Shit, jetzt hat es meinen Rechner auch erwischt.... Kannst Du mir bitte nochmals helfen. Vielen dank im voraus! Code:
OTL Extras logfile created on: 11.08.2013 13:42:48 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Daeni\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
15.98 Gb Total Physical Memory | 14.76 Gb Available Physical Memory | 92.39% Memory free
31.95 Gb Paging File | 30.76 Gb Available in Paging File | 96.27% Paging File free
Paging file location(s): g:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111.79 Gb Total Space | 14.13 Gb Free Space | 12.64% Space Free | Partition Type: NTFS
Drive F: | 1009.97 Mb Total Space | 198.95 Mb Free Space | 19.70% Space Free | Partition Type: FAT
Drive G: | 1863.01 Gb Total Space | 1777.49 Gb Free Space | 95.41% Space Free | Partition Type: NTFS
Computer Name: BUP-DAENI-PC | User Name: Daeni | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0571A449-92B0-4C36-9CDF-74854202CA34}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0B9E31A7-6DC8-4E8B-B126-5DDCC53358C9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0DB52588-BF0F-4D43-8808-3D0B8BEB893F}" = lport=5353 | protocol=17 | dir=in | name=bonjour |
"{177D1448-301A-4A00-BC9B-57FBD1C6815B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1B3EE88D-5759-4562-8511-20349023E524}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{1FA3E9A1-B5FB-419C-8816-66F1C6CB22B7}" = lport=1927 | protocol=17 | dir=in | name=eytron vms cipc udp |
"{1FD648BA-221E-4815-82BA-6BFFED5B926A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2397F46F-45D3-419B-8C97-6D8F68E63679}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{2DCFCCFD-6285-404E-A546-D088A1E67481}" = rport=137 | protocol=17 | dir=out | app=system |
"{2F6CE2F0-9262-49DF-A305-20953C5E8F94}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{31E0DD9B-EA18-4320-9F94-102512D3A3AF}" = rport=138 | protocol=17 | dir=out | app=system |
"{3DCC99FB-E1ED-4D7C-ABA5-0C6B019A60F7}" = lport=138 | protocol=17 | dir=in | app=system |
"{52D40484-DC6A-40F6-83CA-9C593F2E95EA}" = rport=10243 | protocol=6 | dir=out | app=system |
"{58C9199C-2B62-4DEA-9171-0F9994824CE6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{64E6CEF5-FF81-46E1-9621-5C2D1874FD53}" = rport=445 | protocol=6 | dir=out | app=system |
"{76C75D85-417D-43D0-A598-233281715F7C}" = rport=139 | protocol=6 | dir=out | app=system |
"{7F31B297-EFA5-452C-84D8-58A6BDA16039}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{8F2D1615-0B11-444E-9DF7-7BCF31D70485}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{96C73793-507A-4068-9A6F-182DB98CE833}" = lport=1927 | protocol=6 | dir=in | name=eytron vms cipc tcp |
"{AD2EA80D-07F1-4E40-AA6F-31BCD443CF58}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{ADAC3156-13CB-484F-881B-74D8F5A0C8C2}" = lport=139 | protocol=6 | dir=in | app=system |
"{B14F1DBE-04CD-4F3C-B6F2-508A8E74B99B}" = lport=445 | protocol=6 | dir=in | app=system |
"{B6FB6A95-060D-4E66-8A45-3A8832C970CB}" = lport=137 | protocol=17 | dir=in | app=system |
"{B91D02F0-EC92-4747-8EBB-E8B5A071EF25}" = lport=5454 | protocol=6 | dir=in | name=x-rite device services manager |
"{BAF313E3-C7A8-4477-836E-EA2FEAE1B828}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D693157B-E76A-4FE7-9446-1E8247B7CE68}" = lport=10243 | protocol=6 | dir=in | app=system |
"{E328F538-C863-4C17-8CDB-4BDAAA1E4961}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E82C9D8E-8AE6-4321-B361-2056069B9F92}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F22E46A8-1D1B-4BE3-AB81-CE3A8458A83D}" = lport=2869 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0BE6728A-F198-49CF-A3D2-58F5E96D2CC5}" = protocol=6 | dir=in | app=c:\program files (x86)\sonos\sonos.exe |
"{0D56F409-3003-41F8-8412-D8F6744E3A4E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0E6CA03F-4589-4F99-9116-8DF8F8ED71EF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0ECF352C-39C3-4D38-BBD9-DDC694997E2E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{1454D8D2-30E4-4B01-9D37-F3B6CB14DF28}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{1DC060DA-6DF0-4AE3-B2D5-15932AFB0174}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{1E609F3B-6E15-4169-A167-C0F2E174EF18}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{211CC569-AEBA-4C9B-8761-B91F916148BF}" = protocol=17 | dir=in | app=c:\users\daeni\appdata\roaming\spotify\spotify.exe |
"{22A87109-3006-4679-A1A7-AFE37A0942B8}" = dir=in | app=%programfiles% (x86)\sonos\sonos.exe |
"{2995A217-8289-4986-A341-8D7D001D93F3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{31EEF344-D5E3-491C-B8F9-6949F0CACB3C}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{36A3641F-F862-4A1A-8CC2-AA08E8639577}" = protocol=6 | dir=in | app=c:\users\daeni\appdata\roaming\spotify\spotify.exe |
"{378B84DD-CF14-483C-A85B-74EDA794BED6}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{399EA48C-C143-40E7-859D-9408A7166D70}" = protocol=6 | dir=in | app=c:\program files (x86)\sonos\sonos.exe |
"{4846BBDD-49F1-4C9A-A872-F81B6BCCC9E1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{4B84B4DC-A923-4387-B26D-5A563AB657B5}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4DFCCB58-73F2-4EE6-87A6-15AC6FA19044}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4E44667F-429C-4700-80CE-A207697831CC}" = dir=in | app=c:\program files (x86)\apple\airport\apagent.exe |
"{4EBB9CB1-B4ED-4A6C-9E98-30BB0E4F0141}" = dir=out | app=%programfiles% (x86)\sonos\sonos.exe |
"{50A3BFDC-F7D1-4039-83C2-47CEE78DBFC9}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{52B6EAF1-EABA-428D-AD93-47E485779A01}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{53AC5F7F-9E44-43FC-A7DB-60C2530F8529}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{55BFA97F-3E5C-45F6-9190-D7F138A53F5B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{62CE0B7B-1B9B-47F3-BB3D-A152E76A7038}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{637D8A4C-7426-4435-8825-DF0F184C06B2}" = protocol=17 | dir=in | app=c:\program files (x86)\sonos\sonos.exe |
"{6641D03D-0129-4B26-A977-81025FC3BA20}" = protocol=6 | dir=in | app=c:\program files (x86)\pantone color manager\pantonecolormanager.exe |
"{6D897ADA-DE8E-4E27-8AAD-F55D03ADCA03}" = protocol=17 | dir=in | app=c:\program files (x86)\sonos\sonos.exe |
"{7179BCD0-B310-42C3-AA9C-6EE61D4483F5}" = protocol=17 | dir=in | app=c:\program files (x86)\sonos\sonos.exe |
"{78C69D36-168F-4A8F-9583-A75DE81A53DB}" = protocol=6 | dir=in | app=c:\program files\abus security-center\vmsexpress\socketunit.exe |
"{81D7B7CC-0AAC-4733-9ED8-48D096D90C23}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{8225AD62-2A65-482F-9077-4228D4F87273}" = protocol=6 | dir=in | app=c:\users\daeni\appdata\roaming\dropbox\bin\dropbox.exe |
"{83C8BF11-01B9-4B9E-8666-842111400439}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8C9D14E1-4221-4ED9-A9B0-72FF5A22CADD}" = protocol=6 | dir=out | app=system |
"{92ED3EA2-F2A7-4B2D-BF69-6F89A1700534}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{A3D1AD13-A29C-4FAA-BF39-8B569D91761A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A5EBE584-1AA1-4421-905E-77261B98E94F}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{A68FF1F1-5144-49E9-986D-A8851A1D269B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{ADA72675-20DE-4032-A9F7-38D0C7EA0555}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B27FE808-361B-44F9-B3F7-95F3B6850C3D}" = dir=in | app=c:\program files (x86)\abus security-center\ip-installer\ipinstaller.exe |
"{B2D37D06-69E2-4506-BCBE-FF01A792A2EF}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{B632EB84-18A3-4837-9F9D-500CB111F581}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{B669BCF7-9479-4FF7-B475-B17245E500A4}" = protocol=17 | dir=in | app=c:\program files\abus security-center\vmsexpress\socketunit.exe |
"{B6728498-76BE-443F-99CB-2B43E5468D83}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B9EAD02E-BA15-471B-BE65-DF8C55F25FE2}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BB1EDAA6-8FA0-4EA5-B82C-4A9E79FE2353}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{BF7905EC-6E26-4F17-AC28-9684068DD856}" = protocol=17 | dir=in | app=c:\users\daeni\appdata\roaming\dropbox\bin\dropbox.exe |
"{C1D251A1-7DAB-483C-AB49-EFC974A962FB}" = protocol=6 | dir=in | app=c:\program files\abus security-center\vmsexpress\x86\ipcameraunit.exe |
"{C236FB52-1642-42BB-A36D-F5734A5154E3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{C31BDF1E-154E-48DA-BF58-DC3C6828D540}" = dir=in | app=c:\users\daeni\appdata\local\temp\7zs16b5\ojprol7x00_full_14\setup\hpznui40.exe |
"{C6538A1F-3382-4CA9-AD20-D38EC92F7E99}" = protocol=17 | dir=in | app=c:\program files\etrovision technology\etrocenter\evstream.exe |
"{C7605A7F-7BA8-41E4-88BC-1CDAECBAAA8D}" = protocol=6 | dir=in | app=c:\program files (x86)\sonos\sonos.exe |
"{C90B0EC3-B017-4199-9EE6-94BBF5A7DBD3}" = protocol=17 | dir=in | app=c:\program files\abus security-center\vmsexpress\x86\ipcameraunit.exe |
"{C98BFD51-45EE-4D4D-BDE1-8B1413D417D7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{CCEA698A-F270-47E4-BBF9-1C22CDA58A09}" = protocol=6 | dir=in | app=c:\program files\etrovision technology\etrocenter\evstream.exe |
"{CE0D9978-10D8-4012-B99A-2DEB83CFC161}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{CF47D071-A29F-4AAA-940E-FB0AC5BA0A5A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CF83AC61-2294-4450-9832-20929D24930B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{D2C81166-E76B-4F02-AC3E-56B65C1370E6}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{D6ABF2E0-6118-4AFE-BE5B-6BF751B8A6BB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{D7BB84B1-9094-462A-911F-EF40D75A26E8}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{DB39C67D-CB9A-4568-A753-3E2BAB362A61}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{E2AC7BD6-9BE7-466C-8DB2-2D22DDC474A9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E388D5CC-B649-4367-A09F-947087C9BCA2}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{E6582B67-EA75-4833-80C1-70091D3DBDB0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{E848A7E6-9843-43F7-9991-BA63FF3CBCB9}" = protocol=17 | dir=in | app=c:\program files (x86)\pantone color manager\pantonecolormanager.exe |
"{EB546EE9-4DC0-4225-B442-6B0575C99B0A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{F502A225-D4C4-4DDB-9614-18D2E790F3C3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01078B88-2981-4F75-96B0-8B22E2D2DE03}" = Microsoft SQL Server 2008 R2 Setup (English)
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{14297226-E0A0-3781-8911-E9D529552663}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{234F6B0D-10AE-4BB7-B2F3-E48D4861952D}" = SQL Server 2008 R2 SP1 Common Files
"{2437D856-23E2-A0EE-3D8C-041AA2065109}" = AMD Catalyst Install Manager
"{26A24AE4-039D-4CA4-87B4-2F86417009FF}" = Java 7 Update 9 (64-bit)
"{26F481C6-8DBE-4F8B-9D8D-715081C23ADE}" = Adobe Premiere Elements 10
"{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}" = Microsoft SQL Server VSS Writer
"{36F70DEE-1EBF-4707-AFA2-E035EEAEBAA1}" = SQL Server 2008 R2 SP1 Common Files
"{3DAE9A67-DD8D-4EDB-91F7-7B5132B1864D}" = SmartSound Premiere Elements 10 x64 Plugin
"{4528FB2C-65B7-4B6E-87CD-D82CAA3529D3}" = RHINO Connect Software
"{471AAD2C-9078-4DAC-BD43-FA10FB7C3FCE}" = Microsoft SQL Server 2008 R2 Native Client
"{48C0866E-57EB-444C-8371-8E4321066BC3}" = Network64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ACE7F46-FACE-4125-AE86-672F4F2A6A28}" = Bing Maps 3D
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{704C0303-D20C-45AF-BD2B-556EAF31BE09}" = iCloud
"{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}" = PaperPort Image Printer 64-bit
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{91415F19-4C22-3609-A105-92ED3522D83C}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}" = Microsoft SQL Server Native Client
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9D6C64CC-EA60-47A6-9C97-82C38231EDAE}" = HP OfficeJet L7300/L7500/7600/7700
"{A2122A9C-A699-4365-ADF8-68FEAC125D61}" = SQL Server 2008 R2 SP1 Database Engine Shared
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B40EE88B-400A-4266-A17B-E3DE64E94431}" = Microsoft SQL Server 2008 Setup Support Files
"{BC741628-0AFC-405C-8946-DD46D1005A0A}" = 64 Bit HP CIO Components Installer
"{BCCC97EE-E162-448C-8847-59718FF29B04}" = Intel(R) Network Connections 15.6.25.0
"{C942A025-A840-4BF2-8987-849C0DD44574}" = SQL Server 2008 R2 SP1 Database Engine Shared
"{D8C23BDE-4748-44D9-A9DD-8AB64EB18BE3}" = Microsoft SQL Server 2008 R2 RsFx Driver
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{EC3671D7-98AC-4951-8FFD-5556BE066137}" = AVM FRITZ!Box AddOn (IE) (x64)
"{F31183CF-E10F-4DE1-BB59-6C0FF38E481E}" = Sql Server Customer Experience Improvement Program
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FA7394B8-CE65-4F9E-AC99-F372AD365424}" = SQL Server 2008 R2 SP1 Database Engine Services
"{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = SQL Server 2008 R2 SP1 Database Engine Services
"0B624A43DD66DBF5CF3EDFA9741A364E688062A4" = Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 )
"1F64724E4D591A125651B4B68C84B9CCE9619004" = Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 )
"654DAFF344F269198F492202E6759D45904E389B" = Windows Driver Package - RTI ZB-Pro Driver Package (02/17/2009 2.04.16)
"7883676FB1B8416356883298EA4A44991795F481" = Windows Driver Package - Remote Technologies Inc. (WinUSB) Control Device (04/07/2009 2.0.0.201)
"91F1270CF64801521557E983D82131355D4BA7B0" = Windows Driver Package - RTI ZB-Pro Driver Package (02/17/2009 2.04.16)
"9C77513A57291F0E6C36607E517383AF8317B9FF" = Windows Driver Package - Remote Technologies Inc. (WinUSB) Control Device (05/26/2012 2.0.0.202)
"BECDF025CBE7908A2B6A488537CE7A31D1D5E13B" = Windows Driver Package - RTI ZB-Pro Driver Package (04/10/2012 2.08.24)
"E33851197B121AEAEDB1FDD072C90C458CF2E26C" = Windows Driver Package - RTI ZB-Pro Driver Package (04/10/2012 2.08.24)
"ffdshow64_is1" = ffdshow x64 v1.1.4052 [2011-11-20]
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"HPOCR" = OCR Software by I.R.I.S. 14.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 R2 (64-bit)
"Microsoft SQL Server 2008 R2" = Microsoft SQL Server 2008 R2 (64-bit)
"PremElem100" = Adobe Premiere Elements 10
"PROSetDX" = Intel(R) Network Connections 15.6.25.0
"SAMSUNG Map Download Manager" = SAMSUNG Map Download Manager 1.0.0.5
"Shop for HP Supplies" = Shop for HP Supplies
"sp6" = Logitech SetPoint 6.32
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{042A6F10-F770-4886-A502-B795DCF2D3B5}" = Nuance PDF Viewer Plus
"{048DDE77-66D5-4335-8497-903856759B58}" = BPDSoftware
"{04DB9640-A905-456C-96F5-F1EB80FEB5C9}" = ProductContext
"{05DC79C6-4213-45D3-BE8A-50B8B7C1F0E1}" = bpd_scan_Carrier
"{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}" = Scansoft PDF Professional
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{11D08055-939C-432b-98C3-E072478A0CD7}" = PSE10 STI Installer
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1572ED2F-3D17-45E7-AADC-37C5FD0EF4B2}_is1" = EasySoft Faktura
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1D273D91-D7D5-4036-8B84-EB4615FF5F81}" = SmartSound Sonicfire Pro 5
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{21F59CE1-E0E1-49BD-ABC8-304675F33797}" = ABUS IP-Installer
"{22D3A614-482C-444A-932C-9DA1B8ECDFD2}" = Elements 10 Organizer
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216038FF}" = Java(TM) 6 Update 38
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
"{2C303EE0-A595-3543-A71A-931C7AC40EDE}" = Microsoft Primary Interoperability Assemblies 2005
"{2C719B89-EA69-4157-BCB4-43728F573297}" = ES Status Monitor
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{30B41B7A-3C9D-44DE-A7A1-949011F33CC3}" = PDF Architect
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{38918B55-07CA-4B31-A9E2-E54D4D01E48D}" = KNX ENO Tool
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver
"{3D589663-D625-444D-8EA4-FF94AFDDBD7E}_is1" = EasySoft Fibu Advanced Mandant
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{4412F224-3849-4461-A3E9-DEEF8D252790}" = Visual Studio C++ 10.0 Runtime
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1" = Data Lifeguard Diagnostic for Windows 1.24
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status
"{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048
"{602276BD-9BC8-47E3-B07D-A2B2CF7FB2BD}" = Advanced IP Scanner
"{6146B9DC-C33D-11E2-BDE1-984BE15F174E}" = Evernote v. 4.6.6
"{662548BC-3506-4843-B7AA-F44D352F76A8}" = PC Auto Backup
"{6B85F2C6-AA9E-43EF-B824-AB5256E1A98C}" = 36CH PC NVR
"{6E65E954-8C25-797C-5382-B9B83F262105}" = Catalyst Control Center InstallProxy
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{733A0FB7-56E9-42D5-A79C-DC08EC874B49}_is1" = ayControl Editor 1.0.4
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}" = Sonos Controller
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{889C1162-A0A3-4524-979A-14AFD5FE35A0}_is1" = EasySoft Fibu Advanced Mandant
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{8BCFBB2E-764B-4EAB-91C9-573F0BDB49E6}" = Integration Designer
"{8E310838-457C-4269-B177-3EFB300CBDDC}" = Synology Data Replicator 3
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.VISIOR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.VISIOR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.VISIOR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.VISIOR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.VISIOR_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.VISIOR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0054-0407-0000-0000000FF1CE}" = Microsoft Office Visio MUI (German) 2010
"{90140000-0054-0407-0000-0000000FF1CE}_Office14.VISIOR_{1FEAC070-BB09-4055-9BD0-48CF52023F92}" = Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.VISIOR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0057-0000-0000-0000000FF1CE}" = Microsoft Office Visio 2010
"{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{01D8AE4B-A04D-47E5-81BF-E3F98B81B8C3}" = Microsoft Visio 2010 Service Pack 1 (SP1)
"{9294F169-72EE-4D74-AE92-CA25F64B4FF8}" = Fax
"{9432F8D1-09C7-4C78-8F68-B163206698CD}" = Vasco da Gama 6 HD Ultimate
"{943F411D-E3C0-43C4-9A3D-B6CE92E93395}" = X-Rite Device Services Manager
"{95140000-00AF-0407-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{9543BDC2-B910-4ED8-AD92-B8B92040245D}" = KNX eteC Falcon Runtime v2.1
"{960CE333-260D-4887-9785-57E2EEFA287D}" = Nuance PaperPort 14
"{9615E45B-7670-4D17-9ED5-28B9E936EEDD}" = 7500_7600_7700_Help1
"{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}" = Google Earth
"{96B3C2A3-ADD6-4E63-89D3-1E3AC115D3FA}" = pdfforge Toolbar v6.0
"{99567851-B7F1-4692-A33A-0732E761220B}" = BodyMedia SYNC
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9F06F464-479A-403E-AF92-70CBB8D674A1}" = PRE10STI64Installer
"{A127C3C0-055E-38CF-B38F-1E85F8BBBFFE}" = Adobe Community Help
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9F2E6BA-6756-4D8D-808E-671F4862EF2B}" = KNX ETS4
"{AA68AAAE-41F0-40B5-8896-5947F5FD6889}" = AirPort
"{AB21B9A7-6AF7-4E3F-BF1B-792A40B313CB}" = Integration Designer
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch
"{b17ff919-2d84-4f2a-94d1-4c5254d8924f}" = KNX eteC Falcon Runtime v2.0
"{B5A4C902-1636-48DB-8E38-F0DB102DDB59}" = MPM
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"{B9681EB8-76E5-4022-AE84-F6B7CE464554}" = KNX ETS4 Additional Runtime
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BF9BF038-FE03-429D-9B26-2FA0FD756052}" = Microsoft SQL Server Browser
"{C4CC491B-5E85-4E96-8911-DF425893DF4A}" = L7500
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{CE26F10F-C80F-4377-908B-1B7882AE2CE3}" = Crystal Reports Basic Runtime for Visual Studio 2008
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam-Software
"{DF9A6075-9308-4572-8932-A4316243C4D9}" = Brother P-touch Editor 5.0
"{E043568C-1745-4C69-9D52-43F6E79EB03B}" = Joulemeter
"{E3D5CBA4-1B99-4E8B-A46E-01B08E78D81C}" = CardScan for Outlook
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E84EF5FB-6EA2-4CA4-81CA-87B06550614E}" = AIMS 7.9 Configuration Set (ai79300)
"{E964EB8D-3234-486C-9B5E-92E7C833D182}" = AVM FRITZ!Box AddOn (IE)
"{EB44102C-759C-46B4-9B15-3C649A4A5D20}" = Documents Manager 3
"{EC5F4C1B-F838-4CB7-8561-8F809296428B}" = TomTom HOME
"{ED3D79A6-B3BB-4482-B226-0B620F97258A}" = BPDSoftware_Ini
"{EE549AF9-8FAA-4584-83B2-ECF1BC9DC1FF}" = Adobe Photoshop Elements 10
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{EFADD989-D9F2-49F6-A280-675951CC78D3}" = FRITZ!Box-Fernzugang einrichten
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FF9A5D82-900E-4D16-B549-B8F0BB8D1BD2}" = KETTLER WORLD TOURS Common
"2841-5017-1617-4151" = Snapform Viewer 1.7.31
"7381-2256-9934-9039" = EasyTax 2012 BL 1.01
"ABUS IPCam ActiveX" = ABUS IPCam ActiveX
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 10" = Adobe Photoshop Elements 10
"Audiograbber" = Audiograbber 1.83 SE
"Autorennbahnplaner" = Autorennbahnplaner
"Avira AntiVir Desktop" = Avira Internet Security
"B076073A-5527-4f4f-B46B-B10692277DA2_is1" = DisplayFusion 5.0.1
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Cockpit-XP_V2 Demoversion_is1" = Cockpit-XP V2 Demoversion Version 2.2.3
"Creative Movie Maker" = Creative Movie Maker 1.0.6.0
"EasyTax 2011 BL 1.01" = EasyTax 2011 BL 1.01
"Elements+_is1" = Elements+ for PSE 10 (demo)
"EPSON Scanner" = EPSON Scan
"Feller HS+FS Experte v2.10" = Feller HS+FS Experte v2.10
"FileZilla Client" = FileZilla Client 3.7.3
"Google Calendar Sync" = Google Calendar Sync
"Google Chrome" = Google Chrome
"GoPro CineForm Studio" = GoPro CineForm Studio 1.2.1
"GT2500 Benutzerhandbuch" = GT2500 Benutzerhandbuch
"HS_FS QuadClient 1.4" = QuadClient 1.4
"Installationsassistent2" = Installationsassistent2
"InstallShield_{1D273D91-D7D5-4036-8B84-EB4615FF5F81}" = SmartSound Sonicfire Pro 5
"InstallShield_{662548BC-3506-4843-B7AA-F44D352F76A8}" = PC Auto Backup
"InstallShield_{99567851-B7F1-4692-A33A-0732E761220B}" = BodyMedia SYNC
"InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"Intelli-studio" = SAMSUNG Intelli-studio
"KNX ETS4" = KNX ETS4
"LG EzSign TV Editor" = LG EzSign TV Editor
"LHTTSGED" = L&H TTS3000 Deutsch
"magnet" = Elektronischer Magnetplaner
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 21.0 (x86 en-US)" = Mozilla Firefox 21.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.SingleImage" = Microsoft Office Professional 2010
"Office14.VISIOR" = Microsoft Visio Premium 2010
"Pantone Color Manager_is1" = Pantone Color Manager 1.0.3
"Semiolog2" = Semiolog
"Synology Assistant" = Synology Assistant (remove only)
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"WinPcapInst" = WinPcap 4.1.2
"WinRAR archiver" = WinRAR archiver
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"GoToMeeting" = GoToMeeting 5.7.0.1172
"JoinMe" = join.me
"Spotify" = Spotify
"Synology CloudStation" = Synology Cloud Station (remove only)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 11.08.2013 07:40:02 | Computer Name = BuP-Daeni-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 11.08.2013 07:40:02 | Computer Name = BuP-Daeni-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren
für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error - 11.08.2013 07:40:18 | Computer Name = BuP-Daeni-PC | Source = WinMgmt | ID = 10
Description =
Error - 11.08.2013 07:41:58 | Computer Name = BuP-Daeni-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "F:\esetsmartinstaller_enu.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 11.08.2013 07:42:40 | Computer Name = BuP-Daeni-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 11.08.2013 07:42:40 | Computer Name = BuP-Daeni-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 11.08.2013 07:42:40 | Computer Name = BuP-Daeni-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren
für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error - 11.08.2013 07:43:29 | Computer Name = BuP-Daeni-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 11.08.2013 07:43:29 | Computer Name = BuP-Daeni-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 11.08.2013 07:43:29 | Computer Name = BuP-Daeni-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren
für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
[ Media Center Events ]
Error - 25.04.2012 02:56:40 | Computer Name = BuP-Daeni-PC | Source = MCUpdate | ID = 0
Description = 08:56:40 - Fehler beim Herstellen der Internetverbindung. 08:56:40
- Serververbindung konnte nicht hergestellt werden..
Error - 25.04.2012 02:57:11 | Computer Name = BuP-Daeni-PC | Source = MCUpdate | ID = 0
Description = 08:57:09 - Fehler beim Herstellen der Internetverbindung. 08:57:09
- Serververbindung konnte nicht hergestellt werden..
Error - 25.04.2012 04:00:20 | Computer Name = BuP-Daeni-PC | Source = MCUpdate | ID = 0
Description = 10:00:20 - Fehler beim Herstellen der Internetverbindung. 10:00:20
- Serververbindung konnte nicht hergestellt werden..
Error - 25.04.2012 04:00:51 | Computer Name = BuP-Daeni-PC | Source = MCUpdate | ID = 0
Description = 10:00:49 - Fehler beim Herstellen der Internetverbindung. 10:00:49
- Serververbindung konnte nicht hergestellt werden..
Error - 05.05.2012 21:51:10 | Computer Name = BuP-Daeni-PC | Source = MCUpdate | ID = 0
Description = 03:51:09 - Fehler beim Herstellen der Internetverbindung. 03:51:09
- Serververbindung konnte nicht hergestellt werden..
Error - 05.05.2012 22:51:45 | Computer Name = BuP-Daeni-PC | Source = MCUpdate | ID = 0
Description = 04:51:44 - Fehler beim Herstellen der Internetverbindung. 04:51:44
- Serververbindung konnte nicht hergestellt werden..
Error - 05.05.2012 23:57:08 | Computer Name = BuP-Daeni-PC | Source = MCUpdate | ID = 0
Description = 05:57:07 - Fehler beim Herstellen der Internetverbindung. 05:57:07
- Serververbindung konnte nicht hergestellt werden..
Error - 06.05.2012 00:59:24 | Computer Name = BuP-Daeni-PC | Source = MCUpdate | ID = 0
Description = 06:59:23 - Fehler beim Herstellen der Internetverbindung. 06:59:23
- Serververbindung konnte nicht hergestellt werden..
Error - 15.11.2012 09:21:15 | Computer Name = BuP-Daeni-PC | Source = MCUpdate | ID = 0
Description = 14:21:15 - Fehler beim Herstellen der Internetverbindung. 14:21:15
- Serververbindung konnte nicht hergestellt werden..
Error - 15.11.2012 09:21:23 | Computer Name = BuP-Daeni-PC | Source = MCUpdate | ID = 0
Description = 14:21:20 - Fehler beim Herstellen der Internetverbindung. 14:21:20
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 11.08.2013 07:38:51 | Computer Name = BuP-Daeni-PC | Source = DCOM | ID = 10005
Description =
Error - 11.08.2013 07:38:51 | Computer Name = BuP-Daeni-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 11.08.2013 07:38:51 | Computer Name = BuP-Daeni-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 11.08.2013 07:38:51 | Computer Name = BuP-Daeni-PC | Source = DCOM | ID = 10005
Description =
Error - 11.08.2013 07:38:52 | Computer Name = BuP-Daeni-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 11.08.2013 07:38:52 | Computer Name = BuP-Daeni-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 11.08.2013 07:38:52 | Computer Name = BuP-Daeni-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 11.08.2013 07:38:52 | Computer Name = BuP-Daeni-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 11.08.2013 07:38:52 | Computer Name = BuP-Daeni-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 11.08.2013 07:38:52 | Computer Name = BuP-Daeni-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
< End of report >
Code:
OTL logfile created on: 11.08.2013 13:42:48 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Daeni\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
15.98 Gb Total Physical Memory | 14.76 Gb Available Physical Memory | 92.39% Memory free
31.95 Gb Paging File | 30.76 Gb Available in Paging File | 96.27% Paging File free
Paging file location(s): g:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111.79 Gb Total Space | 14.13 Gb Free Space | 12.64% Space Free | Partition Type: NTFS
Drive F: | 1009.97 Mb Total Space | 198.95 Mb Free Space | 19.70% Space Free | Partition Type: FAT
Drive G: | 1863.01 Gb Total Space | 1777.49 Gb Free Space | 95.41% Space Free | Partition Type: NTFS
Computer Name: BUP-DAENI-PC | User Name: Daeni | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.08.11 13:41:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Daeni\Desktop\OTL.exe
========== Modules (No Company Name) ==========
========== Services (SafeList) ==========
SRV:64bit: - [2013.03.15 13:52:10 | 004,466,120 | ---- | M] (SafeNet Inc.) [Auto | Stopped] -- C:\Windows\SysNative\hasplms.exe -- (hasplms)
SRV:64bit: - [2012.09.14 00:18:32 | 000,239,616 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.08.12 16:00:20 | 000,133,800 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel® PROSet Monitoring Service)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2008.04.10 16:03:00 | 000,020,480 | ---- | M] (Oki Data Corporation) [Auto | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\OPHMLDCS.EXE -- (OKI OPHM DCS Loader)
SRV - [2013.07.16 13:41:06 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.06.24 11:25:42 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.06.24 11:25:35 | 000,589,368 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2013.06.24 11:25:32 | 000,654,392 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe -- (AntiVirFirewallService)
SRV - [2013.06.24 11:25:32 | 000,371,768 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2013.06.24 11:25:32 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.06.01 19:20:13 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.04.26 14:07:40 | 001,498,000 | ---- | M] (Binary Fortress Software) [Auto | Stopped] -- C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe -- (DisplayFusionService)
SRV - [2013.03.22 06:07:18 | 000,093,072 | ---- | M] (TomTom) [Auto | Stopped] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2012.11.22 17:58:14 | 001,522,312 | ---- | M] (pdfforge GbR) [Auto | Stopped] -- C:\Program Files (x86)\PDF Architect\HelperService.exe -- (PDF Architect Helper Service)
SRV - [2012.11.22 17:56:10 | 000,905,864 | ---- | M] (pdfforge GbR) [Auto | Stopped] -- C:\Program Files (x86)\PDF Architect\ConversionService.exe -- (PDF Architect Service)
SRV - [2012.06.28 11:10:34 | 000,381,312 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe -- (SynoDrService)
SRV - [2012.05.29 13:09:52 | 002,143,072 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.01.18 12:58:40 | 007,262,263 | ---- | M] (Samsung) [Auto | Stopped] -- C:\Program Files (x86)\Samsung\PC Auto Backup\WiselinkPro.exe -- (WiselinkPro)
SRV - [2012.01.18 08:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011.09.27 21:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [Auto | Stopped] -- C:\Programme\Common Files\logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2011.09.01 03:22:18 | 000,169,624 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor10.0)
SRV - [2011.08.13 14:50:20 | 000,138,600 | ---- | M] (Nuance Communications, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe -- (PDFProFiltSrvPP)
SRV - [2011.04.30 01:32:54 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011.03.10 21:08:06 | 000,203,088 | ---- | M] (X-Rite Inc.) [Auto | Stopped] -- C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe -- (xrdd.exe)
SRV - [2011.02.18 08:18:50 | 000,245,760 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe -- (UsbClientService)
SRV - [2010.10.27 17:18:52 | 000,052,896 | ---- | M] (Atheros Commnucations) [Auto | Stopped] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2010.10.22 14:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Stopped] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010.06.25 19:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2010.04.09 14:46:40 | 002,115,072 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Aastra\AIMS_79\bin\SemNTService.exe -- (AscotelSystemEventManagerSQL)
SRV - [2010.04.03 20:00:08 | 000,059,744 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Microsoft SQL Server\100\Shared\sqladhlp.exe -- (MSSQLServerADHelper100)
SRV - [2010.04.03 12:00:10 | 000,146,272 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.08.18 13:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.04.10 16:03:00 | 000,020,480 | ---- | M] (Oki Data Corporation) [Auto | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\OPHMLDCS.EXE -- (OKI OPHM DCS Loader)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013.03.28 18:56:15 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013.03.28 18:56:15 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013.03.28 18:56:15 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2013.03.15 13:52:08 | 000,331,144 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\hardlock.sys -- (hardlock)
DRV:64bit: - [2013.03.15 13:52:08 | 000,303,368 | ---- | M] (SafeNet Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aksusb.sys -- (aksusb)
DRV:64bit: - [2013.03.15 13:52:08 | 000,141,064 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\aksfridge.sys -- (aksfridge)
DRV:64bit: - [2013.03.15 13:52:08 | 000,090,056 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\aksdf.sys -- (aksdf)
DRV:64bit: - [2013.03.15 13:52:08 | 000,063,944 | ---- | M] (SafeNet Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\akshhl.sys -- (akshhl)
DRV:64bit: - [2013.03.15 13:52:08 | 000,060,488 | ---- | M] (SafeNet Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\akshasp.sys -- (akshasp)
DRV:64bit: - [2013.02.13 10:07:55 | 000,141,376 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avfwot.sys -- (avfwot)
DRV:64bit: - [2013.02.13 10:07:55 | 000,114,608 | ---- | M] (Avira GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avfwim.sys -- (avfwim)
DRV:64bit: - [2012.11.30 18:42:12 | 000,085,424 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2012.11.30 18:42:12 | 000,076,464 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2012.09.14 01:01:14 | 010,695,168 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.09.13 23:55:38 | 000,459,776 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.18 08:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012.01.18 08:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2011.09.02 08:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011.09.02 08:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011.06.17 20:54:22 | 000,313,696 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\RsFx0151.sys -- (RsFx0151)
DRV:64bit: - [2011.06.07 00:07:00 | 000,231,440 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011.04.26 12:07:36 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.18 08:20:34 | 000,056,160 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\busenum.sys -- (busenum)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.15 20:05:02 | 000,364,520 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2010.11.15 20:05:00 | 000,121,832 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2010.10.27 16:50:28 | 000,301,680 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2010.10.27 16:50:28 | 000,279,152 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2010.10.27 16:50:28 | 000,203,624 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2010.10.27 16:50:28 | 000,156,520 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2010.10.27 16:50:28 | 000,058,992 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2010.10.27 16:50:28 | 000,055,336 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AthDfu.sys -- (ATHDFU)
DRV:64bit: - [2010.10.27 16:50:28 | 000,038,248 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2010.10.27 16:50:28 | 000,031,080 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2010.10.20 00:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.09.21 15:34:18 | 000,313,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:64bit: - [2010.09.01 23:26:30 | 000,032,936 | ---- | M] (Intel Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iqvw64e.sys -- (NAL)
DRV:64bit: - [2010.08.10 18:29:14 | 000,120,920 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2010.06.25 19:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2010.03.19 04:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010.03.09 12:21:42 | 000,123,408 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009.07.14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012.05.08 15:21:42 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.bazonline.ch/hxxp://kn [Binary data over 200 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.facebook.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ch.msn.com/default.aspx?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-ch
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\..\SearchScopes\{32CB2E5D-06D0-4C9B-A24E-C8A4FC5E2FD2}: "URL" = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7GGHP_deCH458
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=827316&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.startup.homepage: "hxxp://search.babylon.com/?affID=109958&tt=021012_ccp_4012_8&babsrc=HP_ss&mntrId=eaae336b000000000000002683331db5"
FF - prefs.js..extensions.enabledAddons: firefox%40unfriendfinder.com:41.998
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.10
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..keyword.URL: "hxxp://search.babylon.com/?affID=109958&tt=021012_ccp_4012_8&babsrc=KW_ss&mntrId=eaae336b000000000000002683331db5&q="
FF - prefs.js..network.proxy.type: 0
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ [2011.12.28 11:30:00 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_38: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ [2011.12.28 11:30:00 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\nppdf.dll (Zeon Corporation)
FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Users\Daeni\AppData\Local\Citrix\Plugins\94\npappdetector.dll (Citrix Online)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.12.19 01:54:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2012.11.27 09:51:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.06.01 19:20:13 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.12.19 01:54:40 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.06.01 19:20:13 | 000,000,000 | ---D | M]
[2012.04.04 17:50:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daeni\AppData\Roaming\mozilla\Extensions
[2012.04.04 17:50:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daeni\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2013.08.02 14:12:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daeni\AppData\Roaming\mozilla\Firefox\Profiles\uhbnt4re.default\extensions
[2013.05.29 11:54:26 | 000,000,000 | ---D | M] (Firebug) -- C:\Users\Daeni\AppData\Roaming\mozilla\Firefox\Profiles\uhbnt4re.default\extensions\firebug@software.joehewitt.com
[2013.01.26 01:19:21 | 000,000,000 | ---D | M] (Unfriend Finder) -- C:\Users\Daeni\AppData\Roaming\mozilla\Firefox\Profiles\uhbnt4re.default\extensions\firefox@unfriendfinder.com
[2013.05.29 11:54:26 | 002,168,615 | ---- | M] () (No name found) -- C:\Users\Daeni\AppData\Roaming\mozilla\firefox\profiles\uhbnt4re.default\extensions\firebug@software.joehewitt.com.xpi
[2013.01.26 01:19:21 | 000,351,326 | ---- | M] () (No name found) -- C:\Users\Daeni\AppData\Roaming\mozilla\firefox\profiles\uhbnt4re.default\extensions\firefox@unfriendfinder.com.xpi
[2013.06.22 19:54:16 | 000,069,465 | ---- | M] () (No name found) -- C:\Users\Daeni\AppData\Roaming\mozilla\firefox\profiles\uhbnt4re.default\extensions\mediahint@jetpack.xpi
[2013.08.02 14:12:01 | 000,824,302 | ---- | M] () (No name found) -- C:\Users\Daeni\AppData\Roaming\mozilla\firefox\profiles\uhbnt4re.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.08.02 14:03:58 | 000,275,262 | ---- | M] () (No name found) -- C:\Users\Daeni\AppData\Roaming\mozilla\firefox\profiles\uhbnt4re.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2013.05.04 12:36:55 | 000,002,363 | ---- | M] () -- C:\Users\Daeni\AppData\Roaming\mozilla\firefox\profiles\uhbnt4re.default\searchplugins\babylon.xml
[2012.10.03 07:40:05 | 000,002,547 | ---- | M] () -- C:\Users\Daeni\AppData\Roaming\mozilla\firefox\profiles\uhbnt4re.default\searchplugins\browsemngr.xml
[2013.06.01 19:20:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013.01.07 11:07:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}
[2013.06.01 19:20:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013.06.01 19:20:13 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.08.02 20:28:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions
[2013.08.02 20:28:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}
[2013.08.02 20:28:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\updated\browser\extensions
[2013.08.02 20:28:47 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012.10.03 07:39:52 | 000,002,360 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
========== Chrome ==========
CHR - homepage: true
CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage:
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (FRITZ!Box Addon BHO) - {C0C86BBE-9509-4296-8459-FDBFDAF4B673} - C:\Programme\FRITZ!Box\AddOn (IE)\FBoxIESplitButton.dll (AVM Berlin)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Snapform Viewer PlugIn for IE) - {00AF1458-D967-4C0E-B736-D6D010521EF5} - C:\Program Files (x86)\SnapFormViewer\Viewer\bin\lib\SFVPlugInIE_x86.dll (Ringler Informatik AG)
O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
O2 - BHO: (PlusIEEventHelper Class) - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll (Zeon Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Evernote extension) - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
O2 - BHO: (SplitButtonBHO Class) - {C0C86BBE-9509-4296-8459-FDBFDAF4B673} - C:\Program Files (x86)\FRITZ!Box\AddOn (IE)\FBoxIESplitButton.dll (AVM Berlin)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (PDF Architect Toolbar) - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GbR)
O3 - HKLM\..\Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Bluetooth Connection Assistant] LBTWIZ.EXE -silent File not found
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AirPort Base Station Agent] C:\Program Files (x86)\apple\AirPort\APAgent.exe (Apple Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [IndexSearch] C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\isuspm.exe (Flexera Software, Inc.)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDFProHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\PdfPro7Hook.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PTNMWND] C:\Program Files (x86)\Brother\ES Status Monitor\ptnmwnd.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKCU..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKCU..\Run: [CAHeadless] C:\Program Files (x86)\Adobe\Elements 10 Organizer\CAHeadless\ElementsAutoAnalyzer.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe (Apple Inc.)
O4 - HKCU..\Run: [DisplayFusion] C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe (Binary Fortress Software)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKCU..\Run: [Spotify] C:\Users\Daeni\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Daeni\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - Startup: C:\Users\Daeni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CloudStation.lnk = C:\Users\Daeni\AppData\Local\CloudStation\bin\cloud.exe ()
O4 - Startup: C:\Users\Daeni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Daeni\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Daeni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Auswahl speichern - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 File not found
O8:64bit: - Extra context menu item: Bild ausschneiden - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4 File not found
O8:64bit: - Extra context menu item: Diese Seite ausschneiden - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 File not found
O8:64bit: - Extra context menu item: FRITZ!Box Dial - C:\Programme\FRITZ!Box\AddOn (IE)\fb_addon_dial_ie.htm ()
O8:64bit: - Extra context menu item: Mit FRITZ!Box Anrufen - C:\Program Files (x86)\FRITZ!Box\AddOn (IE)\fb_addon_dial_ie.htm ()
O8:64bit: - Extra context menu item: Neue Notiz - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html ()
O8:64bit: - Extra context menu item: URL notieren - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not found
O8 - Extra context menu item: Auswahl speichern - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 File not found
O8 - Extra context menu item: Bild ausschneiden - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4 File not found
O8 - Extra context menu item: Diese Seite ausschneiden - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 File not found
O8 - Extra context menu item: FRITZ!Box Dial - C:\Programme\FRITZ!Box\AddOn (IE)\fb_addon_dial_ie.htm ()
O8 - Extra context menu item: Mit FRITZ!Box Anrufen - C:\Program Files (x86)\FRITZ!Box\AddOn (IE)\fb_addon_dial_ie.htm ()
O8 - Extra context menu item: Neue Notiz - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html ()
O8 - Extra context menu item: URL notieren - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: FRITZ!Box AddOn - {328ECD19-C167-40eb-A0C7-16FE7634105F} - C:\Programme\FRITZ!Box\AddOn (IE)\FBoxIESplitButton.dll (AVM Berlin)
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: FRITZ!Box AddOn - {328ECD19-C167-40eb-A0C7-16FE7634105F} - C:\Program Files (x86)\FRITZ!Box\AddOn (IE)\FBoxIESplitButton.dll (AVM Berlin)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000020 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {543DAD91-B0F3-4564-B860-D22F935674EF} hxxp://10.41.3.3/script/activeX/EV/nvs4.cab (IPSFilter Source 4)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab (Java Plug-in 1.6.0_38)
O16 - DPF: {960DC750-7447-4CDE-BF1C-FB33F9129654} hxxp://10.8.1.1:5000/webman/3rdparty/SurveillanceStation/object/SSObject3.cab?6.0-2383 (SSObject3 Control)
O16 - DPF: {B4CB8358-ABDB-47EE-BC2D-437B5DEBABCB} hxxp://10.255.255.33/AxViewer/AxMediaControl.cab (AxMediaControl Control)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab (Java Plug-in 1.6.0_38)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab (Java Plug-in 1.6.0_38)
O16 - DPF: {D2578010-6923-40F6-AA34-0688692CBE3A} hxxp://10.255.255.30/PlayerOCX.cab (PlayerOCX Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{59CE319B-A982-4BA4-8157-62323321AA76}: NameServer = 10.0.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\aims.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\aimssmartupdate.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\alarmviewer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\hpwucli.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\quickstart.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\sbase.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\scalc.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\sdraw.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\semconfig.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\semserver.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\simpress.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\smath.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\soffice.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\swriter.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\aims.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\aimssmartupdate.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\alarmviewer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\hpwucli.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\quickstart.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\sbase.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\scalc.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\sdraw.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\semconfig.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\semserver.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\simpress.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\smath.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\soffice.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\swriter.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.08.11 13:42:20 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Daeni\Desktop\OTL.exe
[2013.08.06 12:44:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013.08.02 21:35:07 | 000,750,592 | ---- | C] (Bennet-Tec Information Systems, Inc.) -- C:\Windows\SysWow64\MDraw30.ocx
[2013.08.02 21:35:07 | 000,167,936 | ---- | C] (Tidestone Technologies, Inc.) -- C:\Windows\SysWow64\TTF16FR.DLL
[2013.08.02 21:35:07 | 000,163,840 | ---- | C] (Tidestone Technologies, Inc.) -- C:\Windows\SysWow64\TTF16DE.DLL
[2013.08.02 20:01:39 | 002,359,296 | ---- | C] (VectorDraw) -- C:\Windows\SysWow64\vdstd.ocx
[2013.08.02 20:01:38 | 005,120,000 | ---- | C] (VectorDraw) -- C:\Windows\SysWow64\vdxfiles.dll
[2013.08.02 20:01:38 | 002,060,288 | ---- | C] (VectorDraw) -- C:\Windows\SysWow64\Vdraw.ocx
[2013.08.02 20:01:38 | 001,142,784 | ---- | C] (Tidestone Technologies, Inc.) -- C:\Windows\SysWow64\TTF16.ocx
[2013.08.02 20:01:38 | 000,442,368 | ---- | C] (VectorDraw) -- C:\Windows\SysWow64\vdimg.dll
[2013.08.02 20:01:38 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFC71CHT.DLL
[2013.08.02 20:01:38 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFC71CHS.DLL
[2013.08.02 20:01:38 | 000,032,768 | ---- | C] (VectorDraw) -- C:\Windows\SysWow64\vdfext.dll
[2013.08.02 20:01:23 | 000,000,000 | ---D | C] -- C:\Program Files\knx
[2013.08.02 20:00:42 | 000,328,704 | ---- | C] (InstallShield Software Corporation ) -- C:\Windows\IsUn0407.exe
[2013.07.31 17:30:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2013.07.31 17:30:02 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCMCDE.DLL
[2013.07.31 17:30:02 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMAPI32.OCX
[2013.07.31 17:30:02 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCC2DE.DLL
[2013.07.31 17:30:02 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPIDE.DLL
[2013.07.31 17:30:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDFCreator
[2013.07.29 18:53:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache
[2013.07.17 12:34:42 | 000,000,000 | ---D | C] -- C:\Users\Daeni\Documents\Integration Designer
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.08.11 13:43:32 | 004,289,428 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.08.11 13:43:32 | 001,784,830 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.08.11 13:43:32 | 001,272,272 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.08.11 13:43:32 | 001,135,598 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.08.11 13:43:32 | 000,007,056 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.08.11 13:41:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Daeni\Desktop\OTL.exe
[2013.08.11 13:38:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.08.11 13:38:31 | 4276,654,078 | -HS- | M] () -- C:\hiberfil.sys
[2013.08.09 23:45:45 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.08.09 23:42:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.08.09 23:39:48 | 000,001,097 | ---- | M] () -- C:\Users\Daeni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wycciwvprhveblnrcok.lnk
[2013.08.09 23:39:46 | 000,000,167 | ---- | M] () -- C:\ProgramData\wycciwvprhveblnrcok.reg
[2013.08.09 23:39:46 | 000,000,071 | ---- | M] () -- C:\ProgramData\wycciwvprhveblnrcok.bat
[2013.08.09 23:11:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.08.09 22:30:00 | 000,000,298 | ---- | M] () -- C:\Windows\tasks\Synology Data Replicator 3-BuP-Daeni-PC-Daeni.job
[2013.08.09 21:09:39 | 000,000,055 | -H-- | M] () -- C:\Users\Daeni\Documents\PP11Thumbs.ptn2
[2013.08.09 12:11:05 | 000,022,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.08.09 12:11:05 | 000,022,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.08.06 12:44:45 | 000,002,172 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2013.08.02 21:35:08 | 000,002,054 | ---- | M] () -- C:\Users\Public\Desktop\Semiolog.lnk
[2013.08.02 20:01:40 | 000,002,026 | ---- | M] () -- C:\Users\Public\Desktop\Elektronischer Magnetplaner.lnk
[2013.08.02 12:43:26 | 000,002,143 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.07.31 18:00:17 | 000,000,000 | ---- | M] () -- C:\Users\Daeni\Documents\Nuance Image Printer Writer Port
[2013.07.31 17:30:03 | 000,000,991 | ---- | M] () -- C:\Users\Public\Desktop\PDFCreator.lnk
[2013.07.16 13:41:06 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.07.16 13:41:06 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.08.09 23:39:48 | 000,001,097 | ---- | C] () -- C:\Users\Daeni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wycciwvprhveblnrcok.lnk
[2013.08.09 23:39:46 | 000,000,167 | ---- | C] () -- C:\ProgramData\wycciwvprhveblnrcok.reg
[2013.08.09 23:39:46 | 000,000,071 | ---- | C] () -- C:\ProgramData\wycciwvprhveblnrcok.bat
[2013.08.06 12:44:45 | 000,002,172 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2013.08.02 21:35:08 | 000,002,054 | ---- | C] () -- C:\Users\Public\Desktop\Semiolog.lnk
[2013.08.02 20:01:40 | 000,002,026 | ---- | C] () -- C:\Users\Public\Desktop\Elektronischer Magnetplaner.lnk
[2013.07.31 17:30:03 | 000,000,991 | ---- | C] () -- C:\Users\Public\Desktop\PDFCreator.lnk
[2013.07.29 18:53:39 | 000,002,555 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft PowerPoint Viewer .lnk
[2013.06.28 14:50:13 | 000,000,028 | ---- | C] () -- C:\Windows\ODBC.INI
[2012.09.14 00:12:16 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.09.14 00:12:16 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.08.09 17:23:43 | 000,000,047 | ---- | C] () -- C:\Users\Daeni\AppData\Roaming\Opusbext.dat
[2012.08.07 18:09:26 | 000,004,714 | ---- | C] () -- C:\Windows\cdplayer.ini
[2012.06.01 18:10:43 | 000,000,027 | ---- | C] () -- C:\Windows\CDE GT2500DEFGIPSR.ini
[2012.05.29 00:27:17 | 000,007,601 | ---- | C] () -- C:\Users\Daeni\AppData\Local\Resmon.ResmonCfg
[2012.01.18 08:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012.01.18 08:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012.01.18 08:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2011.12.25 10:29:42 | 000,210,032 | ---- | C] () -- C:\Windows\SysWow64\DBCLIENT.DLL
[2011.12.20 00:07:22 | 000,000,000 | ---- | C] () -- C:\Windows\HPMProp.INI
[2011.12.20 00:07:11 | 000,316,928 | ---- | C] () -- C:\Windows\SysWow64\hpcc3118.dll
[2011.12.19 02:09:17 | 000,003,111 | ---- | C] () -- C:\Windows\hpwmdl05.dat.temp
[2011.12.19 01:52:54 | 000,274,216 | ---- | C] () -- C:\Windows\hpwins05.dat
[2011.12.19 01:52:54 | 000,003,111 | ---- | C] () -- C:\Windows\hpwmdl05.dat
[2011.11.18 19:47:25 | 000,007,040 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.11.15 17:07:57 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.11.15 15:33:59 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2011.10.19 23:14:52 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.08.13 14:13:10 | 000,034,481 | ---- | C] () -- C:\Windows\MAXLINK.INI
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Alternate Data Streams ==========
@Alternate Data Stream - 230 bytes -> C:\ProgramData\TEMP:FD9CE1F3
< End of report >
Hast sich erledigt. Habe es mithilfe den in diesem Thread stehenden Tipps jetzt selber hingekriegt. :taenzer: |
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
aswMBR.exe und speichere die Datei auf deinem Desktop.
SecurityCheck und:
