| SuppiSuppenh | 06.05.2013 22:01 |
Verzeiht bitte meine Naivität.
Ich dachte ein Scan schadet nichts ....
Dennoch hier die Ergebnisse aus OTL:
OTL.Txt Code:
OTL logfile created on: 06.05.2013 22:39:18 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Bla\Desktop\TrojanerBoard
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,03 Gb Available Physical Memory | 50,77% Memory free
7,99 Gb Paging File | 5,85 Gb Available in Paging File | 73,22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 144,04 Gb Total Space | 34,82 Gb Free Space | 24,17% Space Free | Partition Type: NTFS
Drive D: | 137,50 Gb Total Space | 22,54 Gb Free Space | 16,39% Space Free | Partition Type: NTFS
Drive E: | 1,75 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: BlaS-NOTEBOOK | User Name: Bla | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.05.06 17:14:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Bla\Desktop\TrojanerBoard\OTL.exe
PRC - [2013.04.23 13:48:20 | 000,844,144 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2013.04.23 13:48:16 | 000,311,152 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2013.04.23 13:48:12 | 001,561,968 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
PRC - [2013.04.12 11:49:53 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013.04.08 18:44:12 | 001,320,496 | ---- | M] (pdfforge GmbH) -- C:\Program Files (x86)\PDF Architect\HelperService.exe
PRC - [2013.04.08 18:43:36 | 000,799,280 | ---- | M] (pdfforge GmbH) -- C:\Program Files (x86)\PDF Architect\ConversionService.exe
PRC - [2013.03.12 09:05:50 | 029,106,336 | ---- | M] (Dropbox, Inc.) -- C:\Users\Bla\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012.12.24 05:33:29 | 000,144,520 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\ccSvcHst.exe
PRC - [2012.12.18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.09.24 16:05:36 | 000,581,496 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-Agent.exe
PRC - [2012.09.24 16:05:00 | 000,384,888 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
PRC - [2012.08.19 04:03:20 | 000,143,928 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Family\Engine\2.6.0.73\ccSvcHst.exe
PRC - [2012.07.16 16:31:32 | 007,445,416 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
PRC - [2012.07.16 16:31:32 | 002,673,064 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012.07.16 16:22:42 | 000,106,408 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe
PRC - [2011.10.14 08:01:50 | 000,994,360 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe
PRC - [2011.10.14 08:01:48 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\sua.exe
PRC - [2011.10.14 08:01:46 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
PRC - [2011.08.12 17:13:26 | 000,087,040 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2010.02.06 22:12:48 | 000,053,760 | ---- | M] () -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\Plugins\Helper\AlSrvN.exe
PRC - [2010.01.18 15:05:36 | 000,181,480 | ---- | M] (Acer Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
PRC - [2009.12.15 20:11:48 | 001,115,728 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2009.06.04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
========== Modules (No Company Name) ==========
MOD - [2013.04.12 11:49:53 | 003,133,336 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013.02.13 17:57:25 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7d8f6866864f78cf83d3701641c46178\System.ServiceProcess.ni.dll
MOD - [2013.01.11 12:15:28 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\07753c0a8ed7f9bc61b0ee718f3c779d\System.Runtime.Remoting.ni.dll
MOD - [2013.01.11 12:14:30 | 001,812,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\40c7a89fe2cbf3c12a2c39e034da54cf\System.Xaml.ni.dll
MOD - [2013.01.10 00:30:08 | 018,022,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\b8e60f81fd56934c9f9da7b15bee3376\PresentationFramework.ni.dll
MOD - [2013.01.10 00:29:51 | 011,522,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\932901ff0ad5e365ffbe705d7459a37e\PresentationCore.ni.dll
MOD - [2013.01.10 00:29:48 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\7cd4aa51f6e6b9330b8f50bba8bb62c6\System.Configuration.ni.dll
MOD - [2013.01.10 00:29:47 | 007,070,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\b519f42484e1d488662a9a8a87cb8849\System.Core.ni.dll
MOD - [2013.01.10 00:29:39 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fc476bbac36944e352c2f547352ffa64\System.Xml.ni.dll
MOD - [2013.01.10 00:29:39 | 003,883,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\8abaedf6aecb073b22f8801aa0b8babf\WindowsBase.ni.dll
MOD - [2013.01.10 00:29:34 | 009,095,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f93dca0e4baa1dcb37cf75392b7c89da\System.ni.dll
MOD - [2013.01.10 00:29:25 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\6a1ccc1e1a79ce267d3d1808af382cd6\mscorlib.ni.dll
MOD - [2012.12.12 07:32:26 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2012.10.05 12:53:24 | 003,198,976 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2012.10.05 12:53:24 | 000,630,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2012.08.31 12:59:19 | 004,550,656 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
MOD - [2012.05.30 08:51:08 | 000,699,280 | R--- | M] () -- C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\20.3.1.22\wincfi39.dll
MOD - [2011.12.25 22:42:15 | 005,255,168 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
MOD - [2010.11.13 02:08:41 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.11.05 03:58:50 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2010.11.05 03:58:14 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2010.11.05 03:58:10 | 000,114,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
MOD - [2010.11.05 03:58:04 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2010.02.06 22:12:48 | 000,053,760 | ---- | M] () -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\Plugins\Helper\AlSrvN.exe
MOD - [2009.06.10 23:22:40 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
========== Services (SafeList) ==========
SRV:64bit: - [2009.06.03 02:13:02 | 000,721,712 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vfsFPService.exe -- (vfsFPService)
SRV - [2013.04.17 20:48:07 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.04.12 11:49:53 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.04.08 18:44:12 | 001,320,496 | ---- | M] (pdfforge GmbH) [Auto | Running] -- C:\Program Files (x86)\PDF Architect\HelperService.exe -- (PDF Architect Helper Service)
SRV - [2013.04.08 18:43:36 | 000,799,280 | ---- | M] (pdfforge GmbH) [Auto | Running] -- C:\Program Files (x86)\PDF Architect\ConversionService.exe -- (PDF Architect Service)
SRV - [2013.01.27 10:04:34 | 000,183,264 | ---- | M] (Soluto) [Auto | Running] -- C:\Programme\Soluto\SolutoLauncherService.exe -- (SolutoLauncherService)
SRV - [2013.01.27 10:04:32 | 000,553,440 | ---- | M] (Soluto) [Auto | Running] -- C:\Programme\Soluto\SolutoService.exe -- (SolutoService)
SRV - [2013.01.27 10:00:18 | 001,239,552 | ---- | M] (Soluto) [On_Demand | Stopped] -- C:\Programme\Soluto\SolutoRemoteService.exe -- (SolutoRemoteService)
SRV - [2013.01.08 13:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [On_Demand | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.12.24 05:33:29 | 000,144,520 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\ccSvcHst.exe -- (NIS)
SRV - [2012.12.18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.12.17 15:46:50 | 000,137,488 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2012.09.24 16:05:00 | 000,384,888 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc)
SRV - [2012.09.24 16:04:32 | 000,393,080 | ---- | M] (BlueStack Systems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc)
SRV - [2012.08.19 04:03:20 | 000,143,928 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Family\Engine\2.6.0.73\ccSvcHst.exe -- (NSM)
SRV - [2012.07.16 16:31:32 | 002,673,064 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012.06.25 16:06:30 | 003,325,232 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV - [2012.06.25 16:06:08 | 000,272,688 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV - [2012.06.25 16:05:54 | 000,628,016 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2012.06.25 16:05:28 | 000,149,296 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2012.04.23 17:23:28 | 000,135,952 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV - [2012.03.15 07:09:20 | 000,659,976 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV - [2011.10.15 10:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.10.14 08:01:50 | 000,994,360 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2011.10.14 08:01:48 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2011.09.10 11:43:18 | 000,018,432 | ---- | M] (Apache Software Foundation) [On_Demand | Stopped] -- D:\Werkzeuge\xampp\apache\bin\httpd.exe -- (Apache2.2)
SRV - [2011.08.12 17:13:26 | 000,087,040 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2010.05.18 15:13:58 | 000,935,208 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.10 10:43:34 | 000,506,880 | ---- | M] (AVerMedia Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\SnugTV\SnugTV Station\AMAServer.exe -- (SnugTV Service)
SRV - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Stopped] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009.12.03 13:14:06 | 000,169,472 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe -- (AVerUpdateServer)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.06.04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON)
SRV - [2009.06.03 02:12:50 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vfsFPService.exe -- (vfsFPService)
SRV - [2009.04.09 11:49:30 | 000,344,064 | ---- | M] (AVerMedia) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe -- (AVerRemote)
SRV - [2009.03.01 03:55:52 | 000,071,832 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- D:\Werkzeuge\SiSoftware Sandra Business 2013.SP2\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV - [2008.12.10 18:01:50 | 000,405,504 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe -- (AVerScheduleService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013.04.03 09:58:18 | 000,203,672 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2013.04.03 09:58:18 | 000,103,064 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013.02.12 06:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2013.01.31 05:18:18 | 000,432,800 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symnets.sys -- (SymNetS)
DRV:64bit: - [2013.01.31 05:18:06 | 001,139,800 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symefa64.sys -- (SymEFA)
DRV:64bit: - [2013.01.29 03:45:19 | 000,796,248 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1403010.016\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2013.01.29 03:45:19 | 000,036,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1403010.016\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2013.01.27 09:59:58 | 000,054,728 | ---- | M] (Soluto LTD.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Soluto.sys -- (Soluto)
DRV:64bit: - [2013.01.22 04:15:33 | 000,493,656 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symds64.sys -- (SymDS)
DRV:64bit: - [2012.12.19 15:47:20 | 000,132,008 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2012.12.01 14:01:01 | 000,175,928 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2012.12.01 14:00:11 | 000,019,304 | ---- | M] (GARMIN Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\grmnusb.sys -- (grmnusb)
DRV:64bit: - [2012.12.01 13:58:51 | 000,647,736 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012.12.01 13:58:51 | 000,028,216 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
DRV:64bit: - [2012.11.16 04:22:01 | 000,224,416 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1403010.016\ironx64.sys -- (SymIRON)
DRV:64bit: - [2012.11.16 04:18:04 | 000,168,096 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1403010.016\ccsetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2012.11.15 15:03:58 | 000,177,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012.11.05 16:52:53 | 000,147,456 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\acedrv06.sys -- (acedrv06)
DRV:64bit: - [2012.10.26 18:24:11 | 008,616,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2012.10.26 18:10:56 | 000,019,264 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012.10.26 18:10:34 | 000,027,960 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2012.10.26 18:10:23 | 000,018,832 | ---- | M] (PenMount) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pmkbdfltr.sys -- (pmkbdfltr)
DRV:64bit: - [2012.08.08 19:50:44 | 000,043,680 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SymIMV.sys -- (SymIM)
DRV:64bit: - [2012.08.07 04:24:46 | 000,168,096 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NSMx64\0206000.049\ccsetx64.sys -- (ccSet_NSM)
DRV:64bit: - [2012.07.21 08:53:40 | 000,243,872 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NSMx64\0206000.049\symrdrs.sys -- (SYMRDR_{78CA3BF0-9C3B-40e1-B46D-38C877EF059A})
DRV:64bit: - [2012.03.15 06:02:46 | 000,198,144 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2012.03.15 06:02:46 | 000,198,144 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.12.04 23:23:57 | 000,138,872 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AnyDVD.sys -- (AnyDVD)
DRV:64bit: - [2011.07.08 01:21:28 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011.06.28 08:50:34 | 000,074,376 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2011.05.10 08:06:14 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2011.05.10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.17 00:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010.12.02 10:36:42 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2010.12.02 10:36:40 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.09.01 10:30:58 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI)
DRV:64bit: - [2010.06.25 16:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:64bit: - [2010.04.01 09:53:32 | 000,307,072 | ---- | M] (AVEO Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AVEOdcnt.sys -- (AVEO)
DRV:64bit: - [2010.03.29 11:17:57 | 000,064,040 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E)
DRV:64bit: - [2010.01.13 18:37:16 | 007,675,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64)
DRV:64bit: - [2009.11.09 12:10:44 | 000,037,392 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hotcore3.sys -- (hotcore3)
DRV:64bit: - [2009.11.01 19:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009.09.02 11:05:02 | 000,147,968 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw99bda.sys -- (HCW99BDA)
DRV:64bit: - [2009.08.28 10:33:48 | 000,292,400 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.07.18 00:52:02 | 001,799,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.06 15:33:50 | 000,019,456 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw95rc.sys -- (hcw95rc)
DRV:64bit: - [2009.07.06 15:32:36 | 000,658,432 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw95bda.sys -- (hcw95bda)
DRV:64bit: - [2009.06.30 10:37:16 | 000,033,800 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pavboot64.sys -- (pavboot)
DRV:64bit: - [2009.06.10 23:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009.06.10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.04 18:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.05.22 08:32:52 | 000,311,424 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVerAF15.sys -- (AVerAF15)
DRV:64bit: - [2009.03.09 16:58:00 | 000,060,416 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\itecir.sys -- (itecir)
DRV:64bit: - [2009.01.19 20:32:22 | 000,334,344 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11)
DRV:64bit: - [2008.01.09 11:28:20 | 000,034,032 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\seehcri.sys -- (seehcri)
DRV:64bit: - [2007.04.23 15:54:40 | 000,126,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115mgmt.sys -- (s115mgmt)
DRV:64bit: - [2007.04.23 15:54:40 | 000,123,656 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115obex.sys -- (s115obex)
DRV:64bit: - [2007.04.23 15:54:38 | 000,144,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115mdm.sys -- (s115mdm)
DRV:64bit: - [2007.04.23 15:54:36 | 000,019,720 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115mdfl.sys -- (s115mdfl)
DRV:64bit: - [2007.04.23 15:54:32 | 000,108,296 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115bus.sys -- (s115bus)
DRV - [2013.04.18 12:09:20 | 000,037,344 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2013.04.13 01:53:05 | 001,390,680 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20130412.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2013.02.26 15:40:53 | 002,087,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20130506.006\ex64.sys -- (NAVEX15)
DRV - [2013.02.26 15:40:53 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2013.02.26 15:40:53 | 000,126,192 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20130506.006\eng64.sys -- (NAVENG)
DRV - [2012.09.24 16:04:50 | 000,071,032 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys -- (BstHdDrv)
DRV - [2012.09.18 15:36:12 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\IPSDefs\20130505.002\IDSviA64.sys -- (IDSVia64)
DRV - [2012.08.13 14:30:36 | 000,025,704 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Programme\PerformanceTest\DirectIo64.sys -- (DIRECTIO)
DRV - [2012.08.11 18:53:26 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011.12.04 23:23:57 | 000,138,872 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2009.10.05 19:15:52 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/06/01 14:22:50] [Kernel | Auto | Running] -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})
DRV - [2009.08.07 23:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- D:\Werkzeuge\SiSoftware Sandra Business 2013.SP2\WNt500x64\sandra.sys -- (SANDRA)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2007.12.16 11:57:20 | 000,075,776 | ---- | M] (Wasay) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\WSVD.sys -- (WSVD)
DRV - [2007.12.15 17:38:52 | 000,014,544 | ---- | M] (OpenLibSys.org) [Kernel | On_Demand | Stopped] -- D:\Werkzeuge\SetFSB\WinRing0x64.sys -- (WinRing0_1_0_1)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.snap.do/?publisher=SnapdoIMonetizer&dpid=SnapdoIMonetizer&co=DE&userid=24430f89-1393-477f-8171-a9fae0e510dc&searchtype=ds&q={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=0&o=vp32&d=0709&m=aspire_8930
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snap.do/?publisher=SnapdoIMonetizer&dpid=SnapdoIMonetizer&co=DE&userid=24430f89-1393-477f-8171-a9fae0e510dc&searchtype=ds&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snap.do/?publisher=SnapdoIMonetizer&dpid=SnapdoIMonetizer&co=DE&userid=24430f89-1393-477f-8171-a9fae0e510dc&searchtype=ds&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snap.do/?publisher=SnapdoIMonetizer&dpid=SnapdoIMonetizer&co=DE&userid=24430f89-1393-477f-8171-a9fae0e510dc&searchtype=hp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.snap.do/?publisher=SnapdoIMonetizer&dpid=SnapdoIMonetizer&co=DE&userid=24430f89-1393-477f-8171-a9fae0e510dc&searchtype=ds&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.snap.do/?publisher=SnapdoIMonetizer&dpid=SnapdoIMonetizer&co=DE&userid=24430f89-1393-477f-8171-a9fae0e510dc&searchtype=ds&q={searchTerms}
IE - HKCU\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.snap.do/?publisher=SnapdoIMonetizer&dpid=SnapdoIMonetizer&co=DE&userid=24430f89-1393-477f-8171-a9fae0e510dc&searchtype=ds&q={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de
IE - HKCU\..\SearchScopes\{B692121E-BADF-4BC3-B8B6-33FAA80A195C}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKCU\..\SearchScopes\{E62FA99B-083E-4FF1-8757-00D917D5D87B}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACAW_deDE334
IE - HKCU\..\SearchScopes\{E7BCBD07-A36D-401D-BA99-54500705C85E}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: C:\Program Files (x86)\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security, S.L.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Bla\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Bla\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Bla\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Bla\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll (Amazon.com, Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\coFFPlgn\ [2013.05.06 22:35:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6D5C8FC4-DE46-41bf-9092-93F0F78E9115}: C:\ProgramData\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_2.6.0.43\coFFFw\ [2013.05.06 22:37:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{EB132DB0-A4CA-11DF-9732-0E29E0D72085}: C:\Program Files (x86)\Object\facetheme
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.02.13 14:00:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\IPSFFPlgn\ [2012.09.19 06:36:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ [2012.12.08 21:25:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013.04.24 11:39:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.12 11:49:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.04.12 11:49:41 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{EB132DB0-A4CA-11DF-9732-0E29E0D72085}: C:\Program Files (x86)\Object\facetheme
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.12 11:49:53 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.04.12 11:49:41 | 000,000,000 | ---D | M]
[2011.04.30 22:56:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bla\AppData\Roaming\mozilla\Extensions
[2011.04.30 22:56:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bla\AppData\Roaming\mozilla\Extensions\MediaCoderPrefs
[2013.05.06 21:05:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bla\AppData\Roaming\mozilla\Firefox\Profiles\e0zpy63m.Bla\extensions
[2013.04.08 10:40:43 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Bla\AppData\Roaming\mozilla\Firefox\Profiles\e0zpy63m.Bla\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2013.04.12 13:15:04 | 000,000,000 | ---D | M] (DVDVideoSoftTB) -- C:\Users\Bla\AppData\Roaming\mozilla\Firefox\Profiles\e0zpy63m.Bla\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2012.10.10 13:12:54 | 000,000,000 | ---D | M] (Clippings) -- C:\Users\Bla\AppData\Roaming\mozilla\Firefox\Profiles\e0zpy63m.Bla\extensions\{91aa5abe-9de4-4347-b7b5-322c38dd9271}
[2013.02.23 18:53:06 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Bla\AppData\Roaming\mozilla\Firefox\Profiles\e0zpy63m.Bla\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013.02.01 19:35:45 | 000,000,000 | ---D | M] (New Tab King) -- C:\Users\Bla\AppData\Roaming\mozilla\Firefox\Profiles\e0zpy63m.Bla\extensions\{FC5BAC7D-D696-4ba6-B913-CF8F000C33DF}
[2013.04.16 16:14:09 | 000,000,000 | ---D | M] (Wörterbuch Deutsch (de-DE), Hunspell-unterstützt) -- C:\Users\Bla\AppData\Roaming\mozilla\Firefox\Profiles\e0zpy63m.Bla\extensions\de_DE@dicts.j3e.de
[2013.04.14 18:45:40 | 000,000,000 | ---D | M] ("FRITZ!Box AddOn") -- C:\Users\Bla\AppData\Roaming\mozilla\Firefox\Profiles\e0zpy63m.Bla\extensions\fb_add_on@avm.de
[2012.10.28 10:14:49 | 000,000,000 | ---D | M] ("NetVideoHunter") -- C:\Users\Bla\AppData\Roaming\mozilla\Firefox\Profiles\e0zpy63m.Bla\extensions\netvideohunter@netvideohunter.com
[2013.02.23 17:14:12 | 002,163,784 | ---- | M] () (No name found) -- C:\Users\Bla\AppData\Roaming\mozilla\firefox\profiles\e0zpy63m.Bla\extensions\firebug@software.joehewitt.com.xpi
[2011.10.07 16:56:10 | 000,011,036 | ---- | M] () (No name found) -- C:\Users\Bla\AppData\Roaming\mozilla\firefox\profiles\e0zpy63m.Bla\extensions\searchhighlight@piwisoft.com.xpi
[2012.11.13 09:48:35 | 000,090,868 | ---- | M] () (No name found) -- C:\Users\Bla\AppData\Roaming\mozilla\firefox\profiles\e0zpy63m.Bla\extensions\tinyurl.addon@fast-chat.co.uk.xpi
[2013.03.04 16:42:49 | 000,872,587 | ---- | M] () (No name found) -- C:\Users\Bla\AppData\Roaming\mozilla\firefox\profiles\e0zpy63m.Bla\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi
[2013.05.06 21:05:12 | 001,360,435 | ---- | M] () (No name found) -- C:\Users\Bla\AppData\Roaming\mozilla\firefox\profiles\e0zpy63m.Bla\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
[2013.02.14 16:51:22 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Bla\AppData\Roaming\mozilla\firefox\profiles\e0zpy63m.Bla\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.04.20 11:52:10 | 000,765,412 | ---- | M] () (No name found) -- C:\Users\Bla\AppData\Roaming\mozilla\firefox\profiles\e0zpy63m.Bla\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
[2013.04.12 11:49:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.04.12 11:49:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013.04.12 11:49:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013.04.12 11:49:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013.04.12 11:49:53 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.10.16 12:05:54 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.16 12:05:54 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.10.16 12:05:54 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.16 12:05:54 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.16 12:05:54 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.16 12:05:54 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2011.06.30 11:17:35 | 000,001,476 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 iw2.slysoft.com # AnyDVD
O1 - Hosts: 127.0.0.1 h3.slysoft.com # AnyDVD
O1 - Hosts: 127.0.0.1 update.slysoft.com # AnyDVD
O1 - Hosts: 127.0.0.1 slysoft.com # AnyDVD
O1 - Hosts: 127.0.0.1 sb2slysoft.com # AnyDVD
O1 - Hosts: 127.0.0.1 ns6.gandi.net # AnyDVD
O1 - Hosts: 127.0.0.1 ev1slysoft.com # AnyDVD
O1 - Hosts: 127.0.0.1 reverse.privatedns.com # AnyDVD
O1 - Hosts: 127.0.0.1 update.slysoft.com # AnyDVD
O1 - Hosts: 127.0.0.1 ev1slysoft.com # AnyDVD
O1 - Hosts: 127.0.0.1 serial.alcohol-soft.com # Alcohol 120%
O1 - Hosts: 127.0.0.1 alcohol-soft.com # Alcohol 120%
O1 - Hosts: 127.0.0.1 images.alcohol-soft.com # Alcohol 120%
O1 - Hosts: 127.0.0.1 mermaidconsulting.dk # Alcohol 120%
O1 - Hosts: 127.0.0.1 195.137.236.101 # Alcohol 120%
O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\IPS\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Norton Family BHO) - {B8E07826-0971-4f16-B133-047B88034E89} - C:\Program Files (x86)\Norton Family\Engine\2.6.0.73\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (PDF Architect Toolbar) - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found.
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKCU..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKCU..\Run: [AlSrvN] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\Plugins\Helper\AlSrvN.exe ()
O4 - HKCU..\Run: [Directory Opus Desktop Dblclk] C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe (GP Software)
O4 - HKCU..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup File not found
O4 - HKCU..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - Startup: C:\Users\Bla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Directory Opus (Autostart).lnk = File not found
O4 - Startup: C:\Users\Bla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Bla\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Bla\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Bla\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube Download - C:\Users\Bla\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Bla\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5FDFE86F-E4E0-4AF2-9646-16B3C9A184A1}: DhcpNameServer = 10.111.81.129 10.129.32.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DB80BB64-0C03-4339-8778-252949213388}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (c:\program files\soluto\soluto.exe /userinit) - c:\program files\soluto\soluto.exe (Soluto)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\taskmgr.exe: Debugger - C:\PROGRAM FILES (X86)\PROCESSEXPLORER\PROCEXP.EXE (Sysinternals - www.sysinternals.com)
O27 - HKLM IFEO\taskmgr.exe: Debugger - C:\PROGRAM FILES (X86)\PROCESSEXPLORER\PROCEXP.EXE (Sysinternals - www.sysinternals.com)
O28:64bit: - HKLM ShellExecuteHooks: {3CF9ECE0-1A9F-11D2-8C73-00C06C2005DE} - C:\Programme\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
O28 - HKLM ShellExecuteHooks: {EE761688-C137-4b04-8FAB-3C9CDF0886F0} - C:\Programme\GPSoftware\Directory Opus\dopuslib32.dll (GP Software)
O28 - HKCU ShellExecuteHooks: {EE761688-C137-4b04-8FAB-3C9CDF0886F0} - Reg Error: Value error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{22f7e4f8-6999-11df-824a-001e331d8665}\Shell - "" = AutoRun
O33 - MountPoints2\{22f7e4f8-6999-11df-824a-001e331d8665}\Shell\AutoRun\command - "" = G:\USBAutoRun.exe
O33 - MountPoints2\{4c668722-0c1c-11e0-85dc-001e331d8665}\Shell - "" = AutoRun
O33 - MountPoints2\{4c668722-0c1c-11e0-85dc-001e331d8665}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{8828b03a-68c8-11df-bd0e-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{8828b03a-68c8-11df-bd0e-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe
O33 - MountPoints2\{bd76efc0-a304-11e0-8727-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{bd76efc0-a304-11e0-8727-806e6f6e6963}\Shell\AutoRun\command - "" = F:\BBCAuto.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.05.06 18:55:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.05.04 16:12:26 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2013.05.03 20:30:40 | 000,203,672 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudmdm.sys
[2013.05.03 20:30:40 | 000,103,064 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudbus.sys
[2013.05.03 20:26:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
[2013.05.03 20:26:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyFree Codec
[2013.05.03 20:23:15 | 000,233,472 | ---- | C] (Teruten) -- C:\Windows\SysWow64\FsUsbExService.Exe
[2013.05.03 20:21:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MarkAny
[2013.05.02 11:04:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013.05.01 18:24:21 | 000,000,000 | ---D | C] -- C:\Users\Bla\AppData\Roaming\PDF Architect
[2013.04.24 11:39:39 | 000,000,000 | ---D | C] -- C:\Users\Bla\Documents\PDF Architect Files
[2013.04.24 11:39:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect
[2013.04.24 11:39:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDF Architect
[2013.04.24 11:39:19 | 000,000,000 | ---D | C] -- C:\Users\Bla\AppData\Roaming\pdfforge
[2013.04.24 11:39:13 | 000,110,264 | ---- | C] (pdfforge GmbH) -- C:\Windows\SysNative\pdfcmon.dll
[2013.04.24 11:39:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDFCreator
[2013.04.24 07:14:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\phase-6
[2013.04.24 07:09:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.04.12 22:21:33 | 000,000,000 | ---D | C] -- C:\Users\Bla\Documents\3DMark 11
[2013.04.12 22:21:10 | 000,000,000 | ---D | C] -- C:\Users\Bla\AppData\Local\Futuremark
[2013.04.12 22:17:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavalys
[2013.04.12 22:08:51 | 000,000,000 | ---D | C] -- C:\Users\Bla\Documents\PassMark
[2013.04.12 22:08:47 | 000,000,000 | ---D | C] -- C:\Users\Bla\AppData\Local\PassMark
[2013.04.12 22:08:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PerformanceTest
[2013.04.12 22:08:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Passmark
[2013.04.12 22:08:34 | 000,000,000 | ---D | C] -- C:\Program Files\PerformanceTest
[2013.04.12 20:09:05 | 000,000,000 | ---D | C] -- C:\Users\Bla\AppData\Local\Futuremark_Corporation
[2013.04.12 20:08:47 | 000,000,000 | ---D | C] -- C:\Users\Bla\Documents\PCMark 7
[2013.04.12 19:56:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Futuremark
[2013.04.12 19:56:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Futuremark
[2013.04.12 19:56:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Futuremark
[2013.04.12 19:56:19 | 000,000,000 | ---D | C] -- C:\Program Files\Futuremark
[2013.04.12 11:48:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.04.09 20:14:56 | 000,000,000 | ---D | C] -- C:\Users\Bla\Desktop\Garmin Export
[2013.04.07 10:55:56 | 000,000,000 | ---D | C] -- C:\Users\Bla\Desktop\Zoo
[2011.06.22 10:42:55 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Bla\AppData\Roaming\pcouffin.sys
[2011.04.16 16:12:20 | 003,116,051 | ---- | C] (Landesfinanzdirektion Thüringen) -- C:\Program Files (x86)\uninstall.exe
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.05.06 22:46:14 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.05.06 22:46:14 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.06 22:35:29 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.05.06 22:34:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.05.06 22:33:44 | 3218,833,408 | -HS- | M] () -- C:\hiberfil.sys
[2013.05.06 22:31:12 | 000,000,216 | ---- | M] () -- C:\Users\Bla\defogger_reenable
[2013.05.06 22:12:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.05.06 21:53:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.05.06 17:08:37 | 001,629,878 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.05.06 17:08:37 | 000,702,788 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.05.06 17:08:37 | 000,657,370 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.05.06 17:08:37 | 000,151,322 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.05.06 17:08:37 | 000,123,676 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.05.05 20:06:57 | 000,022,914 | ---- | M] () -- C:\Users\Bla\Desktop\Bestellung Nummer 100005217 drucken _ www.elektrogeraete-neumann24.de.pdf
[2013.05.04 10:23:22 | 002,487,596 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\Cat.DB
[2013.05.02 16:18:09 | 000,004,242 | ---- | M] () -- C:\Users\Bla\AppData\Local\recently-used.xbel
[2013.05.02 11:04:33 | 000,002,212 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2013.04.30 06:32:06 | 762,313,848 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.04.28 10:53:44 | 000,001,336 | ---- | M] () -- C:\Users\Bla\Desktop\Norton-Installationsdateien.lnk
[2013.04.28 10:48:31 | 000,000,680 | RHS- | M] () -- C:\Users\Bla\ntuser.pol
[2013.04.26 11:44:41 | 000,102,236 | ---- | M] () -- C:\Users\Bla\Desktop\Mainova Zählerstand ablesung - fail.PNG
[2013.04.24 07:14:07 | 000,001,269 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\phase-6 Reminder.lnk
[2013.04.18 19:08:14 | 004,659,712 | ---- | M] (Dmitry Streblechenko) -- C:\Windows\SysWow64\Redemption.dll
[2013.04.18 19:06:08 | 000,821,824 | ---- | M] (Devguru Co., Ltd.) -- C:\Windows\SysWow64\dgderapi.dll
[2013.04.18 16:13:00 | 000,001,391 | ---- | M] () -- C:\Users\Bla\Documents\ax_files.xml
[2013.04.18 12:09:20 | 000,233,472 | ---- | M] (Teruten) -- C:\Windows\SysWow64\FsUsbExService.Exe
[2013.04.18 12:09:20 | 000,037,344 | ---- | M] () -- C:\Windows\SysWow64\FsUsbExDisk.Sys
[2013.04.17 13:25:39 | 000,014,818 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\VT20130115.021
[2013.04.13 23:18:54 | 013,729,792 | ---- | M] () -- C:\Users\Bla\AppData\Roaming\Sandra.mdb
[2013.04.13 22:12:44 | 000,000,064 | ---- | M] () -- C:\Users\Bla\AppData\Roaming\Sandra.ldb
[2013.04.12 07:35:47 | 000,422,184 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.04.09 15:13:52 | 000,110,264 | ---- | M] (pdfforge GmbH) -- C:\Windows\SysNative\pdfcmon.dll
[2013.04.08 10:56:00 | 003,605,885 | ---- | M] () -- C:\Users\Bla\Desktop\26.07.2010 - 01.08.2010_history.tcx
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.05.06 22:31:11 | 000,000,216 | ---- | C] () -- C:\Users\Bla\defogger_reenable
[2013.05.05 20:06:56 | 000,022,914 | ---- | C] () -- C:\Users\Bla\Desktop\Bestellung Nummer 100005217 drucken _ www.elektrogeraete-neumann24.de.pdf
[2013.05.03 20:23:15 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDevice.Dll
[2013.05.03 20:23:15 | 000,037,344 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDisk.Sys
[2013.05.02 16:18:09 | 000,004,242 | ---- | C] () -- C:\Users\Bla\AppData\Local\recently-used.xbel
[2013.05.02 11:04:33 | 000,002,212 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2013.04.28 10:53:42 | 000,001,336 | ---- | C] () -- C:\Users\Bla\Desktop\Norton-Installationsdateien.lnk
[2013.04.26 11:44:41 | 000,102,236 | ---- | C] () -- C:\Users\Bla\Desktop\Mainova Zählerstand ablesung - fail.PNG
[2013.04.13 22:11:52 | 000,000,064 | ---- | C] () -- C:\Users\Bla\AppData\Roaming\Sandra.ldb
[2013.04.08 10:55:56 | 003,605,885 | ---- | C] () -- C:\Users\Bla\Desktop\26.07.2010 - 01.08.2010_history.tcx
[2013.03.30 19:28:39 | 013,729,792 | ---- | C] () -- C:\Users\Bla\AppData\Roaming\Sandra.mdb
[2013.02.02 21:22:47 | 000,000,098 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2012.11.28 15:17:24 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.11.28 15:17:18 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012.11.28 15:17:18 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012.11.28 15:17:18 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012.11.28 15:17:18 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012.11.27 09:50:43 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2012.11.05 16:52:15 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\acedrv06.dll
[2012.10.30 13:53:10 | 001,607,772 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.10.18 16:04:23 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.dll
[2012.10.10 13:19:55 | 000,036,141 | ---- | C] () -- C:\Users\Bla\clipdat2.rdf
[2012.03.28 13:40:33 | 000,000,915 | ---- | C] () -- C:\Users\Bla\AppData\Roaming\CoreAvc.ini
[2012.01.10 00:12:17 | 000,853,275 | ---- | C] () -- C:\Users\Bla\AppData\Local\census.cache
[2012.01.10 00:11:18 | 000,143,303 | ---- | C] () -- C:\Users\Bla\AppData\Local\ars.cache
[2012.01.09 23:59:33 | 000,000,036 | ---- | C] () -- C:\Users\Bla\AppData\Local\housecall.guid.cache
[2011.12.16 17:54:23 | 000,000,043 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011.10.23 19:35:13 | 000,049,152 | ---- | C] () -- C:\Windows\SysWow64\AVerIO.dll
[2011.10.23 19:35:13 | 000,003,456 | ---- | C] () -- C:\Windows\SysWow64\AVerIO.sys
[2011.10.23 19:35:12 | 000,565,248 | ---- | C] () -- C:\Windows\SysWow64\sptlib21.dll
[2011.10.23 19:35:12 | 000,294,912 | ---- | C] () -- C:\Windows\SysWow64\sptlib11.dll
[2011.10.23 19:35:12 | 000,290,816 | ---- | C] () -- C:\Windows\SysWow64\sptlib22.dll
[2011.10.23 19:35:12 | 000,249,856 | ---- | C] () -- C:\Windows\SysWow64\sptlib01.dll
[2011.10.23 19:35:12 | 000,245,760 | ---- | C] () -- C:\Windows\SysWow64\sptlib03.dll
[2011.10.23 19:35:12 | 000,241,664 | ---- | C] () -- C:\Windows\SysWow64\sptlib02.dll
[2011.10.23 19:35:12 | 000,135,168 | ---- | C] () -- C:\Windows\SysWow64\sptlib12.dll
[2011.10.22 22:52:40 | 000,000,135 | ---- | C] () -- C:\Users\Bla\AppData\Roaming\default.rss
[2011.10.18 11:39:09 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2011.10.18 11:39:09 | 000,020,480 | ---- | C] () -- C:\Windows\USB_VIDEO_REG.exe
[2011.10.18 11:39:09 | 000,000,378 | ---- | C] () -- C:\Windows\PidList.ini
[2011.08.14 15:25:39 | 000,007,680 | ---- | C] () -- C:\Users\Bla\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.07.16 12:56:53 | 000,000,288 | ---- | C] () -- C:\Users\Bla\AppData\Roaming\.backup.dm
[2011.06.22 10:42:55 | 000,099,384 | ---- | C] () -- C:\Users\Bla\AppData\Roaming\inst.exe
[2011.06.22 10:42:55 | 000,007,859 | ---- | C] () -- C:\Users\Bla\AppData\Roaming\pcouffin.cat
[2011.06.22 10:42:55 | 000,001,167 | ---- | C] () -- C:\Users\Bla\AppData\Roaming\pcouffin.inf
[2011.04.16 16:12:22 | 000,000,889 | ---- | C] () -- C:\Program Files (x86)\Uninstall ElsterFormular.lnk
[2011.03.02 20:27:37 | 000,000,680 | RHS- | C] () -- C:\Users\Bla\ntuser.pol
[2011.03.01 20:58:43 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.11.10 10:19:15 | 000,000,022 | -HS- | C] () -- C:\Users\Bla\AppData\Roaming\Sys6925.Config Collection.sys
[2009.11.29 00:32:03 | 002,639,074 | -H-- | C] () -- C:\Users\Bla\AppData\Local\IconCache (1).db
[2009.11.14 16:32:18 | 000,000,017 | ---- | C] () -- C:\Users\Bla\AppData\Local\resmon.resmoncfg
[2009.11.03 12:10:34 | 000,000,000 | ---- | C] () -- C:\Users\Bla\AppData\Local\WavXMapDrive.bat
[2009.11.01 14:32:49 | 000,108,824 | ---- | C] () -- C:\Users\Bla\AppData\Local\GDIPFONTCACHEV1 (1).DAT
[2009.08.13 09:25:06 | 000,000,004 | ---- | C] () -- C:\Users\Bla\tray.pid
[2009.08.11 20:45:20 | 000,000,120 | ---- | C] () -- C:\Users\Bla\.asadminpass
[2009.08.11 20:45:00 | 000,000,818 | ---- | C] () -- C:\Users\Bla\.asadmintruststore
[2009.07.14 13:59:30 | 000,001,024 | ---- | C] () -- C:\Users\Bla\.rnd
[2003.10.06 10:21:31 | 000,000,000 | -H-- | C] () -- C:\ProgramData\sdpsenv.dat
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2010.06.10 13:15:09 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\Amazon
[2011.01.04 21:19:53 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\AnvSoft
[2012.11.08 00:09:34 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\avidemux
[2011.04.30 22:56:19 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\Broad Intelligence
[2012.10.08 15:12:17 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\Cornelsen
[2012.12.03 13:04:18 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\DAEMON Tools Lite
[2013.05.06 22:38:41 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\Dropbox
[2012.12.08 21:28:06 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\DVDVideoSoft
[2012.12.08 21:28:07 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.04.03 10:27:54 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\elsterformular
[2012.11.07 20:40:22 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\EXIF Date Changer
[2011.05.13 13:10:48 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\Fit3DLive
[2011.01.04 21:12:22 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\FreeFLVConverter
[2011.01.11 10:27:40 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\FRITZ!
[2011.01.11 10:18:54 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\FRITZ!fax für FRITZ!Box
[2011.05.04 06:28:56 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\GARMIN
[2010.10.16 10:38:56 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\GetRightToGo
[2010.05.26 12:42:47 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\GPSoftware
[2012.09.27 19:44:51 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\gtk-2.0
[2012.12.08 21:20:38 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\Haenlein-Software
[2012.10.18 21:10:53 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\HandBrake
[2011.07.13 14:59:20 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\HTC
[2011.05.04 15:30:24 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2010.05.27 20:19:02 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\LG Electronics
[2011.06.21 06:15:40 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\MD5 Checksum Verifier
[2011.07.07 21:20:34 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\MP3 Quality Modifier
[2013.04.26 16:43:23 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\Mp3tag
[2012.10.19 18:53:18 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\MusicBrainz
[2011.05.22 20:45:59 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\MyPhoneExplorer
[2011.05.04 15:34:44 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\Outlook
[2013.05.05 20:07:10 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\PDF Architect
[2013.04.24 11:39:19 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\pdfforge
[2012.08.22 06:20:11 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\Phase6
[2010.06.01 16:50:39 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\PowerCinema
[2012.06.08 14:57:28 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\ProtectDisc
[2010.09.15 11:03:18 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\Rominator Data
[2013.04.16 10:18:35 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\RToolDS
[2013.05.03 21:33:01 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\Samsung
[2010.06.02 07:18:39 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\SoftDMA
[2012.07.09 15:24:40 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\SpiritON TV Software
[2011.02.21 21:26:22 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\TeamViewer
[2011.06.06 11:08:34 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\Tific
[2012.10.26 17:58:26 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\Uniblue
[2012.03.13 00:04:42 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\Vso
[2011.06.18 16:17:45 | 000,000,000 | ---D | M] -- C:\Users\Bla\AppData\Roaming\Xilisoft
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 160 bytes -> C:\ProgramData\sdpsenv.dat:naughtypirates
< End of report >
Extras.Txt Code:
OTL Extras logfile created on: 06.05.2013 22:39:18 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Bla\Desktop\TrojanerBoard
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,03 Gb Available Physical Memory | 50,77% Memory free
7,99 Gb Paging File | 5,85 Gb Available in Paging File | 73,22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 144,04 Gb Total Space | 34,82 Gb Free Space | 24,17% Space Free | Partition Type: NTFS
Drive D: | 137,50 Gb Total Space | 22,54 Gb Free Space | 16,39% Space Free | Partition Type: NTFS
Drive E: | 1,75 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: BlaS-NOTEBOOK | User Name: Bla | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotoschau] -- "H:\portableApps\Pixum Fotobuch\Fotoschau.exe" -d "%1"
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [Pixum Fotobuch] -- "H:\portableApps\Pixum Fotobuch\Pixum Fotobuch.exe" "%1"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotoschau] -- "H:\portableApps\Pixum Fotobuch\Fotoschau.exe" -d "%1"
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [Pixum Fotobuch] -- "H:\portableApps\Pixum Fotobuch\Pixum Fotobuch.exe" "%1"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B7FB37E-8EF9-4AF3-8009-1ED580D2DB19}," = lport=3389 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{181BBF43-CA17-4E1A-A78D-81E67A57B8A4}" = Intel® PROSet/Wireless WiFi-Software
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{32F9DBC7-95D1-469F-B7A3-678948D6DA32}" = Soluto
"{4AD57DCD-14DD-4440-BA20-AADDB9D2A6CB}" = MySQL Connector/ODBC 5.1
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{986A654F-F1E4-11DD-9FCA-005056C00008}" = Paragon Partition Manager™ 10.0 Personal
"{9C98CA38-4C1A-4AC8-B55C-169497C8826B}" = Apple Mobile Device Support
"{A8A0B1C1-FBC7-4790-8E26-9DA1A6A95452}" = Oracle VM VirtualBox 4.2.6
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.2.24.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{BEE86606-EFB5-4353-9F34-29E0C59CDCFA}" = Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1" = SiSoftware Sandra Business 2013.SP2
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F65B8208-5221-43D9-AA12-DDEA64EC4AF6}" = Validity Sensors software
"{FA53034E-566C-477E-BA56-93AFA4DE6092}" = MySQL Connector/ODBC 3.51
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"CCleaner" = CCleaner
"ffdshow64_is1" = ffdshow x64 v1.2.4422 [2012-04-09]
"GIMP-2_is1" = GIMP 2.8.2
"MediaCoder x64" = MediaCoder x64 2011
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"PerformanceTest 8_is1" = PerformanceTest v8.0
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"USB 2.0 UVC HD WebCam" = USB 2.0 UVC HD WebCam
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02627EE5-EACA-4742-A9CC-E687631773E4}" = Nero ShowTime
"{064A929A-4DE8-40CF-A901-BD40C14E4D25}" = PDF Architect
"{086A7D8C-0A38-4C7F-819A-620275550D5C}" = Nero Burning ROM Help
"{087945F4-8C75-4504-BC13-47713ADECA50}" = SnugTV Station
"{0A844D8F-A965-11E2-9E77-B8AC6F98CCE3}" = Google Earth
"{0DA5CAC0-6790-4C8E-B18A-036C68756688}" = Fritz und Fertig 2
"{14574B7F-75D1-4718-B7F2-EBF6E2862A35}" = Company of Heroes - FAKEMSI
"{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{199E6632-EB28-4F73-AECB-3E192EB92D18}" = Company of Heroes - FAKEMSI
"{1C00C7C5-E615-4139-B817-7F4003DE68C0}" = Nero PhotoSnap Help
"{1C943495-B69F-4D41-AE0E-23C57ECD90EE}" = Debugging Tools for Windows
"{1E524A62-E9EF-4DCB-A2B2-09AF39DB51C2}_is1" = Druckverlust 7.2
"{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help
"{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help
"{25724802-CC14-4B90-9F3B-3D6955EE27B1}" = Company of Heroes - FAKEMSI
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 37
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{26CA1B07-BC53-4196-B9C2-A11C6F6F3E08}_is1" = EXIF Date Changer v3.00
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{328687A2-2504-49FA-AE3E-08B0DEDB51EC}" = MSRedist
"{32C4A4EB-C97D-414E-99C5-38F8DFD31D5D}" = Company of Heroes - FAKEMSI
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode
"{367EDD83-302F-48E6-8F77-B0B056125C2D}" = Bob baut einen Park
"{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent
"{3F9FB449-93DB-4C47-BB5B-7334C4D1736E}" = SD Formatter
"{40580068-9B10-40B5-9548-536CE88AB23C}" = ITECIR
"{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E1E1394-F813-420E-A4D0-63D6FE26ACBE}" = BlueStacks
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{50193078-F553-4EBA-AA77-64C9FAA12F98}" = Company of Heroes - FAKEMSI
"{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers
"{51D718D1-DA81-4FAD-919F-5C1CE3C33379}" = Company of Heroes - FAKEMSI
"{53646626-11D9-33C6-8BB1-472536192DC4}" = Google Talk Plugin
"{56ABA277-EE53-4478-A607-FA42208FF5A9}" = Menu Templates - Pack 1
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57250E78-F6E2-4DCE-9A84-50B28A70AB84}" = Menu Templates - Pack 3
"{583FEF6C-0F55-4B98-8055-7A8BE27D4477}" = Duden Rechtschreibtrainer
"{5842A2D8-618F-4A2A-BD2D-9715526CB272}_is1" = DS ROM Organizer 3.0.0.3
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{5C6F884D-680C-448B-B4C9-22296EE1B206}" = Logitech Harmony Remote Software 7
"{5D4F167D-CCC8-413E-A6EE-F2FABBBBF50D}" = GPSoftware Directory Opus
"{5D9BE3C1-8BA4-4E7E-82FD-9F74FA6815D1}" = Nero Vision Help
"{5E08ECD1-C98E-4711-BF65-8FD736B3F969}" = Nero RescueAgent Help
"{5E9B69BA-1CE0-4619-953D-9B54082CDB01}" = Bob der Baumeister - Abenteuer auf der Ritterburg
"{60C731FB-C951-41CE-AD41-8E54C8594609}" = Nero Disc Copy Gadget Help
"{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner
"{63B7AC7E-0178-4F4F-A79B-08D97ADD02D7}" = System Requirements Lab for Intel
"{66F78C51-D108-4F0C-A93C-1CBE74CE338F}" = Company of Heroes - FAKEMSI
"{6AAD644F-548B-43FC-B983-38303E2D647C}" = Bouquetter
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{75C3C9C0-6CE6-42FA-A0E9-658E8F539124}" = PCMark 7
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam
"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
"{7D542452-84EB-47C0-97BA-735C523AB555}" = Garmin Training Center
"{7F4B1592-222F-4E5F-A100-E5AFD61A0BB3}" = Company of Heroes - FAKEMSI
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{80D03817-7943-4839-8E96-B9F924C5E67D}" = Company of Heroes - FAKEMSI
"{80F19EAA-44C4-47C2-AE87-1C7628E858D6}" = Logitech Harmony Remote Software 7
"{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8471021C-F529-43DE-84DF-3612E10F58C4}" = Remote Control USB Driver
"{84ca181c-6e7b-4c6d-9220-1d9d82e778f7}" = Nero 9
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8F2D21F9-F428-4EF2-8111-953EF3299EFB}" = Bob der Baumeister
"{8F311E72-C27F-4DF0-8254-B739A1831668}_is1" = SUPER © v2012.build.53 (Sep 13, 2012) Version v2012.build.53
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1" = Panda Cloud Cleaner
"{92C41B26-EBC5-41C5-8B6F-E3EF7E57FF16}" = AVerMedia Applications
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{94895EA7-873E-4FCB-9C7B-DD3F7019D618}_is1" = Free Video Cutter 1.1
"{97E5205F-EA4F-438F-B211-F1846419F1C1}" = Company of Heroes - FAKEMSI
"{98A67610-A3B5-4098-A423-3708040026D3}" = "Nero SoundTrax Help
"{99A7722D-9ACB-43F3-A222-ABC7133F159E}" = Company of Heroes - FAKEMSI
"{9A200E68-D5F4-4E70-910F-2871753A0E2B}" = Worms World Party
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AB8E6CE-CE6D-43A0-B54E-422425524FF9}" = Menu Templates - Pack 2
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E82B934-9A25-445B-B8DF-8012808074AC}" = Nero PhotoSnap
"{A1430C24-93CF-4182-9252-B333A76F2CDD}" = Garmin Training Center
"{A209525B-3377-43F4-B886-32F6B6E7356F}" = Nero WaveEditor
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.02)
"{AD6BC5CC-2EF0-49C4-B33D-CDC8B2C4DC80}" = Nero Recode Help
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit
"{BA801B94-C28D-46EE-B806-E1E021A3D519}" = Company of Heroes - FAKEMSI
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1" = Uniblue DriverScanner
"{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}" = SoundTrax
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help
"{CCD438F0-5D72-4945-9E72-6560C7E5E0D0}" = Captcha Brotherhood
"{CE96F5A5-584D-4F8F-AA3E-9BAED413DB72}" = Nero CoverDesigner Help
"{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM
"{D0990B88-0D93-4950-93B6-FA4E0954A42E}" = DVR-Studio HD 3
"{D4D244D1-05E0-4D24-86A2-B2433C435671}" = Company of Heroes - FAKEMSI
"{D5B18B60-4FC3-42AD-A629-9CA10ACC06CD}" = HTC Sync
"{D6174060-52D9-4886-8DBF-4EBF7C1CBCAA}" = MSRedx64
"{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}" = Nero ShowTime
"{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}" = AVerTV
"{E3723A04-A894-4036-A78E-282E18F43C0A}_is1" = Tinypic 3.18
"{E498385E-1C51-459A-B45F-1721E37AA1A0}" = Movie Templates - Starter Kit
"{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{EAF636A9-F664-4703-A659-85A894DA264F}" = Company of Heroes - FAKEMSI
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1861F30-3419-44DB-B2A1-C274825698B3}" = Nero Disc Copy Gadget
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F425DD1D-0097-41C3-B545-B79E3D51100E}" = Movie Templates - Pack 1
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{F6BDD7C5-89ED-4569-9318-469AA9732572}" = Nero BurnRights Help
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Alcohol 120%" = Alcohol 120% 2.0.1.2033 XCV Edition
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.17
"Any Video Converter_is1" = Any Video Converter 3.2.5
"AnyDVD" = AnyDVD
"AVerMedia E554/E534 (ExpressCard, DVB-T)" = AVerMedia E554/E534 (ExpressCard, DVB-T) 1.0.64.61
"Avidemux 2.6 (64-bit)" = Avidemux 2.6
"CANHacker_is1" = CANHacker V2.00.01
"CDex" = CDex - Open Source Digital Audio CD Extractor
"CloneDVD2" = CloneDVD2
"Company of Heroes" = Company of Heroes
"DATA BECKER Die große Einladungs-Druckerei" = DATA BECKER Die große Einladungs-Druckerei
"Die Olchis" = Die Olchis
"DivX Setup" = DivX-Setup
"DVDFab 9_is1" = DVDFab 9.0.1.6 (14/12/2012) Qt
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"Eastern Front" = Eastern Front
"ElsterFormular" = ElsterFormular
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"Free FLV Converter_is1" = Free FLV Converter V 6.93.0
"Free Studio_is1" = Free Studio version 5.8.0.1201
"Free Video Dub_is1" = Free Video Dub version 2.0.15.1031
"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 5.0.4.1228
"Free WebM Video Converter_is1" = Free WebM Video Converter version 5.0.19.1015
"FRITZ! 2.0" = AVM FRITZ!fax für FRITZ!Box
"GUT 1" = GUT 1
"HaaliMkx" = Haali Media Splitter
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{92C41B26-EBC5-41C5-8B6F-E3EF7E57FF16}" = AVerMedia Applications
"InstallShield_{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}" = AVerTV
"jv16 PowerTools 2010" = jv16 PowerTools 2010
"LesenLernen" = LesenLernen
"LManager" = Launch Manager
"MD5 Checksum Verifier_is1" = MD5 Checksum Verifier 4.5
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.54
"MPE" = MyPhoneExplorer
"NIS" = Norton Internet Security
"NSM" = Norton Family
"Passbild-Generator_is1" = Bewerbungsfoto-/Passbild-Generator v3.5a
"phase-6" = phase-6 2.3.2b
"Picasa 3" = Picasa 3
"Pixum Fotobuch" = Pixum Fotobuch
"Playlist Creator 3.6.2" = Playlist Creator 3.6.2
"PlexUtil" = SmartPack 1.21.0
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"S2TNG" = Die Siedler II - Die nächste Generation
"Secunia PSI" = Secunia PSI (2.0.0.4003)
"Teachmaster 4.3" = Teachmaster 4.3 (nur Entfernen)
"TeamViewer 7" = TeamViewer 7
"uniquemagicmp3taggerappid_is1" = Magic MP3 Tagger 2.2.6
"VLC media player" = VLC media player 2.0.5
"xampp" = XAMPP 1.7.7
"Xilisoft DPG Converter 6" = Xilisoft DPG Converter 6
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Amazon Kindle" = Amazon Kindle
"Dropbox" = Dropbox
"MyFreeCodec" = MyFreeCodec
"Skat XXL" = Skat XXL
"Skat-Online V9" = Skat-Online V9
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 04.05.2013 05:25:33 | Computer Name = Blas-Notebook | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\mediacoder\codecs64\lencod.exe".
Die
abhängige Assemblierung "Microsoft.VC90.OpenMP,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 04.05.2013 09:22:14 | Computer Name = Blas-Notebook | Source = BstHdAndroidSvc | ID = 0
Description = Der Dienst kann nicht gestartet werden. System.ApplicationException:
Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object
state)
Error - 04.05.2013 12:08:44 | Computer Name = Blas-Notebook | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 20.0.1.4847 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: fe4 Startzeit:
01ce48d6f3f60ce9 Endzeit: 718 Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID:
e22b790c-b4d4-11e2-bd74-001e331d8665
Error - 05.05.2013 07:53:14 | Computer Name = Blas-Notebook | Source = BstHdAndroidSvc | ID = 0
Description = Der Dienst kann nicht gestartet werden. System.ApplicationException:
Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object
state)
Error - 05.05.2013 10:16:30 | Computer Name = Blas-Notebook | Source = .NET Runtime | ID = 1026
Description =
Error - 05.05.2013 10:16:36 | Computer Name = Blas-Notebook | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Kies.exe, Version: 1.0.0.1328, Zeitstempel:
0x51761237 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18015,
Zeitstempel: 0x50b83c8a Ausnahmecode: 0xe0434352 Fehleroffset: 0x0000c41f ID des fehlerhaften
Prozesses: 0x1aa0 Startzeit der fehlerhaften Anwendung: 0x01ce499b1e88e0eb Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Samsung\Kies\Kies.exe Pfad des fehlerhaften
Moduls: C:\Windows\syswow64\KERNELBASE.dll Berichtskennung: 649b0672-b58e-11e2-bf55-ee724ef24119
Error - 06.05.2013 06:17:14 | Computer Name = Blas-Notebook | Source = BstHdAndroidSvc | ID = 0
Description = Der Dienst kann nicht gestartet werden. System.ApplicationException:
Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object
state)
Error - 06.05.2013 06:34:40 | Computer Name = Blas-Notebook | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\mediacoder\codecs64\lencod.exe".
Die
abhängige Assemblierung "Microsoft.VC90.OpenMP,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 06.05.2013 13:52:08 | Computer Name = Blas-Notebook | Source = BstHdAndroidSvc | ID = 0
Description = Der Dienst kann nicht gestartet werden. System.ApplicationException:
Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object
state)
Error - 06.05.2013 16:36:18 | Computer Name = Blas-Notebook | Source = BstHdAndroidSvc | ID = 0
Description = Der Dienst kann nicht gestartet werden. System.ApplicationException:
Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object
state)
[ AVer AutoUpdate Events ]
Error - 02.02.2013 13:36:21 | Computer Name = Blas-Notebook | Source = AVerUpdate Server | ID = 0
Description =
Error - 02.02.2013 13:36:42 | Computer Name = Blas-Notebook | Source = AVerUpdate Server | ID = 0
Description =
Error - 02.02.2013 14:36:21 | Computer Name = Blas-Notebook | Source = AVerUpdate Server | ID = 0
Description =
Error - 02.02.2013 15:36:21 | Computer Name = Blas-Notebook | Source = AVerUpdate Server | ID = 0
Description =
Error - 02.02.2013 16:36:47 | Computer Name = Blas-Notebook | Source = AVerUpdate Server | ID = 0
Description =
Error - 03.02.2013 12:36:21 | Computer Name = Blas-Notebook | Source = AVerUpdate Server | ID = 0
Description =
Error - 03.02.2013 13:36:21 | Computer Name = Blas-Notebook | Source = AVerUpdate Server | ID = 0
Description =
Error - 03.02.2013 13:36:42 | Computer Name = Blas-Notebook | Source = AVerUpdate Server | ID = 0
Description =
Error - 03.02.2013 14:36:21 | Computer Name = Blas-Notebook | Source = AVerUpdate Server | ID = 0
Description =
[ Media Center Events ]
Error - 29.06.2010 15:28:09 | Computer Name = Blas-Notebook | Source = MCUpdate | ID = 0
Description = 21:28:05 - Fehler beim Herstellen der Internetverbindung. 21:28:05
- Serververbindung konnte nicht hergestellt werden..
Error - 29.06.2010 16:28:17 | Computer Name = Blas-Notebook | Source = MCUpdate | ID = 0
Description = 22:28:17 - Fehler beim Herstellen der Internetverbindung. 22:28:17
- Serververbindung konnte nicht hergestellt werden..
Error - 29.06.2010 16:28:26 | Computer Name = Blas-Notebook | Source = MCUpdate | ID = 0
Description = 22:28:22 - Fehler beim Herstellen der Internetverbindung. 22:28:22
- Serververbindung konnte nicht hergestellt werden..
Error - 03.07.2010 14:11:05 | Computer Name = Blas-Notebook | Source = MCUpdate | ID = 0
Description = 20:11:05 - Fehler beim Herstellen der Internetverbindung. 20:11:05
- Serververbindung konnte nicht hergestellt werden..
Error - 03.07.2010 14:11:24 | Computer Name = Blas-Notebook | Source = MCUpdate | ID = 0
Description = 20:11:10 - Fehler beim Herstellen der Internetverbindung. 20:11:10
- Serververbindung konnte nicht hergestellt werden..
Error - 03.07.2010 14:13:28 | Computer Name = Blas-Notebook | Source = ehRecvr | ID = 3
Description = Auf dem TV-Tuner ist ein Fehler aufgetreten. (0xc0040524) AF9015 BDA
Filter
Error - 03.07.2010 15:11:32 | Computer Name = Blas-Notebook | Source = MCUpdate | ID = 0
Description = 21:11:32 - Fehler beim Herstellen der Internetverbindung. 21:11:32
- Serververbindung konnte nicht hergestellt werden..
Error - 03.07.2010 15:11:41 | Computer Name = Blas-Notebook | Source = MCUpdate | ID = 0
Description = 21:11:37 - Fehler beim Herstellen der Internetverbindung. 21:11:37
- Serververbindung konnte nicht hergestellt werden..
Error - 03.07.2010 16:11:49 | Computer Name = Blas-Notebook | Source = MCUpdate | ID = 0
Description = 22:11:49 - Fehler beim Herstellen der Internetverbindung. 22:11:49
- Serververbindung konnte nicht hergestellt werden..
Error - 03.07.2010 16:11:58 | Computer Name = Blas-Notebook | Source = MCUpdate | ID = 0
Description = 22:11:54 - Fehler beim Herstellen der Internetverbindung. 22:11:54
- Serververbindung konnte nicht hergestellt werden..
[ OSession Events ]
Error - 30.08.2011 12:45:37 | Computer Name = Blas-Notebook | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 59
seconds with 0 seconds of active time. This session ended with a crash.
Error - 03.10.2011 17:04:01 | Computer Name = Blas-Notebook | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 15867
seconds with 300 seconds of active time. This session ended with a crash.
Error - 06.11.2011 12:29:32 | Computer Name = Blas-Notebook | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 16311
seconds with 480 seconds of active time. This session ended with a crash.
Error - 21.11.2011 10:42:25 | Computer Name = Blas-Notebook | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 6833
seconds with 480 seconds of active time. This session ended with a crash.
Error - 16.01.2012 17:55:03 | Computer Name = Blas-Notebook | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 37686
seconds with 600 seconds of active time. This session ended with a crash.
Error - 01.02.2012 08:02:58 | Computer Name = Blas-Notebook | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 13834
seconds with 2580 seconds of active time. This session ended with a crash.
Error - 17.04.2012 02:00:25 | Computer Name = Blas-Notebook | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 127
seconds with 0 seconds of active time. This session ended with a crash.
Error - 08.05.2012 14:37:36 | Computer Name = Blas-Notebook | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 1455
seconds with 900 seconds of active time. This session ended with a crash.
Error - 15.06.2012 08:10:33 | Computer Name = Blas-Notebook | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 40
seconds with 0 seconds of active time. This session ended with a crash.
Error - 06.12.2012 08:00:52 | Computer Name = Blas-Notebook | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 111
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 06.05.2013 13:52:08 | Computer Name = Blas-Notebook | Source = Service Control Manager | ID = 7023
Description = Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler
beendet: %%1064
Error - 06.05.2013 13:52:08 | Computer Name = Blas-Notebook | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
acedrv06
Error - 06.05.2013 13:56:54 | Computer Name = Blas-Notebook | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Basisfiltermodul" wurde mit folgendem Fehler beendet:
%%5
Error - 06.05.2013 14:02:32 | Computer Name = Blas-Notebook | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem
Fehler beendet: %%-2147024891
Error - 06.05.2013 14:02:32 | Computer Name = Blas-Notebook | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%-2147024891
Error - 06.05.2013 14:25:26 | Computer Name = Blas-Notebook | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem
Fehler beendet: %%-2147023143.
Error - 06.05.2013 16:34:30 | Computer Name = Blas-Notebook | Source = Microsoft-Windows-BitLocker-Driver | ID = 24620
Description = Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf
"\\?\Volume{3902b459-68a4-11df-86b4-806e6f6e6963}" können nicht gelesen werden.
Error - 06.05.2013 16:34:30 | Computer Name = Blas-Notebook | Source = Microsoft-Windows-BitLocker-Driver | ID = 24620
Description = Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf
"\\?\Volume{b48c9b32-6d79-11df-b561-001e331d8665}" können nicht gelesen werden.
Error - 06.05.2013 16:36:18 | Computer Name = Blas-Notebook | Source = Service Control Manager | ID = 7023
Description = Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler
beendet: %%1064
Error - 06.05.2013 16:36:19 | Computer Name = Blas-Notebook | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
acedrv06
< End of report >
Gmer lasse ich über Nacht arbeiten.
Der Log kommt morgen früh. ;-)
Gruß, und Danke ...
Suppi |
Cracks und Keygens