Oh, entschuldige bitte. Die neuen Logs:OTL Logfile: Code:
OTL logfile created on: 5/19/2013 12:56:52 AM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Windows 7 Home Premium Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 92.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = F: | %SystemRoot% = F:\Windows | %ProgramFiles% = F:\Program Files
Drive C: | 100.00 Mb Total Space | 74.34 Mb Free Space | 74.34% Space Free | Partition Type: NTFS
Drive D: | 3.72 Gb Total Space | 3.72 Gb Free Space | 100.00% Space Free | Partition Type: FAT32
Drive F: | 247.82 Gb Total Space | 207.28 Gb Free Space | 83.64% Space Free | Partition Type: NTFS
Drive G: | 683.59 Gb Total Space | 505.75 Gb Free Space | 73.98% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV - [2013/05/09 03:25:42 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- F:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013/05/09 03:25:19 | 000,562,744 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- F:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2013/05/09 03:25:12 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- F:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/12/18 10:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto] -- F:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/06/18 11:27:10 | 000,018,432 | ---- | M] () [Auto] -- F:\Users\User\AppData\LocalLow\ColorZillaStats\IE\ColorZillaStatsUpdater.exe -- (ColorZillaStatsUpdater)
SRV - [2012/03/13 11:36:24 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand] -- F:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012/01/23 00:43:08 | 000,092,592 | ---- | M] (TomTom) [Auto] -- F:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2010/07/01 00:06:10 | 002,533,400 | R--- | M] (Intel Corporation) [Auto] -- F:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010/07/01 00:06:06 | 000,325,656 | R--- | M] (Intel Corporation) [Auto] -- F:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010/05/04 06:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto] -- F:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2009/10/01 23:38:06 | 000,172,032 | ---- | M] (AMD) [Auto] -- F:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/07/14 15:53:00 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) [Auto] -- F:\Program Files\Edimax\Common\RaRegistry.exe -- (RalinkRegistryWriter)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand] -- F:\Windows\System32\sensrsvc.dll -- (SensrSvc)
========== Driver Services (SafeList) ==========
DRV - [2013/05/09 03:25:59 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System] -- F:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2013/05/09 03:25:59 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto] -- F:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013/05/09 03:25:59 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System] -- F:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2013/05/09 03:25:59 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- F:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2011/05/07 14:53:54 | 000,717,296 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- F:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010/11/20 06:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- F:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 05:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- F:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/10/02 00:10:34 | 005,166,592 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- F:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/09/30 10:33:56 | 000,104,976 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand] -- F:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009/09/17 00:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- F:\Windows\System32\drivers\HECI.sys -- (HECI) Intel(R)
DRV - [2009/07/13 18:02:53 | 000,657,408 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand] -- F:\Windows\System32\drivers\netr28u.sys -- (netr28u)
DRV - [2008/07/24 02:17:00 | 000,437,760 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- F:\Windows\System32\drivers\arusb_lh.sys -- (arusb_lh)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\LocalService_ON_F\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - F:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\NetworkService_ON_F\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - F:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\User_ON_F\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\User_ON_F\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\User_ON_F\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE
IE - HKU\User_ON_F\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\User_ON_F\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\User_ON_F\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A0 56 1A A4 AF 0C CC 01 [binary data]
IE - HKU\User_ON_F\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - F:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\User_ON_F\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - F:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\User_ON_F\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@delorme.com/SendToGPS: F:\Program Files\DeLorme\SendToGPS\nppnplugin.dll (DeLorme)
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: F:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: F:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: F:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: F:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: F:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/03 10:27:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2011/12/19 03:26:51 | 000,000,000 | ---D | M] (No name found) -- F:\Program Files\Mozilla Firefox\extensions
[2011/05/03 10:27:03 | 000,000,000 | ---D | M] (Default) -- F:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2011/05/03 11:33:52 | 000,000,000 | ---D | M] (Java Console) -- F:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
[2011/12/19 03:26:51 | 000,000,000 | ---D | M] (Java Console) -- F:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
[2011/04/14 12:45:38 | 000,142,296 | ---- | M] (Mozilla Foundation) -- F:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/01/01 04:00:00 | 000,001,392 | ---- | M] () -- F:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/07/01 05:40:53 | 000,002,352 | ---- | M] () -- F:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- F:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010/01/01 04:00:00 | 000,001,153 | ---- | M] () -- F:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2010/01/01 04:00:00 | 000,002,364 | ---- | M] () -- F:\Program Files\mozilla firefox\searchplugins\google.xml
[2010/01/01 04:00:00 | 000,006,805 | ---- | M] () -- F:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2010/01/01 04:00:00 | 000,001,178 | ---- | M] () -- F:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2010/01/01 04:00:00 | 000,001,105 | ---- | M] () -- F:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009/06/10 17:39:37 | 000,000,824 | ---- | M]) - F:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - F:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - F:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - F:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O2 - BHO: (ColorZillaStats) - {59F7FE53-2860-44B1-968A-E54E3E949A07} - F:\Users\User\AppData\LocalLow\ColorZillaStats\IE\ColorZillaStats.dll (Alex Sirota)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - F:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - F:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (WEB.DE MailCheck BHO) - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - F:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - F:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (DeLorme Send To GPS) - {FBAAD182-3C7A-4BC4-A5E9-207B8E0F02FD} - F:\Program Files\DeLorme\SendToGPS\PNPluginForIE.dll (DeLorme)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - F:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - F:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - F:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - F:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (WEB.DE MailCheck) - {C424171E-592A-415a-9EB1-DFD6D95D3530} - F:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - F:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\User_ON_F\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - F:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\User_ON_F\..\Toolbar\WebBrowser: (WEB.DE MailCheck) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - F:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
O3 - HKU\User_ON_F\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - F:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe ARM] F:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] F:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BrMfcWnd] F:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [Classic Start Menu] F:\Program Files\Classic Shell\ClassicStartMenu.exe (IvoSoft)
O4 - HKLM..\Run: [ControlCenter3] F:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [GrooveMonitor] F:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [IMSS] F:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation)
O4 - HKLM..\Run: [IndexSearch] F:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [MailCheck IE Broker] F:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe (1und1 Mail und Media GmbH)
O4 - HKLM..\Run: [PaperPort PTD] F:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDVD9LanguageShortcut] F:\Program Files\CyberLink\PowerDVD9\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PPort11reminder] F:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [RemoteControl9] F:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RtHDVCpl] F:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SSBkgdUpdate] F:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [StartCCC] F:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] F:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\LocalService_ON_F..\Run: [Sidebar] F:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_F..\Run: [Sidebar] F:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\User_ON_F..\Run: [qcgce2mrvjq91kk1e7pnbb19m52fx] F:\Users\User\Documents\27731c78.exe ()
O4 - HKU\User_ON_F..\Run: [swg] F:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\User_ON_F..\Run: [TomTomHOME.exe] F:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKU\LocalService_ON_F..\RunOnce: [mctadmin] F:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_F..\RunOnce: [mctadmin] F:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\User_ON_F..\RunOnce: [FlashPlayerUpdate] F:\Windows\System32\Macromed\Flash\FlashUtil11e_ActiveX.exe (Adobe Systems, Inc.)
O4 - Startup: Error locating startup folders.
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - F:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - F:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - F:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - F:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - F:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - F:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - F:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - F:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - F:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - F:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - F:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - F:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - F:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - F:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/3.0.1.0/GarminAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - F:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - F:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - F:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - F:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - F:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - F:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - F:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - F:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - F:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - F:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - F:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - F:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - F:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - F:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - F:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - F:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - F:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - F:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - F:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\webde {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - F:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - F:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - F:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - F:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - F:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - F:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - F:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - F:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - F:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - F:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - F:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - F:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - F:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - F:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - F:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - F:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - F:\Windows\System32\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - F:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2013/05/18 22:04:47 | 000,000,000 | ---D | C] -- F:\_OTL
[2013/05/18 12:36:37 | 000,000,000 | -HSD | C] -- F:\RECYCLER
[2013/05/14 15:20:23 | 000,000,000 | R--D | C] -- F:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9
[2013/05/09 15:51:29 | 000,066,656 | ---- | C] (Avira GmbH) -- F:\Windows\System32\drivers\avnetflt.sys
[2013/05/09 03:33:18 | 000,000,000 | ---D | C] -- F:\Users\User\AppData\Roaming\Avira
[2013/05/09 03:28:26 | 000,000,000 | ---D | C] -- F:\Users\User\AppData\Local\DoNotTrackPlus
[2013/05/09 03:27:55 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2013/05/09 03:27:28 | 000,000,000 | ---D | C] -- F:\Users\User\AppData\Local\AskToolbar
[2013/05/09 03:27:15 | 000,000,000 | ---D | C] -- F:\Program Files\Ask.com
[2013/05/09 03:26:54 | 000,135,136 | ---- | C] (Avira Operations GmbH & Co. KG) -- F:\Windows\System32\drivers\avipbb.sys
[2013/05/09 03:26:54 | 000,084,744 | ---- | C] (Avira Operations GmbH & Co. KG) -- F:\Windows\System32\drivers\avgntflt.sys
[2013/05/09 03:26:54 | 000,037,352 | ---- | C] (Avira Operations GmbH & Co. KG) -- F:\Windows\System32\drivers\avkmgr.sys
[2013/05/09 03:26:54 | 000,028,520 | ---- | C] (Avira GmbH) -- F:\Windows\System32\drivers\ssmdrv.sys
[2013/05/09 03:26:54 | 000,000,000 | ---D | C] -- F:\ProgramData\Avira
[2013/05/09 03:26:54 | 000,000,000 | ---D | C] -- F:\Program Files\Avira
[2013/05/06 16:20:18 | 000,000,000 | ---D | C] -- F:\Users\User\AppData\Roaming\Powya
[2013/05/06 16:20:18 | 000,000,000 | ---D | C] -- F:\Users\User\AppData\Roaming\Ewnawu
[2013/05/06 16:20:18 | 000,000,000 | ---D | C] -- F:\Users\User\AppData\Roaming\Buyli
[2012/09/25 16:46:56 | 000,044,544 | ---- | C] (Microsoft Corporation) -- F:\ProgramData\lsass.exe
========== Files - Modified Within 30 Days ==========
[2013/05/18 17:29:56 | 000,067,584 | --S- | M] () -- F:\Windows\bootstat.dat
[2013/05/18 17:29:29 | 2610,257,920 | -HS- | M] () -- F:\hiberfil.sys
[2013/05/18 17:27:56 | 000,001,090 | ---- | M] () -- F:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/18 17:27:55 | 000,000,006 | -H-- | M] () -- F:\Windows\tasks\SA.DAT
[2013/05/18 16:11:10 | 000,001,094 | ---- | M] () -- F:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/17 06:02:40 | 000,015,152 | -H-- | M] () -- F:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/05/17 06:02:40 | 000,015,152 | -H-- | M] () -- F:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/05/14 15:47:04 | 000,163,072 | ---- | M] () -- F:\Users\User\AppData\Local\2433f433
[2013/05/14 15:47:04 | 000,163,034 | ---- | M] () -- F:\ProgramData\2433f433
[2013/05/14 15:47:04 | 000,163,014 | ---- | M] () -- F:\Users\User\AppData\Roaming\2433f433
[2013/05/14 15:47:03 | 000,025,088 | ---- | M] () -- F:\Users\User\Documents\27731c78.dll
[2013/05/14 15:47:00 | 000,025,088 | ---- | M] () -- F:\Users\User\Documents\27731c78.exe
[2013/05/13 04:50:50 | 004,922,053 | -H-- | M] () -- F:\Users\User\AppData\Local\IconCache.db
[2013/05/09 15:51:22 | 000,066,656 | ---- | M] (Avira GmbH) -- F:\Windows\System32\drivers\avnetflt.sys
[2013/05/09 03:27:55 | 000,000,000 | ---D | M] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2013/05/09 03:25:59 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- F:\Windows\System32\drivers\avipbb.sys
[2013/05/09 03:25:59 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) -- F:\Windows\System32\drivers\avgntflt.sys
[2013/05/09 03:25:59 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) -- F:\Windows\System32\drivers\avkmgr.sys
[2013/05/09 03:25:59 | 000,028,520 | ---- | M] (Avira GmbH) -- F:\Windows\System32\drivers\ssmdrv.sys
[2013/05/09 03:16:30 | 000,001,940 | ---- | M] () -- F:\Users\User\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
========== Files Created - No Company Name ==========
[2013/05/14 15:47:04 | 000,163,072 | ---- | C] () -- F:\Users\User\AppData\Local\2433f433
[2013/05/14 15:47:04 | 000,163,034 | ---- | C] () -- F:\ProgramData\2433f433
[2013/05/14 15:47:04 | 000,163,014 | ---- | C] () -- F:\Users\User\AppData\Roaming\2433f433
[2013/05/14 15:47:03 | 000,025,088 | ---- | C] () -- F:\Users\User\Documents\27731c78.dll
[2013/05/14 15:47:00 | 000,025,088 | ---- | C] () -- F:\Users\User\Documents\27731c78.exe
[2013/03/03 10:27:25 | 004,922,053 | -H-- | C] () -- F:\Users\User\AppData\Local\IconCache.db
[2013/03/02 17:44:26 | 095,023,320 | ---- | C] () -- F:\ProgramData\4888183.pad
[2013/02/13 17:49:31 | 095,023,320 | ---- | C] () -- F:\ProgramData\0104976.pad
[2012/10/21 16:05:04 | 000,001,940 | ---- | C] () -- F:\Users\User\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2012/09/25 16:46:57 | 083,023,306 | ---- | C] () -- F:\ProgramData\dsgsdgdsgdsgw.pad
[2012/08/15 14:48:06 | 000,000,040 | ---- | C] () -- F:\ProgramData\bguczuegatjbsta
[2012/07/29 13:53:00 | 000,000,040 | ---- | C] () -- F:\ProgramData\zxkreenprmuamay
[2012/05/20 13:43:00 | 000,000,000 | ---- | C] () -- F:\Windows\MSREGUSR.INI
[2011/10/04 14:28:27 | 000,013,931 | ---- | C] () -- F:\Windows\System32\RaCoInst.dat
[2011/08/09 14:40:29 | 000,000,000 | ---- | C] () -- F:\Users\User\AppData\Local\{68BF2CEC-56B5-46C0-BF41-F2DEE3E3FFC6}
[2011/05/07 11:03:07 | 000,000,050 | ---- | C] () -- F:\Windows\System32\bridf08b.dat
[2011/05/07 11:03:06 | 000,000,425 | ---- | C] () -- F:\Windows\BRWMARK.INI
[2011/05/07 11:00:27 | 000,031,864 | ---- | C] () -- F:\Windows\maxlink.ini
[2011/05/03 10:49:49 | 000,252,928 | ---- | C] () -- F:\Windows\System32\DShowRdpFilter.dll
[2011/05/03 10:49:19 | 000,053,600 | ---- | C] () -- F:\Windows\System32\dosx.exe
[2011/05/03 08:43:23 | 000,000,000 | ---- | C] () -- F:\Windows\ativpsrm.bin
[2011/05/03 08:31:51 | 000,109,744 | ---- | C] () -- F:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
[2011/05/03 08:11:51 | 000,080,416 | ---- | C] () -- F:\Windows\System32\RtNicProp32.dll
[2011/05/03 07:57:16 | 001,498,506 | ---- | C] () -- F:\Windows\System32\PerfStringBackup.INI
[2009/08/26 12:58:14 | 000,195,854 | ---- | C] () -- F:\Windows\System32\atiicdxx.dat
[2009/07/14 04:47:43 | 000,654,006 | ---- | C] () -- F:\Windows\System32\perfh007.dat
[2009/07/14 04:47:43 | 000,295,922 | ---- | C] () -- F:\Windows\System32\perfi007.dat
[2009/07/14 04:47:43 | 000,129,878 | ---- | C] () -- F:\Windows\System32\perfc007.dat
[2009/07/14 04:47:43 | 000,038,104 | ---- | C] () -- F:\Windows\System32\perfd007.dat
[2009/07/14 00:57:37 | 000,067,584 | --S- | C] () -- F:\Windows\bootstat.dat
[2009/07/14 00:52:31 | 000,043,318 | ---- | C] () -- F:\Windows\Fonts\GlobalUserInterface.CompositeFont
[2009/07/14 00:52:31 | 000,029,779 | ---- | C] () -- F:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/14 00:52:31 | 000,026,489 | ---- | C] () -- F:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/14 00:52:31 | 000,026,040 | ---- | C] () -- F:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/14 00:33:53 | 000,413,456 | ---- | C] () -- F:\Windows\System32\FNTCACHE.DAT
[2009/07/13 22:05:48 | 000,615,888 | ---- | C] () -- F:\Windows\System32\perfh009.dat
[2009/07/13 22:05:48 | 000,291,294 | ---- | C] () -- F:\Windows\System32\perfi009.dat
[2009/07/13 22:05:48 | 000,106,268 | ---- | C] () -- F:\Windows\System32\perfc009.dat
[2009/07/13 22:05:48 | 000,031,548 | ---- | C] () -- F:\Windows\System32\perfd009.dat
[2009/07/13 22:05:05 | 000,000,741 | ---- | C] () -- F:\Windows\System32\NOISE.DAT
[2009/07/13 22:04:57 | 000,001,405 | ---- | C] () -- F:\Windows\msdfmap.ini
[2009/07/13 22:04:23 | 000,000,512 | ---- | C] () -- F:\Windows\win.ini
[2009/07/13 22:04:23 | 000,000,219 | ---- | C] () -- F:\Windows\system.ini
[2009/07/13 22:04:11 | 000,215,943 | ---- | C] () -- F:\Windows\System32\dssec.dat
[2009/07/13 19:55:01 | 000,043,131 | ---- | C] () -- F:\Windows\mib.bin
[2009/07/13 19:51:43 | 000,073,728 | ---- | C] () -- F:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- F:\Windows\System32\BWContextHandler.dll
[2009/07/13 18:25:04 | 000,197,632 | ---- | C] () -- F:\Windows\System32\ir32_32.dll
[2009/07/13 17:41:05 | 000,000,718 | ---- | C] () -- F:\Windows\System32\mscdexnt.exe
[2009/07/13 17:41:04 | 000,002,842 | ---- | C] () -- F:\Windows\System32\redir.exe
[2009/07/13 17:41:02 | 000,000,882 | ---- | C] () -- F:\Windows\System32\share.exe
[2009/07/13 17:41:02 | 000,000,882 | ---- | C] () -- F:\Windows\System32\fastopen.exe
[2009/07/13 17:41:01 | 000,019,694 | ---- | C] () -- F:\Windows\System32\GRAPHICS.COM
[2009/07/13 17:40:59 | 000,014,710 | ---- | C] () -- F:\Windows\System32\KB16.COM
[2009/07/13 17:40:57 | 000,007,052 | ---- | C] () -- F:\Windows\System32\nlsfunc.exe
[2009/07/13 17:40:57 | 000,001,131 | ---- | C] () -- F:\Windows\System32\LOADFIX.COM
[2009/07/13 17:40:56 | 000,039,274 | ---- | C] () -- F:\Windows\System32\mem.exe
[2009/07/13 17:40:54 | 000,011,753 | ---- | C] () -- F:\Windows\System32\setver.exe
[2009/07/13 17:40:52 | 000,020,634 | ---- | C] () -- F:\Windows\System32\debug.exe
[2009/07/13 17:40:51 | 000,008,424 | ---- | C] () -- F:\Windows\System32\exe2bin.exe
[2009/07/13 17:40:50 | 000,012,642 | ---- | C] () -- F:\Windows\System32\edlin.exe
[2009/07/13 17:40:49 | 000,012,498 | ---- | C] () -- F:\Windows\System32\append.exe
[2009/07/13 17:40:48 | 000,050,648 | ---- | C] () -- F:\Windows\System32\COMMAND.COM
[2009/07/13 17:40:44 | 000,027,097 | ---- | C] () -- F:\Windows\System32\country.sys
[2009/07/13 17:40:43 | 000,042,809 | ---- | C] () -- F:\Windows\System32\KEY01.SYS
[2009/07/13 17:40:43 | 000,042,537 | ---- | C] () -- F:\Windows\System32\KEYBOARD.SYS
[2009/07/13 17:40:41 | 000,009,029 | ---- | C] () -- F:\Windows\System32\ANSI.SYS
[2009/07/13 17:40:40 | 000,004,768 | ---- | C] () -- F:\Windows\System32\HIMEM.SYS
[2009/07/13 17:40:39 | 000,029,274 | ---- | C] () -- F:\Windows\System32\NTDOS412.SYS
[2009/07/13 17:40:35 | 000,029,370 | ---- | C] () -- F:\Windows\System32\NTDOS411.SYS
[2009/07/13 17:40:31 | 000,029,146 | ---- | C] () -- F:\Windows\System32\NTDOS404.SYS
[2009/07/13 17:40:27 | 000,029,146 | ---- | C] () -- F:\Windows\System32\NTDOS804.SYS
[2009/07/13 17:40:23 | 000,027,866 | ---- | C] () -- F:\Windows\System32\NTDOS.SYS
[2009/07/13 17:40:19 | 000,035,536 | ---- | C] () -- F:\Windows\System32\NTIO412.SYS
[2009/07/13 17:40:17 | 000,035,776 | ---- | C] () -- F:\Windows\System32\NTIO411.SYS
[2009/07/13 17:40:15 | 000,034,672 | ---- | C] () -- F:\Windows\System32\NTIO404.SYS
[2009/07/13 17:40:13 | 000,034,672 | ---- | C] () -- F:\Windows\System32\NTIO804.SYS
[2009/07/13 17:40:11 | 000,033,952 | ---- | C] () -- F:\Windows\System32\NTIO.SYS
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- F:\Windows\System32\msjetoledb40.dll
[2009/07/13 16:29:46 | 000,013,312 | ---- | C] () -- F:\Windows\System32\win87em.dll
[2009/06/10 17:42:32 | 000,069,886 | ---- | C] () -- F:\Windows\System32\edit.com
[2009/06/10 17:39:59 | 000,060,124 | ---- | C] () -- F:\Windows\System32\tcpmon.ini
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- F:\Windows\System32\mlang.dat
[2009/02/18 13:55:20 | 000,294,912 | ---- | C] () -- F:\Windows\System32\ATIODE.exe
[2009/02/03 16:52:02 | 000,045,056 | ---- | C] () -- F:\Windows\System32\ATIODCLI.exe
========== LOP Check ==========
[2012/12/01 10:18:01 | 000,000,000 | ---D | M] -- F:\ProgramData\1&1 Mail & Media GmbH
[2011/05/03 07:54:52 | 000,000,000 | -HSD | M] -- F:\ProgramData\Anwendungsdaten
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- F:\ProgramData\Application Data
[2012/07/01 05:40:47 | 000,000,000 | ---D | M] -- F:\ProgramData\Babylon
[2011/05/07 14:56:26 | 000,000,000 | ---D | M] -- F:\ProgramData\DAEMON Tools Lite
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- F:\ProgramData\Desktop
[2012/10/04 16:00:14 | 000,000,000 | ---D | M] -- F:\ProgramData\DesktopIcons
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- F:\ProgramData\Documents
[2011/05/03 07:54:52 | 000,000,000 | -HSD | M] -- F:\ProgramData\Dokumente
[2011/10/04 14:28:26 | 000,000,000 | ---D | M] -- F:\ProgramData\Edimax Driver
[2012/08/13 13:10:39 | 000,000,000 | ---D | M] -- F:\ProgramData\elsterformular
[2011/05/03 07:54:52 | 000,000,000 | -HSD | M] -- F:\ProgramData\Favoriten
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- F:\ProgramData\Favorites
[2011/10/04 14:29:57 | 000,000,000 | ---D | M] -- F:\ProgramData\Ralink
[2011/06/12 09:32:04 | 000,000,000 | ---D | M] -- F:\ProgramData\ScanSoft
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- F:\ProgramData\Start Menu
[2011/05/03 07:54:52 | 000,000,000 | -HSD | M] -- F:\ProgramData\Startmenü
[2011/05/03 09:36:06 | 000,000,000 | ---D | M] -- F:\ProgramData\Temp
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- F:\ProgramData\Templates
[2012/04/01 15:28:42 | 000,000,000 | ---D | M] -- F:\ProgramData\tmp
[2011/06/13 14:53:53 | 000,000,000 | ---D | M] -- F:\ProgramData\TomTom
[2011/05/07 08:00:53 | 000,000,000 | ---D | M] -- F:\ProgramData\TP-LINK
[2012/12/01 10:17:19 | 000,000,000 | ---D | M] -- F:\ProgramData\UUdb
[2011/05/03 07:54:52 | 000,000,000 | -HSD | M] -- F:\ProgramData\Vorlagen
[2013/03/25 03:17:40 | 000,032,640 | ---- | M] () -- F:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
--- --- ---
OTL Logfile: Code:
OTL Extras logfile created on: 5/19/2013 12:56:52 AM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Windows 7 Home Premium Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 92.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = F: | %SystemRoot% = F:\Windows | %ProgramFiles% = F:\Program Files
Drive C: | 100.00 Mb Total Space | 74.34 Mb Free Space | 74.34% Space Free | Partition Type: NTFS
Drive D: | 3.72 Gb Total Space | 3.72 Gb Free Space | 100.00% Space Free | Partition Type: FAT32
Drive F: | 247.82 Gb Total Space | 207.28 Gb Free Space | 83.64% Space Free | Partition Type: NTFS
Drive G: | 683.59 Gb Total Space | 505.75 Gb Free Space | 73.98% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
Using ControlSet: ControlSet001
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- F:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- F:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotoschau] -- "C:\Program Files\Pixum\Pixum Fotobuch\Fotoschau.exe" -d "%1" ()
Directory [Pixum Fotobuch] -- "C:\Program Files\Pixum\Pixum Fotobuch\Pixum Fotobuch.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== Firewall Settings ==========
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}" = ScanSoft PaperPort 11
"{0B265E3D-17BD-3B47-D87A-FAC2B8E18124}" = ATI Problem Report Wizard
"{0F60FD8E-3E58-4F8E-BF2C-DFA4C9987AE2}_is1" = DeLorme Send To GPS 1.3
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{1FF713E1-FE5E-4AD0-9C8C-B2E877846B45}" = Catalyst Control Center - Branding
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 30
"{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}" = Edimax Wireless LAN Card
"{2BC2781A-F7F6-452E-95EB-018A522F1B2C}" = PaperPort Image Printer
"{2E060268-4175-201F-EABD-B91FC552DCA4}" = CCC Help Japanese
"{306D0BDC-4E4D-D95A-F067-5C2FD0A41055}" = Catalyst Control Center Graphics Full New
"{32652FCF-AC67-688C-0FB8-3AD5839ACFB7}" = CCC Help Russian
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C67F5DC-F3BA-241E-D4EB-58D935822B74}" = CCC Help Hungarian
"{413B1AC7-E076-B765-C6BF-8780AE6124CB}" = ATI AVIVO Codecs
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{447A24EA-46BD-4F5B-AA2A-6A1B941BD2C3}" = Catalyst Control Center InstallProxy
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{569FA061-07B7-3992-358E-3A58582B2E6D}" = ccc-core-static
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}" = Garmin USB Drivers
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}" = Brother MFL-Pro Suite DCP-195C
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6FE7D13B-88D4-4870-B5D7-54D9E7D04661}" = CCC Help Portuguese
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{777afb2a-98e5-4f14-b455-378a925cae15}.sdb" = CVE-2012-4969
"{7FC3076B-750E-24BE-F7FF-26266F9256CF}" = CCC Help Italian
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{83AA2913-C123-4146-85BD-AD8F93971D39}" = BabylonObjectInstaller
"{86206386-FAF7-A27A-66E9-7840DEA68848}" = CCC Help Danish
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8782EDB8-CEEA-4815-9DD6-7156A0174D67}" = Classic Shell
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{8B217953-6EF2-E6F2-4742-C6CA98A9C294}" = CCC Help Dutch
"{8ED02445-D491-414C-A56D-2ED6BBB7239A}" = Garmin Communicator Plugin
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{93C987F5-6563-4D29-A7C0-7DC85471D7C3}" = Nero Multimedia Suite 10 Essentials
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{95A4C317-5EF8-7E59-BC82-5DFCB18EE17A}" = CCC Help English
"{9783B07B-362F-9552-84AD-058DB078086F}" = CCC Help Greek
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2CABB42-0936-44CD-B3E0-8A62B5303E70}" = CCC Help German
"{A39E4995-2D56-ABE5-D90B-2B3A685F7CE2}" = CCC Help Czech
"{A513E1BC-2F10-9661-3105-2674F11841AA}" = ccc-utility
"{A71F05F5-547F-DD24-2E03-E757F8DF833A}" = CCC Help Chinese Standard
"{A72D8248-4E4D-63CF-BF39-E041AF380012}" = Catalyst Control Center Graphics Full Existing
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABB785A8-BCBB-D1C0-03B5-3F4E32083E07}" = CCC Help Korean
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Deutsch
"{AEAE3EDB-AF9F-0BE8-F7E1-C5D6D6D74DB9}" = CCC Help Spanish
"{B6CF045D-51E5-6E4B-7C62-FD402ACB38FB}" = Catalyst Control Center Graphics Previews Common
"{B8367F2A-34C0-BC18-922A-96B4FDA40FA0}" = CCC Help Thai
"{B86C045F-2922-ECBD-4066-173B77820992}" = CCC Help Polish
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C438DF2B-C5DF-4783-9CA5-9B89E501FA62}" = Works Update
"{CC843AAD-000E-9AC0-ED35-95BFFC4B7019}" = ATI Catalyst Install Manager
"{CEBA2DEC-E9CD-D82A-7280-988D8430C39D}" = CCC Help Norwegian
"{CF06C093-A1D1-5CAB-DF87-B890377970D0}" = Catalyst Control Center Localization All
"{D1C46FAA-3378-A0B1-18D2-F52618E5517E}" = CCC Help Finnish
"{D3405B2E-79A5-3EAF-3E8C-20E8CD64F2D1}" = Catalyst Control Center Core Implementation
"{D3EF1442-F45D-AF2E-EE90-F168F83BD5D7}" = CCC Help French
"{D6E5C6D5-E96F-C90E-0BF5-94F6E4ED3B6A}" = Catalyst Control Center Graphics Previews Vista
"{E74A1D67-FFFE-4A15-9287-50B3C0465454}" = TL-WN821N-Drahtlos-Tool
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F241631E-ACF3-DE56-901C-0BC16D2423CE}" = CCC Help Turkish
"{F25BE225-4A79-941A-A257-1BB37968F773}" = Catalyst Control Center HydraVision Full
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8A2DD2D-581D-372A-71CD-1339CFE86EC8}" = Catalyst Control Center Graphics Light
"{FB6DE932-24CA-D1C0-2FD8-1DFCE4A33CC5}" = HydraVision
"{FED3F92F-4D03-82BE-E3D2-D9BD7E942000}" = CCC Help Swedish
"{FFF22903-7FDC-0E9C-7667-1B673026112A}" = CCC Help Chinese Traditional
"1&1 Mail & Media GmbH 1und1Softwareaktualisierung" = WEB.DE Softwareaktualisierung
"1&1 Mail & Media GmbH Toolbar FF" = WEB.DE MailCheck für Mozilla Firefox
"1&1 Mail & Media GmbH Toolbar IE8" = WEB.DE MailCheck für Internet Explorer
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Avira AntiVir Desktop" = Avira Free Antivirus
"BabylonToolbar" = Babylon toolbar on IE
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"ElsterFormular" = ElsterFormular
"ENTERPRISE" = Microsoft Office Enterprise 2007
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 4.0.1 (x86 de)" = Mozilla Firefox 4.0.1 (x86 de)
"Pixum Fotobuch" = Pixum Fotobuch
"PrintMaster Gold 4.02" = PrintMaster Gold 4.02
"TomTom HOME" = TomTom HOME 2.8.3.2499
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\User_ON_F\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
"JNLP" = JNLP
< End of report >
--- --- --- |
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
aswMBR.exe und speichere die Datei auf deinem Desktop.
SecurityCheck und:
Textbox.