1-5-21-1798081178-2521576082-293984026-1000\..\SearchScopes\{84B8DBDE-1B58-4F95-99A8-53E4515511E0}: "URL" = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=9c3797a1-5c80-4ed8-8e7c-3d5daecd291d&pid=proxtubede&mode=bounce&k=0
IE - HKU\S-1-5-21-1798081178-2521576082-293984026-1000\..\SearchScopes\{88D23964-4E80-4026-81E3-1CF8DDD9C755}: "URL" = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=9c3797a1-5c80-4ed8-8e7c-3d5daecd291d&pid=proxtubede&mode=bounce&k=0
IE - HKU\S-1-5-21-1798081178-2521576082-293984026-1000\..\SearchScopes\{9290ABAB-8357-454A-AF21-F3AF24C4C031}: "URL" = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=9c3797a1-5c80-4ed8-8e7c-3d5daecd291d&pid=proxtubede&mode=bounce&k=0
IE - HKU\S-1-5-21-1798081178-2521576082-293984026-1000\..\SearchScopes\{D0F82CDA-B836-4DED-89F1-ED1B2C96AA74}: "URL" = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=9c3797a1-5c80-4ed8-8e7c-3d5daecd291d&pid=proxtubede&mode=bounce&k=0
IE - HKU\S-1-5-21-1798081178-2521576082-293984026-1000\..\SearchScopes\{D70DDA23-9F7B-431F-BD31-E9BAB061F8D4}: "URL" = hxxp://www.google.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E676F6F676C652E636F6D2F7365617263683F713D7B7365617263685465726D737D26616D703B736F7572636569643D69653726616D703B726C733D636F6D2E6D6963726F736F66743A7B6C616E67756167657D3A7B72656665727265723A736F757263657D26616D703B69653D7B696E707574456E636F64696E673F7D266F653D7B6F7574707574456E636F64696E673F7D&st={searchTerms}&clid=9c3797a1-5c80-4ed8-8e7c-3d5daecd291d&pid=proxtubede&k=0
IE - HKU\S-1-5-21-1798081178-2521576082-293984026-1000\..\SearchScopes\{F1342FA3-538D-435E-A0DF-E4CD01D1689F}: "URL" = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=9c3797a1-5c80-4ed8-8e7c-3d5daecd291d&pid=proxtubede&mode=bounce&k=0
IE - HKU\S-1-5-21-1798081178-2521576082-293984026-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1798081178-2521576082-293984026-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=199.217.115.142:3128
 
IE - HKU\S-1-5-21-1798081178-2521576082-293984026-1003\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-1798081178-2521576082-293984026-1003\..\SearchScopes,DefaultScope = 
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "file:///C:/ZZZZZ/Startseite.htm"
FF - prefs.js..extensions.enabledAddons: firejump%40firejump.net:1.0.2.5
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Citrix.com/npican: C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101714.dll (Amazon.com, Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.08.02 18:52:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2012.12.24 12:12:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.19 18:42:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.19 18:42:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2012.08.03 17:23:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Silberfuchs\AppData\Roaming\mozilla\Extensions
[2013.03.29 11:44:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Silberfuchs\AppData\Roaming\mozilla\Firefox\Profiles\rrs5n319.default\extensions
[2013.02.20 17:45:56 | 000,002,188 | ---- | M] () -- C:\Users\Silberfuchs\AppData\Roaming\mozilla\firefox\profiles\rrs5n319.default\searchplugins\{07E5CA57-08BC-4A02-9392-BC23F29B01E5}.xml
[2013.02.20 17:45:56 | 000,001,870 | ---- | M] () -- C:\Users\Silberfuchs\AppData\Roaming\mozilla\firefox\profiles\rrs5n319.default\searchplugins\{C2EECD5B-49C8-45A8-8180-83CBB301320D}.xml
[2013.02.20 17:45:56 | 000,002,077 | ---- | M] () -- C:\Users\Silberfuchs\AppData\Roaming\mozilla\firefox\profiles\rrs5n319.default\searchplugins\{FE1AB15F-9F55-47EA-9233-DE495C8BB87C}.xml
[2013.03.19 18:42:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.03.19 18:42:05 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.03.19 18:42:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
File not found (No name found) -- C:\USERS\SILBERFUCHS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RRS5N319.DEFAULT\EXTENSIONS\FIREJUMP@FIREJUMP.NET
[2013.03.19 18:42:05 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.02.20 17:45:56 | 000,001,684 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.02.20 17:45:56 | 000,001,935 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.02.20 17:45:56 | 000,001,271 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013.02.20 17:45:56 | 000,001,382 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml
[2013.02.20 17:45:56 | 000,007,051 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.02.20 17:45:56 | 000,001,278 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.02.20 17:45:56 | 000,001,170 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\WINDOWS\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1798081178-2521576082-293984026-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Ocs_SM] C:\Users\Silberfuchs\AppData\Roaming\OCS\SM\SearchAnonymizer.exe File not found
O4:64bit: - HKLM..\Run: [RunDLLEntry_EptMon] C:\Windows\SysNative\EptMon64.DLL (Creative Technology Ltd.)
O4:64bit: - HKLM..\Run: [RunDLLEntry_THXCfg] C:\Windows\SysNative\THXCfg64.DLL (Creative Technology Ltd.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\wlangui.exe (AVM Berlin)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe (cyberlink)
O4 - HKLM..\Run: [CitrixReceiver] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk" File not found
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\CorelIOMonitor.exe File not found
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [PDVD9LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RemoteControl9] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKLM..\Run: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe (Alcor Micro Corp.)
O4 - HKLM..\Run: [SPIRunE] C:\Windows\SysWow64\SpiRunE.dll (Creative Technology Ltd.)
O4 - HKLM..\Run: [Standby] C:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe (Corel)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [THX Audio Control Panel] C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1798081178-2521576082-293984026-1000..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-1798081178-2521576082-293984026-1000..\Run: [Corel Photo Downloader] C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe (Corel, Inc.)
O4 - HKU\S-1-5-21-1798081178-2521576082-293984026-1000..\Run: [CTRegRun] C:\WINDOWS\Ctregrun.exe (Creative Technology Ltd )
O4 - HKU\S-1-5-21-1798081178-2521576082-293984026-1000..\Run: [ICQ] C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-1798081178-2521576082-293984026-1000..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)
O4 - HKU\S-1-5-21-1798081178-2521576082-293984026-1000..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-1798081178-2521576082-293984026-1000..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-1798081178-2521576082-293984026-1000..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKU\S-1-5-21-1798081178-2521576082-293984026-1000..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1798081178-2521576082-293984026-1000..\Run: [Skype] C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKU\S-1-5-21-1798081178-2521576082-293984026-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-1798081178-2521576082-293984026-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Z1] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1798081178-2521576082-293984026-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\WINDOWS\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\WINDOWS\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\WINDOWS\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\WINDOWS\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\WINDOWS\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\WINDOWS\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\WINDOWS\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\WINDOWS\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\WINDOWS\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\WINDOWS\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\WINDOWS\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000014 - C:\WINDOWS\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - C:\WINDOWS\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000016 - C:\WINDOWS\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000017 - C:\WINDOWS\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000018 - C:\WINDOWS\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\WINDOWS\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0486D660-C159-4DD3-B293-D201A8AA937D}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{33FBABDD-56EA-4923-9D77-6DF59EC4B5A1}: DhcpNameServer = 10.72.0.72 10.72.0.73
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-ica - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=euc-jp - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=ISO-8859-1 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS936 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS949 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS950 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF-8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=euc-jp - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=ISO-8859-1 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS936 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS949 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS950 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF-8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\ica - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~2\Citrix\ICACLI~1\RSHook.dll) - C:\PROGRA~2\Citrix\ICACLI~1\RSHook.dll (Citrix Systems, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corp.)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corp.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1db512c4-db53-11e1-8b5c-782bcb8ec268}\Shell - "" = AutoRun
O33 - MountPoints2\{1db512c4-db53-11e1-8b5c-782bcb8ec268}\Shell\AutoRun\command - "" = I:\pushinst.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.03.30 16:26:43 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Silberfuchs\Desktop\OTL.exe
[2013.03.30 16:13:03 | 000,000,000 | ---D | C] -- C:\Users\Silberfuchs\Desktop\mbar
[2013.03.30 13:26:27 | 000,000,000 | ---D | C] -- C:\Users\Silberfuchs\AppData\Local\{2F0D3E86-8274-4645-BA18-D94F8BDCB2F6}
[2013.03.29 10:53:26 | 000,000,000 | ---D | C] -- C:\Users\Silberfuchs\AppData\Local\{AA2B3E18-543F-4E25-BB42-493264EAB1FC}
[2013.03.28 22:52:50 | 000,000,000 | ---D | C] -- C:\Users\Silberfuchs\AppData\Local\{C35688DD-E011-4260-BCE5-65BD210E2072}
[2013.03.28 19:50:04 | 000,130,016 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.03.28 19:50:04 | 000,100,712 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.03.28 19:50:04 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013.03.28 10:52:26 | 000,000,000 | ---D | C] -- C:\Users\Silberfuchs\AppData\Local\{D52C3BF8-DCF7-46F4-8389-90D92D3A56CC}
[2013.03.27 18:22:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.03.27 18:22:07 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.03.27 18:22:04 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.03.27 18:22:04 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.03.27 18:22:04 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.03.27 17:49:04 | 000,000,000 | ---D | C] -- C:\Users\Silberfuchs\AppData\Local\{371AE4B0-E45F-4913-9125-842A90350BBF}
[2013.03.26 18:02:49 | 000,000,000 | ---D | C] -- C:\Users\Silberfuchs\AppData\Local\{F133D001-3DA8-4F3A-80BF-865FE8553612}
[2013.03.25 20:08:28 | 026,956,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2013.03.25 20:08:28 | 025,256,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2013.03.25 20:08:28 | 017,990,800 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2013.03.25 20:08:28 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2013.03.25 20:08:28 | 009,414,456 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2013.03.25 20:08:28 | 007,959,000 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2013.03.25 20:08:28 | 007,573,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2013.03.25 20:08:28 | 006,271,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2013.03.25 20:08:28 | 002,913,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2013.03.25 20:08:28 | 002,728,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2013.03.25 20:08:28 | 002,355,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2013.03.25 20:08:28 | 001,995,552 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2013.03.25 20:08:28 | 001,807,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6431422.dll
[2013.03.25 20:08:28 | 001,510,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6431422.dll
[2013.03.25 20:08:28 | 000,968,408 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2013.03.25 20:08:28 | 000,420,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2013.03.25 20:08:28 | 000,364,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2013.03.25 20:08:28 | 000,250,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2013.03.25 20:08:28 | 000,205,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2013.03.25 17:28:18 | 000,000,000 | ---D | C] -- C:\Users\Silberfuchs\AppData\Local\{D85947DD-8CB0-4AAC-9FE4-2C2443BB09BB}
[2013.03.24 20:01:19 | 000,000,000 | ---D | C] -- C:\Users\Silberfuchs\Documents\1C SoftClub
[2013.03.24 19:50:17 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2013.03.24 19:50:17 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2013.03.24 19:50:15 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2013.03.24 19:50:14 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2013.03.24 19:50:14 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2013.03.24 19:50:06 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2013.03.24 19:50:06 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2013.03.24 19:50:06 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2013.03.24 19:50:06 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2013.03.24 19:50:05 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2013.03.24 19:50:05 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2013.03.24 19:50:00 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2013.03.24 19:50:00 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2013.03.24 11:00:46 | 000,000,000 | ---D | C] -- C:\Users\Silberfuchs\AppData\Local\{4E861D3A-A9EE-4360-BD0F-849C81AF6FED}
[2013.03.23 11:51:30 | 000,000,000 | ---D | C] -- C:\Users\Silberfuchs\AppData\Local\{FF653699-3DFD-4BF4-9AB9-08D5EC9024AD}
[2013.03.22 13:35:20 | 000,000,000 | ---D | C] -- C:\Users\Silberfuchs\AppData\Local\{49377EF7-BEDF-4E13-BCA3-155D3C24AFFB}
[2013.03.21 18:16:20 | 000,000,000 | ---D | C] -- C:\Users\Silberfuchs\AppData\Local\{93F3ACA5-B11C-4D4C-A21D-2F69150422D6}
[2013.03.20 22:02:58 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2013.03.20 18:12:59 | 000,000,000 | ---D | C] -- C:\Users\Silberfuchs\AppData\Local\{9859F975-FCF0-4CE7-9A0D-8BC431DCE222}
[2013.03.20 18:05:02 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2013.03.19 18:42:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.03.19 18:25:48 | 000,000,000 | ---D | C] -- C:\Users\Silberfuchs\AppData\Local\{ECB15B7F-A99B-48BB-A9FE-6D3F98AFD625}
[2013.03.18 18:42:02 | 000,000,000 | ---D | C] -- C:\Users\Silberfuchs\AppData\Local\{915BC5C6-80B3-4970-8147-2BE430E840BF}
[2013.03.17 17:23:29 | 000,000,000 | ---D | C] -- C:\Users\Silberfuchs\AppData\Local\{42AE53D6-55D6-4CE7-A90B-92208A397AD4}
[2013.03.16 14:10:47 | 000,000,000 | ---D | C] -- C:\Users\Silberfuchs\AppData\Local\{3456D916-C751-4F0A-9E3A-0328DFCF08F1}
[2013.03.15 11:02:34 | 000,000,000 | ---D | C] -- C:\Users\Silberfuchs\AppData\Local\{C3A21F68-0339-4C44-8A93-DD9F14305E7D}
[2013.03.14 22:07:52 | 000,559,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2013.03.14 10:20:27 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.03.14 10:20:27 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.03.14 10:20:27 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.03.14 10:20:27 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.03.14 10:20:27 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.03.14 10:20:27 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.03.14 10:20:27 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.03.14 10:20:27 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.03.14 10:20:26 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.03.14 10:20:26 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.03.14 10:20:26 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.03.14 10:20:26 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.03.14 10:20:26 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.03.14 10:20:25 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.03.14 10:20:25 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.03.14 10:20:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013.03.14 10:19:47 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013.03.14 10:19:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013.03.14 09:37:32 | 000,000,000 | ---D | C] -- C:\Users\Silberfuchs\AppData\Local\{929F30A5-9F74-495D-B4CA-647CBB6FE777}
[2013.03.13 18:22:49 | 000,000,000 | ---D | C] -- C:\Users\Silberfuchs\AppData\Local\{1091EA87-D335-4862-8EA9-4BED8A2D0683}
[2013.03.12 13:36:07 | 000,000,000 | ---D | C] -- C:\Users\Silberfuchs\AppData\Roaming\NVIDIA
[2013.03.12 10:33:13 | 000,000,000 | ---D | C] -- C:\Users\Silberfuchs\AppData\Local\{E59EE1AA-0AF2-4855-8327-288F4ADB22CA}
[2013.03.11 18:43:43 | 000,000,000 | ---D | C] -- C:\Users\Silberfuchs\AppData\Local\{83322D16-0286-4414-A6B7-27C3C283AB2B}
[2013.03.10 14:30:38 | 000,000,000 | ---D | C] -- C:\Users\Silberfuchs\AppData\Local\{FE7F87C3-15C5-4717-AA1A-BCD9E5BB9757}
[2013.03.09 15:33:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2013.03.09 15:31:18 | 020,542,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2013.03.09 15:31:18 | 001,807,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6420294.dll
[2013.03.09 15:31:18 | 001,510,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6420162.dll
[2013.03.09 15:31:18 | 000,194,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2013.03.09 15:31:18 | 000,031,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2013.03.09 15:30:44 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2013.03.09 15:08:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2013.03.09 15:08:08 | 000,023,680 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\drivers\IOMap64.sys
[2013.03.09 15:05:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
[2013.03.09 15:05:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASUS
[2013.03.09 15:05:48 | 000,000,000 | ---D | C] -- C:\Users\Silberfuchs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS
[2013.03.09 15:05:27 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2013.03.09 15:04:43 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2013.03.09 15:04:20 | 006,398,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2013.03.09 15:04:20 | 003,477,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2013.03.09 15:04:20 | 002,555,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2013.03.09 15:04:20 | 000,237,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2013.03.09 15:04:20 | 000,063,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2013.03.09 15:04:09 | 000,060,776 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013.03.09 15:04:09 | 000,052,584 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013.03.09 15:04:06 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2013.03.09 15:04:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2013.03.09 15:03:56 | 001,760,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2013.03.09 15:03:56 | 001,482,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll
[2013.03.09 15:02:48 | 015,042,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2013.03.09 15:02:42 | 013,088,000 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2013.03.09 15:02:34 | 015,508,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2013.03.09 15:02:21 | 001,118,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2013.03.09 15:02:19 | 002,864,144 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2013.03.09 15:02:19 | 002,539,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2013.03.09 15:00:34 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2013.03.09 13:25:13 | 000,000,000 | ---D | C] -- C:\Users\Silberfuchs\AppData\Local\{8FC29D0B-C4AF-40D8-B166-280301952344}
[2013.03.08 10:12:59 | 000,000,000 | ---D | C] -- C:\Users\Silberfuchs\AppData\Local\{32A7F27B-F1DE-44EF-991F-D92AEB13E54A}
[2013.03.07 22:12:24 | 000,000,000 | ---D | C] -- C:\Users\Silberfuchs\AppData\Local\{E5A86B08-108F-4E6E-8A21-CC6D0C44E20E}
[2013.03.07 12:19:32 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2013.03.07 10:11:48 | 000,000,000 | ---D | C] -- C:\Users\Silberfuchs\AppData\Local\{847B806B-FBEB-4128-9748-43ACF4B20B88}
[2013.03.06 22:11:14 | 000,000,000 | ---D | C] -- C:\Users\Silberfuchs\AppData\Local\{9DBF3436-A470-4C77-90BD-46C7D5FBE14A}
[2013.03.06 10:10:49 | 000,000,000 | ---D | C] -- C:\Users\Silberfuchs\AppData\Local\{356842A9-5662-4F72-A9F2-C563F43BEEB5}
[2013.03.05 12:00:24 | 000,000,000 | ---D | C] -- C:\Users\Silberfuchs\AppData\Local\{F5FC7737-7628-4B74-9955-CB2337E2EB73}
[2013.03.04 10:31:47 | 000,000,000 | ---D | C] -- C:\Users\Silberfuchs\AppData\Local\{8D690A5B-BB55-4FA1-B998-8F7D0728C84C}
[2013.03.03 18:08:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.03.03 18:08:38 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.03.03 18:08:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.03.03 18:08:28 | 000,000,000 | ---D | C] -- C:\Users\Silberfuchs\AppData\Local\Programs
[2013.03.03 11:52:25 | 000,000,000 | ---D | C] -- C:\Users\Silberfuchs\AppData\Local\{4682C245-1E74-4D82-B71E-B91380621626}
[2013.03.02 13:26:41 | 000,000,000 | ---D | C] -- C:\Users\Silberfuchs\AppData\Local\{070B1D2B-DC77-4E8C-8FF4-5E3AB40A4F5F}
[2013.03.01 10:14:54 | 000,000,000 | ---D | C] -- C:\Users\Silberfuchs\AppData\Local\{B7B67D2C-0C67-4D1E-9345-655849EDF7F9}
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.03.30 16:51:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.03.30 16:33:04 | 000,020,480 | ---- | M] () -- C:\Users\Silberfuchs\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.03.30 16:26:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Silberfuchs\Desktop\OTL.exe
[2013.03.30 16:13:20 | 000,003,766 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2013.03.30 14:01:46 | 000,000,422 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2013.03.30 13:16:03 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.30 13:16:03 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.30 13:08:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.30 13:08:14 | 2133,647,359 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.29 11:42:43 | 000,609,993 | ---- | M] () -- C:\Users\Silberfuchs\Desktop\AdwCleaner2115.exe
[2013.03.28 19:49:57 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.03.28 19:49:57 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.03.28 19:49:57 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013.03.27 18:22:00 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npdeployJava1.dll
[2013.03.27 18:22:00 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013.03.27 18:22:00 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.03.27 18:22:00 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.03.27 18:22:00 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.03.27 18:22:00 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.03.24 19:51:59 | 001,548,960 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.03.24 19:51:59 | 000,664,626 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.03.24 19:51:59 | 000,624,808 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.03.24 19:51:59 | 000,134,794 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.03.24 19:51:59 | 000,110,446 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.03.22 19:37:45 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2013.03.20 18:05:01 | 387,627,801 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.03.18 23:53:59 | 000,119,808 | ---- | M] () -- C:\Windows\SysNative\GFilterSvc.exe
[2013.03.15 06:53:06 | 026,956,576 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2013.03.15 06:53:06 | 025,256,736 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2013.03.15 06:53:06 | 020,542,752 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2013.03.15 06:53:06 | 017,990,800 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2013.03.15 06:53:06 | 017,560,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2013.03.15 06:53:06 | 015,508,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2013.03.15 06:53:06 | 015,042,928 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2013.03.15 06:53:06 | 013,088,000 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2013.03.15 06:53:06 | 009,414,456 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2013.03.15 06:53:06 | 007,959,000 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2013.03.15 06:53:06 | 007,573,816 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2013.03.15 06:53:06 | 006,271,872 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2013.03.15 06:53:06 | 002,913,056 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2013.03.15 06:53:06 | 002,864,144 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2013.03.15 06:53:06 | 002,728,736 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2013.03.15 06:53:06 | 002,539,128 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2013.03.15 06:53:06 | 002,355,488 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2013.03.15 06:53:06 | 001,995,552 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2013.03.15 06:53:06 | 001,807,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6431422.dll
[2013.03.15 06:53:06 | 001,510,176 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6431422.dll
[2013.03.15 06:53:06 | 001,118,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2013.03.15 06:53:06 | 000,968,408 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2013.03.15 06:53:06 | 000,420,128 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2013.03.15 06:53:06 | 000,364,832 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2013.03.15 06:53:06 | 000,250,504 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2013.03.15 06:53:06 | 000,205,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2013.03.15 06:53:06 | 000,017,738 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2013.03.15 05:16:18 | 003,477,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2013.03.15 05:16:17 | 006,398,240 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2013.03.15 05:16:10 | 002,555,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2013.03.15 05:16:10 | 000,237,856 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2013.03.15 05:16:10 | 000,063,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2013.03.14 22:07:52 | 000,559,904 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2013.03.13 17:58:20 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.03.13 17:58:20 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.03.13 17:24:01 | 003,065,455 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[2013.03.12 13:36:07 | 000,000,022 | ---- | M] () -- C:\Windows\GPU-Z.INI
[2013.03.03 18:08:39 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.03.29 11:42:40 | 000,609,993 | ---- | C] () -- C:\Users\Silberfuchs\Desktop\AdwCleaner2115.exe
[2013.03.20 18:05:01 | 387,627,801 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013.03.09 15:37:36 | 000,000,022 | ---- | C] () -- C:\Windows\GPU-Z.INI
[2013.03.09 15:15:44 | 000,015,168 | ---- | C] () -- C:\Windows\SysNative\drivers\nvflash.sys
[2013.03.09 15:04:20 | 003,065,455 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2013.03.09 15:03:56 | 000,017,738 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2013.03.03 18:08:39 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.20 17:46:03 | 000,338,432 | ---- | C] () -- C:\Windows\SysWow64\sqlite36_engine.dll
[2013.01.13 00:48:59 | 000,000,099 | ---- | C] () -- C:\Users\Silberfuchs\AppData\Local\fusioncache.dat
[2013.01.13 00:48:22 | 001,553,234 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.11.05 18:35:12 | 000,004,306 | ---- | C] () -- C:\Windows\jtxqtm-q32.ini
[2012.08.03 16:42:23 | 000,020,480 | ---- | C] () -- C:\Users\Silberfuchs\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.08.03 16:41:53 | 000,003,766 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2012.08.03 16:41:53 | 000,000,008 | RHS- | C] () -- C:\ProgramData\A7150A47DA.sys
[2012.07.30 13:16:20 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.07.30 13:16:18 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012.07.30 13:16:18 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012.07.30 13:16:18 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012.07.30 13:16:18 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012.01.17 11:24:10 | 000,055,296 | ---- | C] () -- C:\Windows\SysWow64\ASGT.exe
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
         
--- --- ---

------------------------------------------
__________________

Alt 30.03.2013, 16:41   #4
Tro70
 
Unregelmäßige Weiterleitung beim Surfen auf eine bestimmte Seite - Standard

Unregelmäßige Weiterleitung beim Surfen auf eine bestimmte Seite



Das letzte Log (Posting wurde sonst zu lang):
---------------OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 30.03.2013 17:14:37 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Silberfuchs\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,98 Gb Total Physical Memory | 5,19 Gb Available Physical Memory | 65,02% Memory free
15,96 Gb Paging File | 12,96 Gb Available in Paging File | 81,20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1850,15 Gb Total Space | 1625,78 Gb Free Space | 87,87% Space Free | Partition Type: NTFS
Drive J: | 931,28 Gb Total Space | 328,40 Gb Free Space | 35,26% Space Free | Partition Type: FAT32
 
Computer Name: SPIRIT_OF_YALE | User Name: Silberfuchs | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Mit Corel PaintShop Photo Pro X3 durchsuchen] -- "C:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\Corel Paint Shop Pro Photo.exe" "%L" (Corel, Inc.)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Mit Corel PaintShop Photo Pro X3 durchsuchen] -- "C:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\Corel Paint Shop Pro Photo.exe" "%L" (Corel, Inc.)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{392E49FD-E62B-4684-B4F4-A71C4A32BA6B}" = lport=9100 | protocol=6 | dir=in | name=advanced tcp/ip printer port | 
"{64ABA96C-690B-48ED-8F61-964695C3195B}" = lport=427 | protocol=6 | dir=in | name=advanced tcp/ip slp port | 
"{8FA9E2A4-3E46-438E-989E-5D3C620F83CC}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{AA36042C-6057-4F55-930E-8276114650C3}" = lport=161 | protocol=6 | dir=in | name=advanced tcp/ip snmp port | 
"{B94BD270-6964-4591-98E8-CA43F93EFFAB}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05135DAF-FE20-418D-BB9E-80592678313C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\gt legends\sudo.exe | 
"{074EB7E6-F4BA-4193-8E7A-BF460190CAFF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{0ACB293D-1222-4ECC-904C-1492E3D7AB49}" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe | 
"{10215ABB-1B72-4379-8892-6C10F65C1769}" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe | 
"{12C81D15-F43D-4DAA-A83E-095E59B76CD1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dear esther\dearesther.exe | 
"{13E05086-F8A2-4CDD-8C37-436BB09C0C56}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{153B6ED9-76EE-4534-8373-D96422ADFA1F}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe | 
"{15AA37C9-2DFA-468A-A915-30CB8F9EEF1F}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe | 
"{15CEF671-59F3-4120-BA41-ED11FDF2FCE7}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\swtor\retailclient\swtor.exe | 
"{181B5B19-575B-42A3-82A7-84CB7726BDC5}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\swtor\retailclient\swtor.exe | 
"{20A3059B-218E-44C6-985F-AEB271BF95A2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe | 
"{2A570D5D-2346-467B-B340-5FE2CF1B009E}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe | 
"{302B0D8F-D32B-4B5E-B9B7-0411DD9CC42C}" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe | 
"{30B4F6EA-A092-440E-ABF8-B29D84D790B3}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{37D2CCF6-1F60-4658-AF81-210C2641E83B}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe | 
"{394658D9-28E4-4CF6-9439-C0767C670344}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe | 
"{3A76559D-5BFE-462C-88F2-146AF3601403}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe | 
"{3D93D2DE-B461-49AB-A96F-50D6B25FEAAD}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe | 
"{414909DC-CE10-4064-B997-F514A2BBDEF2}" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.patch.exe | 
"{4D8725B3-52AF-4AD8-9374-502ACB960FB2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tomb raider\tombraider.exe | 
"{55FE438C-6196-4236-A28A-B6B74F26289B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\final hours of tomb raider\the final hours of tomb raider.exe | 
"{568F270E-5C89-452C-B97E-8FE52275A2EB}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{58842C83-78AF-4B3D-AA15-2F08E640C9BD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe | 
"{5995FE0A-739C-4652-8D74-936A71754A3C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tomb raider\tombraider.exe | 
"{59E9241C-CACF-4DC8-9F86-3171184240EE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dear esther\dearesther.exe | 
"{5AF9823F-61A7-4F60-AAF6-B936385EDA08}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe | 
"{5FCB568B-595E-4F5A-8EBA-4FAC0B8DCF3B}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe | 
"{680A5222-5BA3-4226-8CBA-E3C012DA785A}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe | 
"{68DE6B33-D453-4773-ADE8-3FEF5A241C63}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe | 
"{747287B2-36C5-4A30-81D8-EE9592F6DB6C}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe | 
"{7540C862-8FDA-4DEF-9DB3-9B0007BE567F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\il-2 sturmovik cliffs of dover\launcher.exe | 
"{7A93A680-F7E5-40AD-A241-B606D9025087}" = protocol=6 | dir=in | app=c:\users\silberfuchs\appdata\local\temp\7zs762c\easyinst64.exe | 
"{7F47CD8F-D8AB-4ED4-A393-25E8C3EA39C3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2launcher.exe | 
"{80AE9258-4AA9-4572-85BE-1B63088AAD49}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\il-2 sturmovik cliffs of dover\launcher.exe | 
"{80DBF973-D8C8-4959-BBC2-3E3DCD7D6F48}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{811C0DDE-DA1B-4C1B-9AA7-7C805FB848D0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\gt legends\sudo.exe | 
"{87360D1E-249A-4E15-BFB7-CA3A191CCD39}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe | 
"{89F5BBE7-EBCA-4A17-8117-93A84CB40FC7}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{8C40DEDD-A80A-4E4A-A9A3-FF695FC87347}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe | 
"{9729D379-DE98-449C-A877-083DFD84804F}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe | 
"{9C64D94E-2293-4B40-96D5-9EF47BB55207}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{A007ECB7-7E18-45F4-A87C-E2FC4C8F8D5C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe | 
"{A1EFC41B-F2CE-4838-892F-7A202C37ABF2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands\binaries\borderlands.exe | 
"{AD4BCD0B-0000-4510-90D3-C02E425D4E90}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe | 
"{AE4E6954-E0A0-4887-85A1-AD67C68B191E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\final hours of tomb raider\the final hours of tomb raider.exe | 
"{B86CEDAA-891F-4035-82CD-016636CEED0B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{C553A113-FD8A-4732-88C4-50BC23596957}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2launcher.exe | 
"{C8CE6601-28B0-4812-AB7B-7B191D383CDC}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{C9FC7F74-B621-4949-ACBE-74F604EA0D6D}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{CB947E7E-38D6-45D3-8D79-B23ACAAA1B0B}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\swtor\retailclient\swtor.exe | 
"{DB1701AF-6644-4F57-8A7B-0EFFE360CD66}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe | 
"{DE6AFEE9-13EB-4AFB-847B-808AD3879E73}" = dir=in | app=c:\program files (x86)\dell\videostage\videostage.exe | 
"{DFEEC6B3-8AD0-41FE-96CE-EECA8823865B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{E76DE961-878E-4367-8F5F-D160F499A80F}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{E7B963C5-7417-402E-9476-D7425AC996C2}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe | 
"{EAB3FB46-40C4-413D-AF89-9F2034F04E47}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{ED9F8C31-06D2-4797-95BD-7A7C98D408E7}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe | 
"{EE6A1466-73C2-4E18-977C-67F97A599195}" = protocol=17 | dir=in | app=c:\users\silberfuchs\appdata\local\temp\7zs762c\easyinst64.exe | 
"{F203D005-82A2-4B83-8765-0D4F8C3708D3}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{F28B64F2-AA80-4F9D-84EF-6A42ADB3BED2}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\swtor\retailclient\swtor.exe | 
"{F7B205A2-FE7E-4955-AB22-0B30ECA560BE}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe | 
"{F7CF550A-22D3-4C11-9D91-CFD3AB6CE094}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands\binaries\borderlands.exe | 
"{F7F43B7A-20AB-41CF-8949-64A0BA218458}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{F8A9AA2D-4244-44D3-BDDF-CD54BBAB6A79}" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe | 
"{F8FF8CAB-0485-4EA7-9A69-19E3AAE743BE}" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.patch.exe | 
"{F921C88C-A879-49CF-8945-046A58A7A9AB}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe | 
"TCP Query User{0A5C418B-6068-488F-A136-9177517521CE}C:\program files (x86)\icq7m\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe | 
"TCP Query User{153ADEA8-7D8E-409D-9561-663374E7AC86}C:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe | 
"TCP Query User{2ED78E5E-75CC-4469-8CB3-423F21610DB7}C:\users\public\games\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe | 
"TCP Query User{338EA1C3-A22D-4515-9B5A-B4C16F638734}C:\program files (x86)\turbine\ddo unlimited\dndclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\turbine\ddo unlimited\dndclient.exe | 
"UDP Query User{122E5ED6-E384-461C-97A5-6AC50381AF50}C:\users\public\games\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe | 
"UDP Query User{437C2FC8-FC22-464C-9E9D-1A7714DE688A}C:\program files (x86)\turbine\ddo unlimited\dndclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\turbine\ddo unlimited\dndclient.exe | 
"UDP Query User{808F2364-CA1F-441D-89C3-D2BBFC88E153}C:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe | 
"UDP Query User{D8A7889D-26F7-4282-A107-26F91912A7AF}C:\program files (x86)\icq7m\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416023FF}" = Java(TM) 6 Update 23 (64-bit)
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.12.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.23.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{DFFE818E-F1C7-44F8-A3C0-C08761906E27}" = Share64
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Dell Support Center" = Dell Support Center
"HP LaserJet Professional P1100-P1560-P1600 Series" = HP LaserJet Professional P1100-P1560-P1600 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"VLC media player" = VLC media player 2.0.2
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{53A908D4-99C6-469B-BC13-F4189F260742}" = Corel Painter Essentials 4
"_{9C9078D1-FA30-4E1B-A194-983A4898F848}" = Corel KPT Collection
"_{DEAEB5DB-04FA-489D-94EF-8600898B93EE}" = Corel PaintShop Photo Pro X3
"_{DFAEB5DB-04FA-489D-94EF-8600898B93EE}" = Corel PaintShop Photo Project Creator
"{010A785B-F920-4350-821B-6309909C20BB}" = THX TruStudio PC
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0A561DC3-36F0-4EBA-961D-531F82D053C9}" = Self-Service Plug-in
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0EB183F5-17C6-45AA-96EC-888C615AD53C}" = Citrix Receiver (HDX Flash-Umleitung)
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{234AB115-C6C4-4ACB-A029-8845120E4F37}" = Online Plug-in
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{36B6CCCF-97C3-4BC3-8890-A2E778C0037E}" = Citrix Receiver Updater
"{37334614-FAB1-4C67-9973-BC6C1DF82DAE}" = Citrix Receiver (USB)
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{41068A8C-3F30-46B6-978A-EA692F28D1AF}" = Multimedia Card Reader
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{532F6E8A-AF97-41C3-915F-39F718EC07D1}" = ASUS GPU Tweak
"{53A908D4-99C6-469B-BC13-F4189F260742}" = Corel Painter Essentials 4
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{616AF091-D73C-481B-9113-FD758EB2F50A}" = MusicStage
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72E5E3F5-5BE3-BA64-49A6-4FA26EF69721}" = Catalyst Control Center InstallProxy
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}" = ICQ7M
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7E4CB404-F1E4-4E81-A1CB-2CBB310481D1}" = MLE
"{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9078D1-FA30-4E1B-A194-983A4898F848}" = Corel KPT Collection
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9EDA3DD1-130D-4EE1-A3D2-5A3D795CC8C9}" = MFCLOC
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9.5
"{A8B88634-7F90-402F-B66A-86429755F6A5}" = eBay
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{ABD43F00-91CA-4BDC-A28E-CB3271A39386}" = Citrix Receiver (DV)
"{AC76BA86-1033-F400-BA7E-000000000004}" = Adobe Acrobat  9 Standard - English, Français, Deutsch
"{AC76BA86-1033-F400-BA7E-000000000004}_954" = Adobe Acrobat 9.5.4 - CPSID_83708
"{AC76BA86-1033-F400-BA7E-000000000004}{AC76BA86-1033-F400-BA7E-000000000004}" = Adobe Acrobat  9 Standard - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1.2 - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}" = RealDownloader
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C93170A0-CBF9-481F-B972-B4FA5AEE0E06}" = Sound Blaster X-Fi
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBBB3C80-76F5-42B5-92A6-C4BF84796DCB}" = iRacing.com Race Simulation
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"{DD60885C-0CBE-40D8-AA14-11D8EDD7D97C}" = Citrix Receiver Inside
"{DD811185-0A2F-460A-B1DD-D786E6034011}" = Citrix Receiver(Aero)
"{DE4BF4BE-3CDC-43B5-BBDA-DDDA73103111}" = Corel PaintShop Photo Pro X3
"{DE612A3D-0DCC-4055-BB6A-0036F31158A0}" = Setup
"{DE8B9311-ADE7-4EDE-B121-326CAA3D225D}" = PSPPContent
"{DE99075E-7D25-4B96-B32E-BFE6FBFAA644}" = IPM_PSP_CL
"{DEAEB5DB-04FA-489D-94EF-8600898B93EE}" = ICA
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF1928A-FC01-48E7-A7E6-4651D42EF6A1}" = PSPPRO_DCRAW
"{DEF8C145-CC4F-4DAA-AD5C-E707C07AEE50}" = IPM_PSP_COM
"{DF4A2F61-1E26-4D51-94BB-36D77678BDAD}" = PSPH10Pro
"{DF4ABC2B-5CA9-48B2-9266-15AB78384D3C}" = Share
"{DF612A3D-0DCC-4055-BB6A-0036F31158A0}" = Setup
"{DF75FFEE-2FCE-4774-902A-749198C00A68}" = PureHD
"{DF99075E-7D25-4B96-B32E-BFE6FBFAA644}" = IPM_PSP_PRJ
"{DFAEB5DB-04FA-489D-94EF-8600898B93EE}" = ICA
"{DFBCC13A-E4F2-45EE-846F-D143CEDDDBCB}" = DeviceIO
"{DFC02397-E0EF-4891-820E-1547DCC6701B}" = ContentHD
"{DFC4FA35-7C6B-4C9E-863B-58C4D7472F41}" = VIO
"{DFD99A66-493F-468B-BCE1-6F88612B89D5}" = Contents
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E8FC7C4A-FE4E-4356-A1B7-4DC57620DD5C}" = Citrix Authentication Manager
"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter
"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1" = StreamTransport version: 1.0.2.2171
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ALchemy" = Creative ALchemy
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.17
"AudioCS" = Creative Audio-Systemsteuerung
"Avira AntiVir Desktop" = Avira Antivirus Premium
"AVMWLANCLI" = AVM FRITZ!WLAN
"B991B020-2968-11D8-AF23-444553540000_is1" = FreeMind
"bc8a6440-918f-11dd-ad8b-0800200c9a66_is1" = Dungeons & Dragons Online v01.21.01.8029
"CameraWindowDC" = Canon Utilities CameraWindow DC 8
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon MOV Encoder" = Canon MOV Encoder
"CitrixOnlinePluginPackWeb" = Citrix Receiver
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties x64 Edition" = Creative Sound Blaster Properties x64 Edition
"Diagnostics 4_5" = Creative-Diagnose
"DivX Setup" = DivX-Setup
"DPP" = Canon Utilities Digital Photo Professional 3.11
"Drakensang Online" = Drakensang Online
"Host OpenAL" = Host OpenAL
"InstallShield_{41068A8C-3F30-46B6-978A-EA692F28D1AF}" = Multimedia Card Reader
"InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}" = ASUS GPU Tweak
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9.5
"InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"MapUtility" = Canon Utilities Map Utility
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MovieUploaderForYouTube" = Canon Utilities Movie Uploader for YouTube
"Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"PhotoStitch" = Canon Utilities PhotoStitch
"RealPlayer 16.0" = RealPlayer
"Steam App 108800" = Crysis 2 Maximum Edition
"Steam App 203160" = Tomb Raider
"Steam App 203810" = Dear Esther
"Steam App 219640" = Chivalry: Medieval Warfare
"Steam App 233410" = Final Hours of Tomb Raider
"Steam App 44690" = GT Legends
"Steam App 49520" = Borderlands 2
"Steam App 63950" = IL-2 Sturmovik: Cliffs of Dover
"Steam App 8980" = Borderlands
"VLC media player" = VLC media player 2.0.4
"Wakfu" = Wakfu
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite" = Windows Live Essentials
"World of Warcraft" = World of Warcraft
"Youtube Downloader HD_is1" = Youtube Downloader HD v. 2.9.5
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1798081178-2521576082-293984026-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MyFreeCodec" = MyFreeCodec
"PhotoZoom Pro 4" = BenVista PhotoZoom Pro 4.0.4
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 22.03.2013 04:30:00 | Computer Name = Spirit_of_Yale | Source = PC-Doctor | ID = 1
Description = (2236) Asapi: (09:30:00:4570)(2236) Asapi.State - Error -- 123 Plugin
 S3LogPusher.dll failed to load. 
 
Error - 22.03.2013 04:40:00 | Computer Name = Spirit_of_Yale | Source = PC-Doctor | ID = 1
Description = (2260) Asapi: (09:40:00:4530)(2260) libAsapi.DynamicLoadedPlugin -
 Error -- 64 Unable to load library 'S3LogPusher.dll' 
 
Error - 22.03.2013 04:40:00 | Computer Name = Spirit_of_Yale | Source = PC-Doctor | ID = 1
Description = (2260) Asapi: (09:40:00:4650)(2260) Asapi.State - Error -- 123 Plugin
 S3LogPusher.dll failed to load. 
 
Error - 22.03.2013 04:50:00 | Computer Name = Spirit_of_Yale | Source = PC-Doctor | ID = 1
Description = (7620) Asapi: (09:50:00:4350)(7620) libAsapi.DynamicLoadedPlugin -
 Error -- 64 Unable to load library 'S3LogPusher.dll' 
 
Error - 22.03.2013 04:50:00 | Computer Name = Spirit_of_Yale | Source = PC-Doctor | ID = 1
Description = (7620) Asapi: (09:50:00:4420)(7620) Asapi.State - Error -- 123 Plugin
 S3LogPusher.dll failed to load. 
 
Error - 22.03.2013 05:00:00 | Computer Name = Spirit_of_Yale | Source = PC-Doctor | ID = 1
Description = (7384) Asapi: (10:00:00:4440)(7384) libAsapi.DynamicLoadedPlugin -
 Error -- 64 Unable to load library 'S3LogPusher.dll' 
 
Error - 22.03.2013 05:00:00 | Computer Name = Spirit_of_Yale | Source = PC-Doctor | ID = 1
Description = (7384) Asapi: (10:00:00:4450)(7384) Asapi.State - Error -- 123 Plugin
 S3LogPusher.dll failed to load. 
 
Error - 22.03.2013 09:00:00 | Computer Name = Spirit_of_Yale | Source = PC-Doctor | ID = 1
Description = (7972) Asapi: (14:00:00:4720)(7972) libAsapi.DynamicLoadedPlugin -
 Error -- 64 Unable to load library 'S3LogPusher.dll' 
 
Error - 22.03.2013 09:00:00 | Computer Name = Spirit_of_Yale | Source = PC-Doctor | ID = 1
Description = (7972) Asapi: (14:00:00:5040)(7972) Asapi.State - Error -- 123 Plugin
 S3LogPusher.dll failed to load. 
 
Error - 22.03.2013 12:42:18 | Computer Name = Spirit_of_Yale | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 19.0.2.4814,
 Zeitstempel: 0x5138a1d3  Name des fehlerhaften Moduls: xul.dll, Version: 19.0.2.4814,
 Zeitstempel: 0x5138a0ed  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00172818  ID des fehlerhaften
 Prozesses: 0x208c  Startzeit der fehlerhaften Anwendung: 0x01ce2715deb39021  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\firefox.exe  Pfad 
des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\xul.dll  Berichtskennung:
 7504790c-930f-11e2-ac2b-bc0543033679
 
[ Dell Events ]
Error - 31.07.2012 17:43:11 | Computer Name = Spirit_of_Yale | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
[ System Events ]
Error - 28.03.2013 13:40:46 | Computer Name = Spirit_of_Yale | Source = Service Control Manager | ID = 7034
Description = Dienst "Office File und" wurde unerwartet beendet. Dies ist bereits
 1 Mal passiert.
 
Error - 28.03.2013 14:47:26 | Computer Name = Spirit_of_Yale | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst SftService erreicht.
 
Error - 28.03.2013 14:52:00 | Computer Name = Spirit_of_Yale | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst SftService erreicht.
 
Error - 28.03.2013 14:52:30 | Computer Name = Spirit_of_Yale | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst SftService erreicht.
 
Error - 29.03.2013 05:28:39 | Computer Name = Spirit_of_Yale | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst SftService erreicht.
 
Error - 29.03.2013 06:46:03 | Computer Name = Spirit_of_Yale | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst SftService erreicht.
 
Error - 29.03.2013 06:46:33 | Computer Name = Spirit_of_Yale | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst SftService erreicht.
 
Error - 29.03.2013 10:54:40 | Computer Name = Spirit_of_Yale | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR6 gefunden.
 
Error - 30.03.2013 08:10:18 | Computer Name = Spirit_of_Yale | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst SftService erreicht.
 
Error - 30.03.2013 08:10:48 | Computer Name = Spirit_of_Yale | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst SftService erreicht.
 
 
< End of report >
         
--- --- ---

Alt 01.04.2013, 12:20   #5
t'john
/// Helfer-Team
 
Unregelmäßige Weiterleitung beim Surfen auf eine bestimmte Seite - Standard

Unregelmäßige Weiterleitung beim Surfen auf eine bestimmte Seite



Fixen mit OTL

  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.
Code:
ATTFilter
:OTL

O4:64bit: - HKLM..\Run: [Ocs_SM] C:\Users\Silberfuchs\AppData\Roaming\OCS\SM\SearchAnonymizer.exe File not found 
[2012.07.30 13:16:20 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe 
[2013.03.22 19:37:45 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job 
IE - HKU\S-1-5-21-1798081178-2521576082-293984026-1000\..\SearchScopes\{F1342FA3-538D-435E-A0DF-E4CD01D1689F}: "URL" = http://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=9c3797a1-5c80-4ed8-8e7c-3d5daecd291d&pid=proxtubede&mode=bounce&k=0 
IE - HKU\S-1-5-21-1798081178-2521576082-293984026-1000\..\SearchScopes\{D70DDA23-9F7B-431F-BD31-E9BAB061F8D4}: "URL" = http://www.google.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E676F6F676C652E636F6D2F7365617263683F713D7B7365617263685465726D737D26616D703B736F7572636569643D69653726616D703B726C733D636F6D2E6D6963726F736F66743A7B6C616E67756167657D3A7B72656665727265723A736F757263657D26616D703B69653D7B696E707574456E636F64696E673F7D266F653D7B6F7574707574456E636F64696E673F7D&st={searchTerms}&clid=9c3797a1-5c80-4ed8-8e7c-3d5daecd291d&pid=proxtubede&k=0 
IE - HKU\S-1-5-21-1798081178-2521576082-293984026-1000\..\SearchScopes\{9290ABAB-8357-454A-AF21-F3AF24C4C031}: "URL" = http://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=9c3797a1-5c80-4ed8-8e7c-3d5daecd291d&pid=proxtubede&mode=bounce&k=0 
IE - HKU\S-1-5-21-1798081178-2521576082-293984026-1000\..\SearchScopes\{84B8DBDE-1B58-4F95-99A8-53E4515511E0}: "URL" = http://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=9c3797a1-5c80-4ed8-8e7c-3d5daecd291d&pid=proxtubede&mode=bounce&k=0 
File not found (No name found) -- C:\Users\SILBERFUCHS\APPDATA\Roaming\MOZILLA\FIREFOX\PROFILES\RRS5N319.DEFAULT\EXTENSIONS\FIREJUMP@FIREJUMP.NET 
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation) 
O4 - HKU\S-1-5-21-1798081178-2521576082-293984026-1000..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe () 

:Files 
C:\ProgramData\*.exe
C:\ProgramData\*.dll
C:\ProgramData\*.tmp
C:\ProgramData\TEMP
C:\Users\Silberfuchs\*.tmp
C:\Users\Silberfuchs\AppData\*.dll
C:\Users\Silberfuchs\AppData\*.exe
C:\Users\Silberfuchs\AppData\Local\Temp\*.exe
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache
ipconfig /flushdns /c
:Commands
[emptytemp]
         
  • Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
  • Schließe bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread



dann:

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


__________________
Mfg, t'john
Das TB unterstützen

Alt 01.04.2013, 13:57   #6
Tro70
 
Unregelmäßige Weiterleitung beim Surfen auf eine bestimmte Seite - Standard

Unregelmäßige Weiterleitung beim Surfen auf eine bestimmte Seite



Hallo t'john,

danke für die Antwort. Den Fix per OTL habe ich durchgeführt und anschließend das JRT-Tool aufgerufen. Anschließend habe ich das System sicherheitshalber nochmal neu gestartet.

Leider erfolgt immer noch dieselbe automatische Weiterleitung, wenn ich auf die Seite gehe, teilweise komme ich erst im 3. Anlauf wirklich auf die gewünschte Seite.

Das Log vom JRT:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.7.8 (03.31.2013:1)
OS: Windows 7 Home Premium x64
Ran by Silberfuchs on 01.04.2013 at 14:39:17,94
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\eula.1028.txt
Successfully deleted: [File] C:\eula.1031.txt
Successfully deleted: [File] C:\eula.1033.txt
Successfully deleted: [File] C:\eula.1036.txt
Successfully deleted: [File] C:\eula.1040.txt
Successfully deleted: [File] C:\eula.1041.txt
Successfully deleted: [File] C:\eula.1042.txt
Successfully deleted: [File] C:\eula.2052.txt
Successfully deleted: [File] C:\install.res.1028.dll
Successfully deleted: [File] C:\install.res.1031.dll
Successfully deleted: [File] C:\install.res.1033.dll
Successfully deleted: [File] C:\install.res.1036.dll
Successfully deleted: [File] C:\install.res.1040.dll
Successfully deleted: [File] C:\install.res.1041.dll
Successfully deleted: [File] C:\install.res.1042.dll
Successfully deleted: [File] C:\install.res.2052.dll
Successfully deleted: [File] C:\install.res.3082.dll



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{FF7F5CCB-210D-405C-9A59-5937B05791CD}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{FF653699-3DFD-4BF4-9AB9-08D5EC9024AD}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{FF5ACE7D-A9AF-4AFF-AD37-48C68D24AA6F}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{FEDC4177-266C-4AC3-8484-A57B031741E6}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{FECA070E-D3D0-47D3-9FF7-5FA1E3291D50}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{FE7F87C3-15C5-4717-AA1A-BCD9E5BB9757}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{FD1A6AA9-AB9B-4179-BDFC-E303A64C2B2F}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{FCCDC564-FD8B-4C32-8CF3-9D7E086E8620}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{FC07C4DA-8E15-44D8-9CAC-B03AE569630C}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{FAB1CD08-9F75-4649-A94E-4B3B253E991F}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{F9D040A7-5989-4151-AC31-5F827B8D26C0}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{F88EDFF8-26EB-4D02-8654-FF4146CAEB4B}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{F5FC7737-7628-4B74-9955-CB2337E2EB73}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{F4966B49-EE19-433B-9750-76E32A3A9120}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{F42EB124-E422-467D-BFF3-67C2CB72D538}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{F1CCDC0F-BC6F-429E-90C2-27FD6EEEF316}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{F133D001-3DA8-4F3A-80BF-865FE8553612}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{F033D9FF-D59F-43A3-9CD0-03C051A7E40B}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{EDA2DC97-6F60-4CC6-A36D-BF8D96F379D7}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{ECB15B7F-A99B-48BB-A9FE-6D3F98AFD625}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{EB2C7A98-BBE7-4408-A6ED-204CB6962576}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{EA0A5B4E-D34E-419F-935D-29060D6B42DC}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{E760B812-7E65-441B-AFF0-E15774953A21}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{E6D2CAEE-74DD-4551-ABDD-8173008B4F91}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{E691AF9C-4C87-467E-AC0E-2902695B9CE8}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{E656CAB8-89B9-4D42-A368-ECC78F2A1DB6}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{E62C67B9-C1F6-4D21-8A35-5C2C6E23C056}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{E60FEC08-AC81-496A-9CB7-1BC337E9625E}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{E5A86B08-108F-4E6E-8A21-CC6D0C44E20E}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{E59EE1AA-0AF2-4855-8327-288F4ADB22CA}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{E540C12C-5CE4-4DE2-8E61-90434D753B82}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{E491048B-3EB9-417C-8931-1316148403F0}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{E3CAE312-3DBC-4F06-A257-4ED5A4DF8C43}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{E2784471-CA11-415A-A92A-E98D459D0CAC}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{E0BC0A14-6C51-43CA-9F80-65F5CB6A6169}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{DF4FC118-6444-4862-952E-C731C883B51F}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{DF4DAC50-8719-44AD-B217-5C8D597FFEE1}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{DA3F27AE-99AE-4B14-AC16-8DE296F5CD29}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{DA203C90-01F9-4B47-97AE-56CA24BC2AE0}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{D93268F9-5685-451F-8CB3-A10D81783516}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{D85947DD-8CB0-4AAC-9FE4-2C2443BB09BB}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{D84FE02D-D333-4E3D-A232-4ABB98AF5F8E}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{D80C79AF-DE32-47B8-B21D-578A1DAA070F}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{D6C72C8B-89B8-484D-B346-2B5E4D71260F}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{D64A1C85-082B-43C3-B451-A9FEA98EA6A2}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{D52C3BF8-DCF7-46F4-8389-90D92D3A56CC}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{D4498586-7050-4BCD-8CC4-E9656537ACC9}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{D1EB0EBA-0EC9-4D4A-BE39-F64A1F8A12D7}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{D1AEEECD-9BF3-4A0B-BEAB-07B76669419D}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{D01ED0F8-B333-410A-9531-0D6CFF4D8106}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{CF5821CC-E9A8-48FC-B3DF-DC39C83C67A4}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{CD4CBE12-AE9D-48E1-9125-98597507694C}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{CD4763C2-A6C5-4DB0-A057-D69D71F5FE97}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{CCD52670-8FC0-4846-8F0E-40ED5145DB62}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{CC6E9C81-A70B-4414-9E57-FF9D3A890252}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{CB44A8EF-4C13-44A5-8D6A-A691E84EE9D7}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{C86E8934-63BC-4CB4-B39A-4C983432EDF3}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{C600572B-3774-4245-B1EE-217C297415EC}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{C5E0B304-B092-4529-B81B-A49D05168B03}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{C53681F4-4684-47D0-B7BA-61026C437982}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{C43B44A6-EB3E-431D-8F4A-4C035C48C607}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{C3A21F68-0339-4C44-8A93-DD9F14305E7D}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{C35688DD-E011-4260-BCE5-65BD210E2072}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{C25BF0CD-2D1F-4C79-AB15-9D063663A494}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{C1F7FB0D-F668-433A-84D7-002AB2DE1B60}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{C17F756B-3DDA-4BF5-9F1D-0004EC80C309}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{C09D58FE-95FA-4713-8CCB-15934A8EF5F3}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{BF828A23-FFE8-4197-B9EC-E6CA357D8F84}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{BEB5FFC2-C5BF-4D81-A69B-3A0A260DCD86}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{BE8F5604-6C00-4F56-949B-B23851FDF70E}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{BD25DDC3-7454-4759-94B3-70268E610B32}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{BD21A265-62EC-49B2-A466-17CB2347C5A8}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{BBA5ED8A-7575-4E65-B3E8-9BA576074599}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{B98E01C8-BE12-4ED2-A37A-BA6687163ED1}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{B9243029-02A6-4710-9D91-1CA1C4FD2139}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{B8DBF485-669B-4A2D-A874-68DE106E8AB3}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{B843CA96-3F04-40AE-BCBC-8EDE11112EC9}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{B7B67D2C-0C67-4D1E-9345-655849EDF7F9}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{B77E16DC-9E32-43EC-83C8-F225AB70861B}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{B7663355-4022-421F-912E-E56FCBE76FD6}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{B6D446B4-3FD3-4419-9F88-297147289B89}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{B6C102EC-1460-43D3-962E-DE5C93A5A4BF}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{B6B7ADB4-9627-4AD3-9A42-BF76B53586F7}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{B6731ADA-4E73-460F-B082-A85A34F3D214}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{B59E05B6-3817-4605-A697-0F3082A8FB0D}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{B457245B-EFCE-4305-B19D-253F012B556D}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{ACBDEE9C-3268-4FA0-A2A3-6616B825365D}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{AC2DD004-6DD9-4AE8-8477-8BEDA081A3A7}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{AC18D5EF-145B-4535-9934-1AADE5BE198B}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{AA2B3E18-543F-4E25-BB42-493264EAB1FC}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{A93109E7-2CF5-4E69-978B-E16E21ED365F}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{A66A8D55-573E-4352-970E-184A1A39C753}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{A5314343-A595-4906-9F51-169A84BCB548}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{A46234B0-8C12-4CAD-81FA-5CCDF0FB676E}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{A37BDF5A-ADED-4531-941D-61F1A9D55D02}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{A1716804-05ED-4E31-86C5-B9D1F31DB10F}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{A11D6B74-F0A6-4CF4-8831-773311A8A9AA}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{A105A9FC-CA61-45A1-8B9D-13A1E4457F9E}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{9DBF3436-A470-4C77-90BD-46C7D5FBE14A}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{9D23C829-1358-487D-99AA-A47437DA7570}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{9BECCE61-ADDD-45DA-A9FA-33EAE5FD4D07}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{9BAF9F98-BF81-4A28-8771-FD62529F3CED}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{9974C502-BEC0-4746-BBE0-304722C704FC}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{9859F975-FCF0-4CE7-9A0D-8BC431DCE222}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{96ACF938-878F-4B01-856C-22C05B10BE47}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{961139E5-3E5B-4099-9C57-D51EEC9F099E}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{94C8C302-30F8-458D-933F-D75E5061813A}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{94971357-194F-4259-8E72-DFE8B9A7E1A4}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{93F3ACA5-B11C-4D4C-A21D-2F69150422D6}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{92E16489-DE77-47DD-AED8-66E273DAA360}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{929F30A5-9F74-495D-B4CA-647CBB6FE777}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{91ACB812-E14A-4AD3-B7F9-BF5AA3A3E841}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{915BC5C6-80B3-4970-8147-2BE430E840BF}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{907DD782-A05B-42BF-B93B-1EB001737EC0}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{8FC29D0B-C4AF-40D8-B166-280301952344}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{8F35F0FD-670F-40DD-A0ED-DBDFF5AA0AB5}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{8EB06E0F-1978-4E66-A920-36EFD54EE366}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{8DF9D0DB-1D02-40B7-BF9A-0C9F41D9C482}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{8D690A5B-BB55-4FA1-B998-8F7D0728C84C}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{8D3B4770-06E3-4E20-81D4-8AC1BF1695FB}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{8CA93B59-C1C3-40E4-9448-6E8023DB9780}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{8C83A03A-9A60-4938-B1C4-18381C778266}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{8C2C8BA7-0F6D-405F-8FD5-1B7CB66326A6}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{89A6796B-2A1C-408D-89A1-EE5922F77A5C}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{898834B1-E72D-4EBE-BBEA-3F379B8DB6E8}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{8851C703-8797-4682-9EA2-F4F324ABA3E6}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{874FA7F0-CC21-42FE-BC30-D4186D06E875}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{854EAE7F-5E4C-4457-8BF0-2B74232CD6FB}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{84CBA03D-9CB5-4AB4-AADB-62070672B467}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{847B806B-FBEB-4128-9748-43ACF4B20B88}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{83322D16-0286-4414-A6B7-27C3C283AB2B}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{8296F439-8E1E-4270-BEC9-F400C752E972}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{826E8F0D-470A-47E4-A380-FCD32245B730}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{819FE3AE-D7D7-44DF-A5AF-15F1ED10F24A}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{8175472F-1575-45C5-BDD0-4E745293E0D8}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{80BD581E-0282-43C8-A397-1F462F2C86C3}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{80790466-5D43-4D19-ADC3-CEE2B13401E7}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{7DE0C12B-9836-4CAB-B06E-EE9E2E889A77}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{7C1C6046-9069-48E3-BBDA-0667397CD075}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{7BF15CC0-53E9-4762-9CF7-00118901ADCE}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{7B8C23E1-B298-47E3-9445-93F65C5DFBCD}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{7AB4624F-206A-4D4F-976D-AE3432333BA5}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{797BE1CD-6AF4-42C0-A2BB-D7173F8B1CD5}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{78C574BD-39FF-49C9-B1D7-FB24F1A83D50}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{77D0DF63-1187-450B-8E28-DCB01470AF95}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{757484D7-A1DE-46CB-93F0-10061FB08109}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{74ED16C8-AF42-41B6-8613-ADF6AD63A33A}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{72C76C13-EEB6-499E-83CA-660000560111}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{72AED3C7-9874-491A-949D-AAC25D14454C}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{70E055FD-9782-4CCC-BFE9-F9E2301ED29A}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{703C0AAC-45E1-4ABB-A297-EFCCE45650E1}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{6D73D7F0-E3BD-4B42-8FE6-CCBD7BCF89B1}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{6A7C53B1-3F30-4DB3-801C-1734C1AEEB1D}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{6A75E5AA-015F-479E-84CF-6D81D5113A7B}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{6A484E1A-4DA7-4D16-844D-63DB4D05B9A8}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{6A2AF72A-DC8C-4885-B790-834C83CE70DF}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{6A225E2F-F782-488F-9CDD-40E016A6609C}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{67CD2C54-598C-496C-B340-10B4F54268CC}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{667E3539-E6C3-48E0-8A58-A435CC228258}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{632FAA8F-F4B8-45AE-AD85-0A0EB5F43CDB}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{626B851C-8EF0-4A6A-839D-BB18067645A3}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{6251FE25-948E-4BC7-939A-2E5412D0CCD5}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{60CEDDB2-48AA-4A9A-9E6C-A050373C1AF1}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{5C485B28-D625-4DE4-B335-D41778A8584B}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{5B62AB93-362F-4548-8D43-583F657FCD26}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{5AC5BDE1-55A7-4454-B807-7396F910BD1A}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{5A7535D9-85FC-4C67-8F50-447AE40BABCB}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{5888A7C1-2F65-4626-AA52-3116D596C1EF}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{58362825-6C37-4464-8B42-1B09D7B6107F}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{56FAE939-ED5E-49ED-B8BA-159F4E55121B}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{558B73A9-03EB-49A7-B166-F4714CDF2906}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{554DE2F6-DFDD-45D3-A2C9-D716649E2B75}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{552DFD36-4E61-4535-A6D7-6B78D45AD6C5}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{5471E92C-1D75-4BEF-B02D-32D83D57F770}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{5075A854-2077-4FCB-A5B4-5BFF71136CBE}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{4E861D3A-A9EE-4360-BD0F-849C81AF6FED}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{4E444D58-45B6-489F-A284-93C46EEB1861}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{4DC17AE2-8222-4DFE-921D-5C2D1FA2FD04}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{4DA7D5F7-4C8F-4D54-A4C4-0689B96CD903}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{4C604A90-D673-4678-A3DE-81AAA2439181}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{4C582BA7-48A1-4C40-8D2D-70C5466B9630}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{49377EF7-BEDF-4E13-BCA3-155D3C24AFFB}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{48B816BF-29A6-4BBD-A5DA-1212635AC194}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{48768FE7-3D50-4039-B04A-9C7BD0106993}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{46CD0FFE-ECDD-4A37-A3DD-3D8CE408A369}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{4682C245-1E74-4D82-B71E-B91380621626}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{446C4709-C75B-4E29-8001-7104796469AF}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{42AE53D6-55D6-4CE7-A90B-92208A397AD4}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{421C5FAC-8B47-4F4C-92B8-3D61BCA18ED3}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{41E9C1B9-3D81-49A2-8FE1-87A6907B34DD}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{41191330-ABF4-4024-BC2A-7CA1AC379E88}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{4005C11D-EB84-417D-A5D1-A17D5EFF529C}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{3FB6C66E-CD1C-4526-91E3-0DF356A59C59}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{3ED330EE-4C06-4513-947C-AA01C00AD545}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{3E40059F-120A-432E-BC32-627E2B907F02}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{3DB5C356-D8BF-44C4-ABE2-105C738CD377}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{3C013476-A387-4085-A5FF-1D0F98BD7A0D}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{3B477237-693F-4BE7-88D7-4615D0F904E8}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{3B3F6820-AC12-4915-BD65-4DB56724F447}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{3A835C03-A63D-414D-9A76-684E81D0D3B0}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{395CFF6F-8711-454D-9D5A-7FC95921CCF9}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{3907CE62-BBF9-430D-865A-DA9E44B9D5EF}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{38B17876-6363-4043-A92B-5BD15DF93B05}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{3880F7E5-D94F-4CD2-AB4F-529C2CA5D162}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{383EB6EF-5238-4BC1-8C3D-4ECC56828874}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{380BAA7A-32E1-471B-AF19-0193434AE211}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{379E5F9B-1E3B-4C22-8B61-8CF4DB7A44CB}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{37391112-7609-43C2-ADB1-AC375AEB39FB}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{371AE4B0-E45F-4913-9125-842A90350BBF}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{36F4FFAA-D48A-4AB1-8E5C-00CED6BF1F60}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{364EBECF-7308-453A-8E35-BA92F4F5EEFD}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{35777AC7-E7C4-4523-9B30-6E7DE625D5AA}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{356842A9-5662-4F72-A9F2-C563F43BEEB5}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{3501D70B-BDC1-4ECC-8AD1-F55272A7362E}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{34940C7D-5001-461B-AC17-58212A9B4910}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{3456D916-C751-4F0A-9E3A-0328DFCF08F1}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{33FB8C3A-A045-4960-A774-694D37DD1156}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{33C8E003-98F3-46E0-833B-E000BB62F3BF}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{331DB7DE-9F6A-4658-B55D-5E72769DFEFA}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{32A7F27B-F1DE-44EF-991F-D92AEB13E54A}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{2F0D3E86-8274-4645-BA18-D94F8BDCB2F6}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{2EF63579-C24C-4686-A562-53B00CA11166}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{2ECF0714-DD8E-46D1-AD08-52CF4A2DA6C3}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{2E4F51F2-240A-4A29-99A0-7B8A11328B9F}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{2DC19E7B-04CD-4EC5-84D5-31F4372381AD}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{2D62D3E5-69BF-48BE-B6D6-689884AB9F83}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{2A1729F8-8A75-4B7A-A05A-1903B68C05FB}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{29EEE524-AB18-4EDD-A7CA-2CC29FD49082}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{29D58A5B-34FA-42A5-8278-11948BEA1DCD}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{2817E875-00D9-48D8-8EAD-40424E2C2770}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{27156357-5A90-4632-A09B-D7BE768E2FB1}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{24E0C350-7D63-437C-9503-690D3A3E90B1}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{239FF458-3308-4898-80CC-4870DB13A6D9}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{220FF49A-952F-450C-AA04-D46AD911FF38}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{20C7FCCF-79BA-4E69-AD43-BAB1D2D5479B}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{1F043EF0-4512-455F-A5D0-0607A5586662}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{1E652196-F0AA-481A-A2A4-B9B2896E5A1B}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{1DC1B683-FC19-434F-BAEC-2657556BE49B}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{1B911FA1-0627-4ED3-B82D-89F8FBD3BB65}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{1A3B4C77-3D90-4C20-8347-8BF45BDFFDA8}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{18BDBEA2-AE8D-4D33-ACB0-762C9DBF2548}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{171CA482-07BD-4E6B-82DB-1DB75676F22E}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{1713A56E-E1A4-4FAB-B8DF-B0B39A71F6DD}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{13A0D6C3-6562-456E-885F-9F6DF5ECF857}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{138E3996-4045-4111-AB13-FF13312D1205}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{10C56CF5-0E86-4DA9-981B-7A8E565E8CD0}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{10B31CF0-961A-4015-9ACF-90B8944F3192}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{1091EA87-D335-4862-8EA9-4BED8A2D0683}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{104ED59E-4369-4045-96E4-645804D01913}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{0F461ACB-FBFA-4001-B757-A628E6278882}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{0F131D24-FFA0-4269-9631-02145AF35A4F}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{0DF3535E-13A3-4D3D-82BC-123E24951506}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{0C935B97-1762-43F1-8FAC-848F18394363}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{0BA55162-F468-452C-BDEB-00DB427C318C}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{0B765C00-E687-40C2-8BEA-90523424421E}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{0B61522B-D865-4817-AE87-720685757D6E}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{0AE80D7A-6741-476E-AD7A-1DB35487B818}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{0A521375-2FFC-4DB4-83B2-6C9AAFCEE409}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{08E03DEF-750F-4954-9895-B278E8708CF9}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{07334EB1-3C79-464D-8D88-1141A970D03A}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{070B1D2B-DC77-4E8C-8FF4-5E3AB40A4F5F}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{068BC21A-966A-4596-B741-9BDC168D8C9D}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{04BBA787-112E-403E-BB06-DA4FDF250F1F}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{03807A03-D6EC-47B5-AA9F-F5F68088939C}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{02666CF9-3E74-4B2F-93CA-4CBF25D83FF9}
Successfully deleted: [Empty Folder] C:\Users\Silberfuchs\appdata\local\{01E33DCD-295F-413A-8E18-D3B67ABFF3B5}



~~~ FireFox

Emptied folder: C:\Users\Silberfuchs\AppData\Roaming\mozilla\firefox\profiles\rrs5n319.default\minidumps [8 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01.04.2013 at 14:43:49,19
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Alt 01.04.2013, 14:38   #7
t'john
/// Helfer-Team
 
Unregelmäßige Weiterleitung beim Surfen auf eine bestimmte Seite - Standard

Unregelmäßige Weiterleitung beim Surfen auf eine bestimmte Seite



Wo ist das Fix-Log?
__________________
Mfg, t'john
Das TB unterstützen

Alt 01.04.2013, 14:52   #8
Tro70
 
Unregelmäßige Weiterleitung beim Surfen auf eine bestimmte Seite - Standard

Unregelmäßige Weiterleitung beim Surfen auf eine bestimmte Seite



Sorry, hab übersehen, dass ich das auch posten sollte. Hier ist es:


All processes killed
========== OTL ==========
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Ocs_SM deleted successfully.
C:\WINDOWS\MusiccityDownload.exe moved successfully.
C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job moved successfully.
Registry key HKEY_USERS\S-1-5-21-1798081178-2521576082-293984026-1000\Software\Microsoft\Internet Explorer\SearchScopes\{F1342FA3-538D-435E-A0DF-E4CD01D1689F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F1342FA3-538D-435E-A0DF-E4CD01D1689F}\ not found.
Registry key HKEY_USERS\S-1-5-21-1798081178-2521576082-293984026-1000\Software\Microsoft\Internet Explorer\SearchScopes\{D70DDA23-9F7B-431F-BD31-E9BAB061F8D4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D70DDA23-9F7B-431F-BD31-E9BAB061F8D4}\ not found.
Registry key HKEY_USERS\S-1-5-21-1798081178-2521576082-293984026-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9290ABAB-8357-454A-AF21-F3AF24C4C031}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9290ABAB-8357-454A-AF21-F3AF24C4C031}\ not found.
Registry key HKEY_USERS\S-1-5-21-1798081178-2521576082-293984026-1000\Software\Microsoft\Internet Explorer\SearchScopes\{84B8DBDE-1B58-4F95-99A8-53E4515511E0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{84B8DBDE-1B58-4F95-99A8-53E4515511E0}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}\ deleted successfully.
C:\Program Files (x86)\Windows Live\Companion\companioncore.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-1798081178-2521576082-293984026-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Pando Media Booster deleted successfully.
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe moved successfully.
========== FILES ==========
File\Folder C:\ProgramData\*.exe not found.
File\Folder C:\ProgramData\*.dll not found.
File\Folder C:\ProgramData\*.tmp not found.
C:\ProgramData\Temp\{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F} folder moved successfully.
C:\ProgramData\Temp\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8} folder moved successfully.
C:\ProgramData\Temp folder moved successfully.
File\Folder C:\Users\Silberfuchs\*.tmp not found.
File\Folder C:\Users\Silberfuchs\AppData\*.dll not found.
File\Folder C:\Users\Silberfuchs\AppData\*.exe not found.
C:\Users\Silberfuchs\AppData\Local\Temp\ConfigurationWizard.exe moved successfully.
C:\Users\Silberfuchs\AppData\Local\Temp\GoogleToolbarInstaller_en32_signed.exe moved successfully.
C:\Users\Silberfuchs\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe moved successfully.
C:\Users\Silberfuchs\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe moved successfully.
C:\Users\Silberfuchs\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe moved successfully.
C:\Users\Silberfuchs\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe moved successfully.
C:\Users\Silberfuchs\AppData\Local\Temp\MSN7D3C.exe moved successfully.
C:\Users\Silberfuchs\AppData\Local\Temp\nvStInst.exe moved successfully.
C:\Users\Silberfuchs\AppData\Local\Temp\siinst.exe moved successfully.
C:\Users\Silberfuchs\AppData\Local\Temp\SkypeSetup.exe moved successfully.
C:\Users\Silberfuchs\AppData\Local\Temp\vlc-2.0.4-win32.exe moved successfully.
C:\Users\Silberfuchs\AppData\Local\Temp\vlc-2.0.5-win32.exe moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\tmp folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\muffin folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\host folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache\6.0 folder moved successfully.
C:\Users\Silberfuchs\AppData\LocalLow\Sun\Java\Deployment\cache folder moved successfully.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\Silberfuchs\Desktop\cmd.bat deleted successfully.
C:\Users\Silberfuchs\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Silberfuchs
->Temp folder emptied: 849759006 bytes
->Temporary Internet Files folder emptied: 1151234150 bytes
->FireFox cache emptied: 80370957 bytes
->Flash cache emptied: 24652 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 241664 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 148778045 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 40848 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 755 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 1419366 bytes
RecycleBin emptied: 25453104333 bytes

Total Files Cleaned = 26.402,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 04012013_142504

Files\Folders moved on Reboot...
File\Folder C:\Users\Silberfuchs\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\U8FF3WPF\iddle2,Middle3,Bottom,Bottom1,Bottom2,Bottom3,Position1,Position2,x01,x02,x03,x04,x05,x06,x07,x08,x09,x10,x11,x12,x20,x21,x 22,x23,x70,VMiddle2,VMiddle,VRight,Spezial[1].js not found!
File\Folder C:\Users\Silberfuchs\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3MNMDHO5\iddle2,Middle3,Bottom,Bottom1,Bottom2,Bottom3,Position1,Position2,x01,x02,x03,x04,x05,x06,x07,x08,x09,x10,x11,x12,x20,x21,x 22,x23,x70,VMiddle2,VMiddle,VRight,Spezial[1].js not found!
File\Folder C:\Users\Silberfuchs\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3MNMDHO5\iddle2,Middle3,Bottom,Bottom1,Bottom2,Bottom3,Position1,Position2,x01,x02,x03,x04,x05,x06,x07,x08,x09,x10,x11,x12,x20,x21,x 22,x23,x70,VMiddle2,VMiddle,VRight,Spezial[2].js not found!
File\Folder C:\Users\Silberfuchs\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3MNMDHO5\iddle2,Middle3,Bottom,Bottom1,Bottom2,Bottom3,Position1,Position2,x01,x02,x03,x04,x05,x06,x07,x08,x09,x10,x11,x12,x20,x21,x 22,x23,x70,VMiddle2,VMiddle,VRight,Spezial[3].js not found!
File\Folder C:\Users\Silberfuchs\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3MNMDHO5\iddle2,Middle3,Bottom,Bottom1,Bottom2,Bottom3,Position1,Position2,x01,x02,x03,x04,x05,x06,x07,x08,x09,x10,x11,x12,x20,x21,x 22,x23,x70,VMiddle2,VMiddle,VRight,Spezial[4].js not found!
File\Folder C:\Users\Silberfuchs\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\2XV18BSL\iddle2,Middle3,Bottom,Bottom1,Bottom2,Bottom3,Position1,Position2,x01,x02,x03,x04,x05,x06,x07,x08,x09,x10,x11,x12,x20,x21,x 22,x23,x70,VMiddle2,VMiddle,VRight,Spezial[1].js not found!
File\Folder C:\Users\Silberfuchs\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\2XV18BSL\iddle2,Middle3,Bottom,Bottom1,Bottom2,Bottom3,Position1,Position2,x01,x02,x03,x04,x05,x06,x07,x08,x09,x10,x11,x12,x20,x21,x 22,x23,x70,VMiddle2,VMiddle,VRight,Spezial[2].js not found!
File\Folder C:\Users\Silberfuchs\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\2XV18BSL\iddle2,Middle3,Bottom,Bottom1,Bottom2,Bottom3,Position1,Position2,x01,x02,x03,x04,x05,x06,x07,x08,x09,x10,x11,x12,x20,x21,x 22,x23,x70,VMiddle2,VMiddle,VRight,Spezial[3].js not found!
C:\Users\Silberfuchs\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Silberfuchs\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Alt 01.04.2013, 19:32   #9
t'john
/// Helfer-Team
 
Unregelmäßige Weiterleitung beim Surfen auf eine bestimmte Seite - Standard

Unregelmäßige Weiterleitung beim Surfen auf eine bestimmte Seite



Problem immer noch vorhadnen?

Welche Browser sind betroffen?
__________________
Mfg, t'john
Das TB unterstützen

Alt 01.04.2013, 20:09   #10
Tro70
 
Unregelmäßige Weiterleitung beim Surfen auf eine bestimmte Seite - Standard

Unregelmäßige Weiterleitung beim Surfen auf eine bestimmte Seite



Hallo t'john,

ja, das Problem ist leider immer noch vorhanden, dafür ist nun aber schonmal diese merkwürdige Anonymisierungs-Zwischenschaltung weg, die ich seit einer Weile hatte.

Ich hab es ausprobiert mit IE 9, dann IE 9 deinstalliert, unter IE 8 gleiches Problem. Dann IE 10 installiert, gleiches Problem. Firefox funktioniert einwandfrei, ohne Weiterleitung, Stand ist da 19.0.2.

Ich habe die Weiterleitung nur auf der einen Seite und auch da nicht immer, sondern so 50% der Fälle.

Alt 01.04.2013, 20:31   #11
t'john
/// Helfer-Team
 
Unregelmäßige Weiterleitung beim Surfen auf eine bestimmte Seite - Standard

Unregelmäßige Weiterleitung beim Surfen auf eine bestimmte Seite



Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).



dann

Bitte lade dir ZOEK auf deinen Desktop und starte es.
Falls ihre virenscanner reklamiert kannst du das ignorieren, unsere tools werden öfter falsch angezeigt.
  • Klicke auf Options
  • Hake an: Firefox Look
  • Hake an: Chrome Look
  • Hake an: Auto Clean
  • Klicke auf Run Script und warte bis das Programm durchgelaufen ist.
  • Am Ende erstellt es ein Logfile (auch hier: c:\zoek-results.txt)
Poste mir dieses Logfile.
__________________
Mfg, t'john
Das TB unterstützen

Alt 02.04.2013, 12:57   #12
Tro70
 
Unregelmäßige Weiterleitung beim Surfen auf eine bestimmte Seite - Standard

Unregelmäßige Weiterleitung beim Surfen auf eine bestimmte Seite



Das Log vom AdwCleaner:AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v2.115 - Datei am 02/04/2013 um 13:43:46 erstellt
# Aktualisiert am 17/03/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Silberfuchs - SPIRIT_OF_YALE
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Silberfuchs\Desktop\AdwCleaner2115.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16521

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v19.0.2 (de)

Datei : C:\Users\Silberfuchs\AppData\Roaming\Mozilla\Firefox\Profiles\rrs5n319.default\prefs.js

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [2424 octets] - [29/03/2013 12:41:01]
AdwCleaner[R2].txt - [2473 octets] - [29/03/2013 12:43:16]
AdwCleaner[R3].txt - [1118 octets] - [29/03/2013 18:25:05]
AdwCleaner[R4].txt - [932 octets] - [02/04/2013 13:43:46]
AdwCleaner[S1].txt - [425 octets] - [29/03/2013 12:41:47]
AdwCleaner[S2].txt - [2557 octets] - [29/03/2013 12:43:35]

########## EOF - C:\AdwCleaner[R4].txt - [1110 octets] ##########
         
--- --- ---

Das Log von ZOEK:

Zoek.exe Version 4.0.0.2 Updated 31-03-2013
Tool run by Silberfuchs on 02.04.2013 at 13:46:30,47.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Files \ Folders ======================

"C:\ProgramData\A7150A47DA.sys" deleted

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

==== Firefox Plugins ======================

Profilepath: C:\Users\Silberfuchs\AppData\Roaming\Mozilla\Firefox\Profiles\rrs5n319.default
D4BD9F86123C87ECA570418B69326F99 - C:\Windows\SysWOW64\npdeployJava1.dll - Java Deployment Toolkit 7.0.170.2
47299371607DC2FB234444EEACB1639E - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll - Shockwave Flash
FEF9ECECFA177AEC0F7564A08394D2C8 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit)
0ABF093757E9C827E30EC652868E5FAC - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit)
06E140A567B8DC7900173197FD059EE5 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit)
558270B968CB82196CB8D045D13B0FF6 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin
555E65306A5D3A5978BE74E1DD62CDD9 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll - RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)
E32771B0AE3F18CEFFC12D682025238A - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll - RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
aakchaleigkohafkfjfjbblobjifikek - C:\Users\Silberfuchs\AppData\LocalLow\proxtube\CHROME\proxtube.crx[19.04.2012 15:10]
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[29.11.2012 21:35]
nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[12.12.2011 15:13]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{4AE3731B-D905-4C59-9CA5-31897F800B14}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"
{49606DC7-976D-4030-A74E-9FB5C842FA68} Unknown Url="Not_Found"
{4AE3731B-D905-4C59-9CA5-31897F800B14} Google Url="hxxp://www.google.com/search?q={searchTerms}&amp;sourceid=ie7&amp;rls=com.microsoft:{language}:{referrer:source}&amp;ie={inputEncoding?}&oe={outputEncoding?}"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1798081178-2521576082-293984026-1000\Software\Microsoft\Internet Explorer\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Silberfuchs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Silberfuchs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6U704WV3 will be deleted at reboot
C:\Users\Silberfuchs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RVHRG2O6 will be deleted at reboot

==== Empty FireFox Cache ======================

C:\users\Silberfuchs\AppData\Local\Mozilla\Firefox\Profiles\rrs5n319.default\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

After Reboot

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\SILBER~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Silberfuchs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6U704WV3" not found
"C:\Users\Silberfuchs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RVHRG2O6" not found

Hab es gerade nochmal ausprobiert, die Weiterleitung ist irgendwie immer noch aktiv, ich begreif es nicht ...

Alt 02.04.2013, 14:40   #13
t'john
/// Helfer-Team
 
Unregelmäßige Weiterleitung beim Surfen auf eine bestimmte Seite - Standard

Unregelmäßige Weiterleitung beim Surfen auf eine bestimmte Seite



Neustarten.

Kommt die weiterleitung nur auf einer bestimmten Seite, oder auch wenn du auf z.b. spiegel.de surfst?
__________________
Mfg, t'john
Das TB unterstützen

Alt 02.04.2013, 16:43   #14
Tro70
 
Unregelmäßige Weiterleitung beim Surfen auf eine bestimmte Seite - Standard

Unregelmäßige Weiterleitung beim Surfen auf eine bestimmte Seite



Hab nochmal neu gebootet, unverändert.

Ich hab gerade verschiedene Seiten ausprobiert. Chatcity macht Probleme, Amazon läuft, Spiegel läuft. Interessanterweise hatte ich nun auch Probleme auf Ebay.de, da sind mir bislang keine Weiterleitungen aufgefallen, obwohl ich in den letzten Tagen oft auf der Seite unterwegs war, könnte also neu hinzugekommen sein.

Alt 03.04.2013, 08:41   #15
t'john
/// Helfer-Team
 
Unregelmäßige Weiterleitung beim Surfen auf eine bestimmte Seite - Standard

Unregelmäßige Weiterleitung beim Surfen auf eine bestimmte Seite



Gut, dann ma ein frisches OTL-Log


Systemscan mit OTL (bebilderte Anleitung)

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden)- Doppelklick auf die OTL.exe

  • Vista und Win7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Wähle Scanne Alle Benuzer
  • Oben findest Du ein Kästchen mit Ausgabe. Wähle bitte Minimale Ausgabe
  • Unter Extra Registrierung, wähle bitte Benutze SafeList
  • Klicke nun auf Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________
Mfg, t'john
Das TB unterstützen

Antwort

Themen zu Unregelmäßige Weiterleitung beim Surfen auf eine bestimmte Seite
adresse, aktuell, andere, anderer, bestimmte, betriebssystem, explorer, fund, interne, internet, internet explorer, kurzzeitig, liefert, link, problem, probleme, seite, surfe, surfen, unregelmäßige, versuche, weitergeleitet, weiterhelfen, weiterleitung, win



Ähnliche Themen: Unregelmäßige Weiterleitung beim Surfen auf eine bestimmte Seite


  1. Windows 7: Öffnet beim Anklicken in Firefox eine zusätzliche Web-Seite mit Werbung
    Log-Analyse und Auswertung - 20.07.2015 (3)
  2. Win Vista: Eine bestimmte Seite lädt nicht (alle Browser)
    Plagegeister aller Art und deren Bekämpfung - 01.10.2014 (20)
  3. Internet-Browser zeigt beim Start automatisch eine Survey-Seite
    Plagegeister aller Art und deren Bekämpfung - 30.12.2013 (3)
  4. Chrome öffnet beim Surfen automatisch neue Seite http://static.icmapp.com/
    Plagegeister aller Art und deren Bekämpfung - 10.12.2013 (11)
  5. Chrome öffnet beim Surfen automatisch neue Seite http://static.icmapp.com/
    Plagegeister aller Art und deren Bekämpfung - 18.11.2013 (7)
  6. Eine bestimmte Internet Seite kann nicht geöffnet werden (Server nicht gefunden) am vorherigen PC gings über Ausnahmeregel
    Alles rund um Windows - 30.05.2013 (3)
  7. Bestimmte Seite nicht erreichbar Netzwerküberschreitung
    Netzwerk und Hardware - 30.09.2012 (3)
  8. Bestimmte Seite.
    Alles rund um Windows - 17.09.2012 (6)
  9. Google Suche - Klick auf homepage - Weiterleitung über mehrere Seiten auf eine falsche Seite
    Plagegeister aller Art und deren Bekämpfung - 28.08.2012 (23)
  10. Beim Surfen öffnete ein Pop-Up automatisch eine PDF-Datei: Virusmeldung
    Log-Analyse und Auswertung - 29.09.2011 (14)
  11. Firefox startet immer bestimmte Seite
    Plagegeister aller Art und deren Bekämpfung - 05.06.2011 (37)
  12. Kann bestimmte seite nicht öffnen...Virus?...Trojaner?
    Log-Analyse und Auswertung - 19.10.2010 (8)
  13. Probleme beim Pc-Start, unregelmäßige Abstürze des Systems
    Log-Analyse und Auswertung - 01.08.2010 (8)
  14. fremde seite öffnet sich In Mozilla firefox beim Surfen.
    Plagegeister aller Art und deren Bekämpfung - 25.07.2010 (37)
  15. Beim surfen plötzlich eine Virenmeldung von Firefox
    Log-Analyse und Auswertung - 22.10.2009 (8)
  16. Blue-Screen nach Weiterleitung auf eine verdächtige Seite
    Log-Analyse und Auswertung - 09.02.2009 (0)
  17. Bestimmte Seite mit Adobe Reader öffnen
    Alles rund um Windows - 04.03.2006 (5)

Zum Thema Unregelmäßige Weiterleitung beim Surfen auf eine bestimmte Seite - Hallo, ich habe ein Problem mit dem Internet Explorer 9 (Betriebssystem Win 7 64), wenn ich auf eine bestimmte Seite (www.chatcity.de) gehe: Bei ca. einem von drei Versuchen werde ich - Unregelmäßige Weiterleitung beim Surfen auf eine bestimmte Seite...
Archiv
Du betrachtest: Unregelmäßige Weiterleitung beim Surfen auf eine bestimmte Seite auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.