| lachshappen | 11.06.2013 08:04 |
alles klar, habe den scan mal durchlaufen lassen.
hier die logs:
Extras:
OTL Logfile: Code:
OTL Extras logfile created on: 11.06.2013 08:39:44 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\computer\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,90 Gb Total Physical Memory | 4,58 Gb Available Physical Memory | 57,95% Memory free
15,79 Gb Paging File | 12,43 Gb Available in Paging File | 78,73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 679,00 Gb Total Space | 261,41 Gb Free Space | 38,50% Space Free | Partition Type: NTFS
Computer Name: computer-PC | User Name: computer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\ProgramData\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Orbitdownloader\orbitdm.exe" = C:\Program Files (x86)\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files (x86)\Orbitdownloader\orbitnet.exe" = C:\Program Files (x86)\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files (x86)\Orbitdownloader\orbitdm.exe" = C:\Program Files (x86)\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files (x86)\Orbitdownloader\orbitnet.exe" = C:\Program Files (x86)\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D14B239-8D66-440E-A945-0D4001F7FABD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0F3DAEB8-E11F-42F1-AA84-C82BB34C068E}" = rport=138 | protocol=17 | dir=out | app=system |
"{15A62134-7E13-42CF-A15B-C6787D3C5FB2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1A31475E-1A71-4429-A6DC-DA423D8F2AAF}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{2915D83B-08FC-4D58-A1CD-433DB70250DC}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2F18575F-0600-4129-AB65-0785D17D3F08}" = lport=9700 | protocol=6 | dir=in | name=syncup_tcp_9700 |
"{31BE54B6-26C9-4AB3-B29E-A4D8B162934A}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{39938D3F-253B-43A8-A9D1-C6EDF2CCFFFA}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{409E29C9-D5C5-412D-9F46-AEEF33AB3DB4}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{4139D392-EBDA-496C-912F-2EEC32FD1086}" = lport=137 | protocol=17 | dir=in | app=system |
"{663CBDFE-F086-477D-B03C-556D376E64C9}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{6D59457A-4475-4822-9089-B9A65898F460}" = lport=445 | protocol=6 | dir=in | app=system |
"{7641D34F-7E9B-4241-BACD-210A4EEEA2A3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{777F8170-BAFF-4510-B115-175336AB4EB2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{83BD48FD-1D6E-4B74-8B2D-6293F5698AC9}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{84E11FF0-DB55-466C-BE88-98AA06CDDB8A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{931F57A8-ADC6-44BD-A48B-30F24CA83486}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{98234EC8-7C63-4E0F-9D31-33A99C2982F0}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{9D253799-F763-465B-8A2A-14D2FFB9E6EA}" = lport=9702 | protocol=6 | dir=in | name=syncup_tcp_9702 |
"{A24105DB-281F-4502-8603-563CA12DC15F}" = lport=9701 | protocol=6 | dir=in | name=syncup_tcp_9701 |
"{A53B3B19-2136-4277-B474-1A8E26A5C795}" = rport=139 | protocol=6 | dir=out | app=system |
"{A6E89C3A-797D-4301-9A13-CCEC36634C22}" = rport=445 | protocol=6 | dir=out | app=system |
"{C8F047AA-2C04-4CA8-8515-3F2D11F00C26}" = rport=137 | protocol=17 | dir=out | app=system |
"{CDCCE2DE-77F5-43F0-A416-F80A71BEBDCF}" = lport=138 | protocol=17 | dir=in | app=system |
"{D94AA84A-5955-4AEA-A366-C0A2A515DAE2}" = lport=9700 | protocol=17 | dir=in | name=syncup_udp_9700 |
"{E06EC1CC-9BB3-4866-B19E-60D54A0A20AE}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{E79A9B39-40AB-4370-9A40-B2318CF94F39}" = lport=810 | protocol=17 | dir=in | name=firstclass client |
"{F53740FC-8FA6-4347-BB14-4B90212D947A}" = lport=139 | protocol=6 | dir=in | app=system |
"{F6157F38-5A30-4565-986C-2551A7D567FD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{159F80F0-841E-465A-9473-A9B7116AF903}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{223CC236-6292-43E1-875C-F74E1ED5A807}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{22427539-C60A-4C42-AE02-C32F1BBECAE6}" = dir=in | app=c:\program files (x86)\dell\videostage\videostage.exe |
"{24E13F28-E238-4AA1-87C1-38ED09456030}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremote.exe |
"{25D26E3A-4404-4FC5-BFAD-88155D282FD2}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{26BBE5B1-DDA4-4DDA-ACB6-7BB147E36662}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremoteservice.exe |
"{26CCB4D7-A1D4-495A-80D3-1643F5278E26}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{2F91AC72-5293-4FEF-9F34-0158D48F97CB}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{311AD2A8-348D-4F7F-8C45-8A211E6806C2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{374A5A44-D74E-4F2C-8B89-3A0E50880144}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3BD9D0E4-834B-410C-B3D1-0D48B0787699}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{3DDDA76E-959C-45FC-BECA-1D6CA14C166C}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\controller.exe |
"{446B1E25-1280-4E4F-A71A-9DD7A1D89A62}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4A94CBEE-1C45-4F71-AA4C-B561F3E5207A}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{4C789BE5-6B77-4FC5-A2CE-F46A427474A5}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\installerhelp.exe |
"{4D69A39E-0E3E-4B8D-A096-DD16C8A6D579}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{571A3959-691F-4B91-9FD1-1E8A63CF8B06}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{57ECB1C4-3308-4F0A-B380-7505899C6D6D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{606D6053-05E6-4BEB-B15B-2E4D867EDA52}" = protocol=6 | dir=in | app=c:\users\computer\appdata\roaming\dropbox\bin\dropbox.exe |
"{610A9D28-2E8E-4559-AE87-6FFD7E440149}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{671AF3AC-3C3E-43E1-8218-76F30ED2C502}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6D76A7F6-E302-4072-8D96-FE2577345DD2}" = protocol=17 | dir=in | app=c:\users\computer\appdata\roaming\dropbox\bin\dropbox.exe |
"{71F95CD0-B43C-4140-9CC5-ED2D532422F1}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{7E2B2AF4-F228-4981-B251-E40D5D231A17}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{8246FC97-9110-4EDE-963F-0F1BC54D2B8C}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{8C891216-20F4-4EE7-A32A-F3BFBE1C2106}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8DFAED6E-C6D7-4D1E-8A5B-69A06A39952B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8E09EBD1-CDD0-4B12-9032-F67316F95D1C}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\installerhelp.exe |
"{8F54302C-7376-4E19-8BC6-ED29CE67FF27}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{9280A4D5-A86B-43C2-8AAA-5D8E7B300FE8}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{938C0749-03A2-4C95-8353-A33FDC2301A9}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{94B9044E-AE54-46EE-A511-078E06DFB79E}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\dmr.exe |
"{98AF2782-6082-4915-9997-DF7D099C5B18}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\dmr.exe |
"{AB940A14-2247-4ED8-8ECA-B25B92D78D03}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{ABA8E356-C72B-4788-972E-E738589DA765}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{B3BFA51A-06D8-4D5D-89C8-0646826DC4D7}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremoteservice.exe |
"{B6A6E7D8-5841-4C20-A5BE-760E3BB48655}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B74847EC-70CF-421F-BCDF-88AF1B6FDB07}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremote.exe |
"{BB22F136-9FFB-4EDE-B687-1F906F618C9A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C40D8EBA-E9D2-40B3-A373-6D25E07B1D91}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{CA851A77-A531-4360-9E18-65C8A1174637}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D17432EB-08D0-4A5F-968D-B13A4AF4224C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D228C48A-4995-411B-805F-1063B5916DCB}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{D8F35086-91F9-45EA-AE61-C830C4A1BF48}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E4FBCCB5-44B4-4E38-848D-153FBAEEF3DC}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\controller.exe |
"{E6CD20E5-C78E-4641-99FB-C9A597CA04B8}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{EABB5FEF-5949-4D37-9DD7-3C66C3D628B5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{EBD4DD37-1159-485F-AB03-E25192643E39}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{F8F2FFA4-B408-4B35-B608-FCF06861D509}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{F9617B91-BCDC-4D0E-BB8B-740432A853CD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{FE423B8C-9E05-4EA1-9E0A-533D6AED2BA9}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{FE522792-92EA-4C69-9D21-34479A4FBE8A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{25FBDA9A-E868-4B3B-B9FF-D923818511A1}" = Intel(R) PROSet/Wireless WiFi-Software
"{26A24AE4-039D-4CA4-87B4-2F86416027FF}" = Java(TM) 6 Update 27 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86417021FF}" = Java 7 Update 21 (64-bit)
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}" = NetSpeedMonitor 2.5.4.0 x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C98CA38-4C1A-4AC8-B55C-169497C8826B}" = Apple Mobile Device Support
"{9CD0F7D3-B67F-4BF8-8784-D73AD229FF1E}" = iTunes
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1" = PDF-Viewer
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 268.30
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 268.30
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 268.30
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.0.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Überwachungstool für die Intel® Turbo-Boost-Technik 2.0
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"PC-Doctor for Windows" = My Dell
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.01 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress
"{3255BC3F-32BA-41ED-93A0-B9AEB6CDD9E6}" = Dell MusicStage
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39D5010F-1F25-4C5F-9A3C-1BD4304A855D}" = FirstClass Client
"{40F06490-8C14-43AA-99D3-EEEFDBAC3CFC}" = SyncUP
"{416DFEDD-9F1B-4EFC-AF70-FCA891AE0251}" = Adobe InDesign CS
"{44257960-C5CC-45BA-8E83-524E4A0F3FD5}" = Cisco AnyConnect VPN Client
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{56A0DD94-47D9-4AC8-B5A1-8A8CA77C4B89}" = Dell Stage
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7E2E123E-A0E7-40B4-B6B2-7F6B81312B77}" = Passware Kit Enterprise 9.0
"{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online
"{7FB00B6B-6843-97EC-EED6-78BD6D35370A}" = Zinio Reader 4
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 5.2.0
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86B3F2D6-AC2B-0016-8AE1-F2F77F781B0C}" = EndNote X6
"{87434D51-51DB-4109-B68F-A829ECDCF380}" = AccelerometerP11
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9158FF30-78D7-40EF-B83E-451AC5334640}" = Adobe Photoshop CS5.1
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A8B88634-7F90-402F-B66A-86429755F6A5}" = eBay
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.7) MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF4D3C63-009B-4A17-B02E-D395065DD3F0}" = Dell Stage Remote
"{AF8FEA18-45B9-4DE0-8CA1-A98125423A93}" = Markstrat Team
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{C2530D63-B66B-48B5-BB50-7C6281FE7AA6}" = Brother MFL-Pro Suite MFC-7420
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{D92C9CCE-E5F0-4125-977A-0590F3225B74}" = SyncUP
"{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4335E82-17B3-460F-9E70-39D9BC269DB3}" = Dell PhotoStage
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter
"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Anki" = Anki
"ASIO4ALL" = ASIO4ALL
"BitLord" = BitLord 2.0
"CDex" = CDex extraction audio
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Cool Edit Pro 2.1" = Cool Edit Pro 2.1
"DAEMON Tools Lite" = DAEMON Tools Lite
"Deckadance" = Deckadance
"Dell Webcam Central" = Dell Webcam Central
"FL Studio 10" = FL Studio 10
"foobar2000" = foobar2000 v1.1.8
"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 5.0.24.430
"freeocr_is1" = FreeOCR v4.2
"IL Download Manager" = IL Download Manager
"InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Mozilla Firefox 21.0 (x86 en-US)" = Mozilla Firefox 21.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSC" = McAfee SecurityCenter
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"OpenVPN" = OpenVPN 2.2.2
"Orbit_is1" = Orbit Downloader
"ProInst" = Intel PROSet Wireless
"Rainmeter" = Rainmeter
"ResearchSoft Direct Export Helper" = ResearchSoft Direct Export Helper
"VeryDOC Screenshot Reader OCR v2.2_is1" = VeryDOC Screenshot Reader OCR v2.2
"VLC media player" = VLC media player 1.1.11
"WinLiveSuite" = Windows Live Essentials
"xp-AntiSpy" = xp-AntiSpy 3.97-11
"ZinioReader4" = Zinio Reader 4
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"RapidMiner 5" = RapidMiner 5
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 08.06.2013 05:16:13 | Computer Name = computer-PC | Source = WinMgmt | ID = 10
Description =
Error - 08.06.2013 05:33:51 | Computer Name = computer-PC | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 3272 (0xcc8) Thread address : 0x00000000774D164A Thread message : Build VSCORE.15.1.0.520
/ 5500.1093 Object being scanned = \Device\HarddiskVolume3\Program Files (x86)\Dell
DataSafe Local Backup\Components\DSUpdate\UpdateWorkingDirectory\DSL\Components\ProtectRP\Protect\AUTORUN.INF
by C:\Users\computer\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe 4(0)(0) 4(0)(0)
7200(0)(0) 7595(0)(0) 7005(0)(0) 7004(0)(0) 5006(0)(0) 5004(0)(0)
Error - 08.06.2013 10:54:33 | Computer Name = computer-PC | Source = WinMgmt | ID = 10
Description =
Error - 08.06.2013 15:13:21 | Computer Name = computer-PC | Source = MsiInstaller | ID = 11609
Description =
Error - 08.06.2013 15:13:20 | Computer Name = computer-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Die Anwendung oder der Dienst "Internet Explorer" konnte nicht heruntergefahren
werden.
Error - 08.06.2013 15:13:20 | Computer Name = computer-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Die Anwendung oder der Dienst "Internet Explorer" konnte nicht heruntergefahren
werden.
Error - 08.06.2013 17:22:55 | Computer Name = computer-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: plugin-container.exe, Version: 21.0.0.4879,
Zeitstempel: 0x518ec367 Name des fehlerhaften Moduls: mozalloc.dll, Version: 21.0.0.4879,
Zeitstempel: 0x518eaa4a Ausnahmecode: 0x80000003 Fehleroffset: 0x00001988 ID des fehlerhaften
Prozesses: 0x2208 Startzeit der fehlerhaften Anwendung: 0x01ce64860ef9d542 Pfad der
fehlerhaften Anwendung: C:\ProgramData\Mozilla Firefox\plugin-container.exe Pfad
des fehlerhaften Moduls: C:\ProgramData\Mozilla Firefox\mozalloc.dll Berichtskennung:
94d11e4f-d081-11e2-b3ad-848f69af3fd2
Error - 09.06.2013 02:54:40 | Computer Name = computer-PC | Source = WinMgmt | ID = 10
Description =
Error - 10.06.2013 12:37:03 | Computer Name = computer-PC | Source = WinMgmt | ID = 10
Description =
Error - 10.06.2013 18:40:03 | Computer Name = computer-PC | Source = WinMgmt | ID = 10
Description =
Error - 10.06.2013 20:25:02 | Computer Name = computer-PC | Source = Microsoft-Windows-Defrag | ID = 257
Description =
[ Cisco AnyConnect VPN Client Events ]
Error - 08.06.2013 11:34:53 | Computer Name = computer-PC | Source = vpnagent | ID = 67108866
Description = Function: CMainThread::noticeHandler File: .\MainThread.cpp Line: 5283
Invoked
Function: CMainThread::processNotice Return Code: -33161196 (0xFE060014) Description:
ROUTEMGR_ERROR_PUBLIC_ADDRESS_UNAVAILABLE
Error - 08.06.2013 11:34:53 | Computer Name = computer-PC | Source = vpnagent | ID = 67108866
Description = Function: CMainThread::internalCallbackHandler File: .\MainThread.cpp
Line:
5045 Invoked Function: CMainThread::noticeHandler Return Code: -33161196 (0xFE060014)
Description:
ROUTEMGR_ERROR_PUBLIC_ADDRESS_UNAVAILABLE
Error - 08.06.2013 11:34:53 | Computer Name = computer-PC | Source = vpnagent | ID = 67108866
Description = Function: CMainThread::callbackHandler File: .\MainThread.cpp Line:
4971 Invoked Function: internalCallbackHandler Return Code: -33161196 (0xFE060014)
Description:
ROUTEMGR_ERROR_PUBLIC_ADDRESS_UNAVAILABLE
Error - 09.06.2013 02:54:33 | Computer Name = computer-PC | Source = vpnagent | ID = 67108866
Description = Function: fileExists File: .\Utility\sysutils.cpp Line: 500 Invoked Function:
_tstat Return Code: 2 (0x00000002) Description: Das System kann die angegebene Datei
nicht finden. File: C:\ProgramData\Cisco\Cisco AnyConnect VPN Client\InitialFirewallConfig.wfw
Error:
No such file or directory
Error - 10.06.2013 12:36:50 | Computer Name = computer-PC | Source = vpnagent | ID = 67108866
Description = Function: fileExists File: .\Utility\sysutils.cpp Line: 500 Invoked Function:
_tstat Return Code: 2 (0x00000002) Description: Das System kann die angegebene Datei
nicht finden. File: C:\ProgramData\Cisco\Cisco AnyConnect VPN Client\InitialFirewallConfig.wfw
Error:
No such file or directory
Error - 10.06.2013 18:39:51 | Computer Name = computer-PC | Source = vpnagent | ID = 67108866
Description = Function: fileExists File: .\Utility\sysutils.cpp Line: 500 Invoked Function:
_tstat Return Code: 2 (0x00000002) Description: Das System kann die angegebene Datei
nicht finden. File: C:\ProgramData\Cisco\Cisco AnyConnect VPN Client\InitialFirewallConfig.wfw
Error:
No such file or directory
Error - 10.06.2013 18:40:19 | Computer Name = computer-PC | Source = vpnagent | ID = 67108866
Description = Function: CTlsTransport::OnTransportInitiateComplete File: .\IP\TlsTransport.cpp
Line:
344 Invoked Function: ISocketTransportCB::OnTransportInitiateComplete Return Code:
-31522780 (0xFE1F0024) Description: SOCKETTRANSPORT_ERROR_CONNECT_TIMEOUT
Error - 10.06.2013 18:40:19 | Computer Name = computer-PC | Source = vpnagent | ID = 67108866
Description = Function: CHttpSessionAsync::OnTransportInitiateComplete File: .\IP\HttpSessionAsync.cpp
Line:
1051 Invoked Function: ISocketTransportCB::OnTransportInitiateComplete Return Code:
-31522780 (0xFE1F0024) Description: SOCKETTRANSPORT_ERROR_CONNECT_TIMEOUT
Error - 10.06.2013 18:40:19 | Computer Name = computer-PC | Source = vpnagent | ID = 67108866
Description = Function: CHttpProbeAsync::OnOpenRequestComplete File: .\IP\HttpProbeAsync.cpp
Line:
254 Invoked Function: CHttpSessionAsync::OnOpenRequestComplete Return Code: -31522780
(0xFE1F0024) Description: SOCKETTRANSPORT_ERROR_CONNECT_TIMEOUT
Error - 10.06.2013 18:40:19 | Computer Name = computer-PC | Source = vpnagent | ID = 67108866
Description = Function: CSocketTransport::OnTimerExpired File: .\IPC\SocketTransport.cpp
Line:
1175 Invoked Function: CSocketTransport::postConnectProcessing Return Code: -31522780
(0xFE1F0024) Description: SOCKETTRANSPORT_ERROR_CONNECT_TIMEOUT
[ System Events ]
Error - 08.06.2013 10:56:31 | Computer Name = computer-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst SftService erreicht.
Error - 08.06.2013 10:57:01 | Computer Name = computer-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst SftService erreicht.
Error - 09.06.2013 02:55:21 | Computer Name = computer-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst SftService erreicht.
Error - 09.06.2013 02:55:51 | Computer Name = computer-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst SftService erreicht.
Error - 09.06.2013 15:59:12 | Computer Name = computer-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst SftService erreicht.
Error - 10.06.2013 12:37:26 | Computer Name = computer-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst SftService erreicht.
Error - 10.06.2013 12:37:56 | Computer Name = computer-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst SftService erreicht.
Error - 10.06.2013 12:42:31 | Computer Name = computer-PC | Source = Service Control Manager | ID = 7022
Description = Der Dienst "NVIDIA Update Service Daemon" wurde nicht richtig gestartet.
Error - 10.06.2013 18:40:28 | Computer Name = computer-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst SftService erreicht.
Error - 10.06.2013 18:40:58 | Computer Name = computer-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst SftService erreicht.
< End of report >
--- --- ---
[\Code]
und OTL:OTL Logfile: Code:
OTL logfile created on: 11.06.2013 08:39:44 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\computer\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,90 Gb Total Physical Memory | 4,58 Gb Available Physical Memory | 57,95% Memory free
15,79 Gb Paging File | 12,43 Gb Available in Paging File | 78,73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 679,00 Gb Total Space | 261,41 Gb Free Space | 38,50% Space Free | Partition Type: NTFS
Computer Name: computer-PC | User Name: computer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\computer\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\ProgramData\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
PRC - C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (Cisco Systems, Inc.)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe (SoftThinks - Dell)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE (SoftThinks - Dell)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks SAS)
PRC - C:\Program Files (x86)\BitLord 2\Bitlord files\bitlord.exe ()
PRC - C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
========== Modules (No Company Name) ==========
MOD - C:\ProgramData\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dd56ffc9d534de278c79420dcce058a4\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07cdef1a740151932dcf161f3306bd9c\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\70e2ca33ffa52c743285dc5b4910a229\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\31fce331fded94dd06627603f6fe4562\Accessibility.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7c94a121334aeca7553c7f01290740f0\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\_ssl.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\_hashlib.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\pyexpat.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\_ctypes.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\_socket.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\select.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\bitlord.exe ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\cairo._cairo.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\gtk._gtk.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\gio._gio.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\gobject._gobject.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\glib._glib.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\atk.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\pango.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\gtk.glade.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\pangocairo.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\lib\gtk-2.0\2.10.0\engines\libwimp.dll ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\libxml2-2.dll ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\zlib1.dll ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\libpng14-14.dll ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\libpangocairo-1.0-0.dll ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\libcairo-2.dll ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\freetype6.dll ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\libfontconfig-1.dll ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\libglade-2.0-0.dll ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\libffi-5.dll ()
MOD - c:\program files (x86)\bitlord 2\bitlord files\pyopenssl-0.12-py2.6-win32.egg\OpenSSL\crypto.pyd ()
MOD - c:\program files (x86)\bitlord 2\bitlord files\pyopenssl-0.12-py2.6-win32.egg\OpenSSL\SSL.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\pyHook._cpyHook.pyd ()
MOD - c:\program files (x86)\bitlord 2\bitlord files\pyopenssl-0.12-py2.6-win32.egg\OpenSSL\rand.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\twisted.python._initgroups.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\winxpgui.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\win32gui.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\win32api.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\win32process.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\win32event.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\win32com.shell.shell.pyd ()
MOD - c:\program files (x86)\bitlord 2\bitlord files\zope.interface-3.6.2-py2.6-win32.egg\zope\interface\_zope_interface_coptimizations.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\libtorrent.pyd ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\libcef.dll ()
MOD - C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()
MOD - C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll ()
MOD - C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\pythoncom26.dll ()
MOD - C:\Program Files (x86)\BitLord 2\Bitlord files\pywintypes26.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.)
SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV:64bit: - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV:64bit: - (McODS) -- C:\Program Files\mcafee\virusscan\mcods.exe (McAfee, Inc.)
SRV:64bit: - (MSK80Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McOobeSv) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNASvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (mcmscsvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (AMPPALR3) -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel Corporation)
SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV:64bit: - (BTHSSecurityMgr) -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel(R) Corporation)
SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (McAWFwk) -- c:\Program Files\mcafee\msc\McAWFwk.exe (McAfee, Inc.)
SRV:64bit: - (AERTFilters) -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Andrea Electronics Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (OpenVPNService) -- C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe ()
SRV - (vpnagent) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (Cisco Systems, Inc.)
SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks SAS)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (RoxWatch12) -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe (Sonic Solutions)
SRV - (RoxMediaDB12OEM) -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe (Sonic Solutions)
SRV - (NOBU) -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe (Dell, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (PCDSRVC{D3412D80-CF3B4A27-06020200}_0) -- c:\Program Files\My Dell\pcdsrvc_x64.pkms (PC-Doctor, Inc.)
DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.)
DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.)
DRV:64bit: - (mferkdet) -- C:\Windows\SysNative\drivers\mferkdet.sys (McAfee, Inc.)
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.)
DRV:64bit: - (HipShieldK) -- C:\Windows\SysNative\drivers\HipShieldK.sys (McAfee, Inc.)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (AMPPALP) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (AMPPAL) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation)
DRV:64bit: - (vpnva) -- C:\Windows\SysNative\drivers\vpnva64.sys (Cisco Systems, Inc.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV:64bit: - (CtClsFlt) -- C:\Windows\SysNative\drivers\CtClsFlt.sys (Creative Technology Ltd.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (JMCR) -- C:\Windows\SysNative\drivers\jmcr.sys (JMicron Technology Corporation)
DRV:64bit: - (Acceler) -- C:\Windows\SysNative\drivers\Accelern.sys (ST Microelectronics)
DRV:64bit: - (NvStUSB) -- C:\Windows\SysNative\drivers\nvstusb.sys ()
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys (Intel(R) Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (stdcfltn) -- C:\Windows\SysNative\drivers\stdcfltn.sys (ST Microelectronics)
DRV:64bit: - (qicflt) -- C:\Windows\SysNative\drivers\qicflt.sys (Quanta Computer)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {09B09277-592F-4F43-A07D-97825D126EFD}
IE:64bit: - HKLM\..\SearchScopes\{09B09277-592F-4F43-A07D-97825D126EFD}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {09B09277-592F-4F43-A07D-97825D126EFD}
IE - HKLM\..\SearchScopes\{09B09277-592F-4F43-A07D-97825D126EFD}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\..\SearchScopes,DefaultScope = {09B09277-592F-4F43-A07D-97825D126EFD}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: searchdictcc%40roughael:3.4
FF - prefs.js..extensions.enabledAddons: chineseperakun%40gmail.com:9.0.0
FF - prefs.js..extensions.enabledAddons: %7B1018e4d6-728f-4b20-ad56-37578a4de76b%7D:4.2.9
FF - prefs.js..extensions.enabledAddons: anttoolbar%40ant.com:2.4.7.8
FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.4.8
FF - prefs.js..extensions.enabledAddons: %7BE71B541F-5E72-5555-A47C-E47863195841%7D:1.0.33
FF - prefs.js..extensions.enabledAddons: firefox%40ghostery.com:2.9.5
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: {ca8b7b3d-b6e6-438f-b935-601b3de48d66}:1.1.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..network.proxy.http: "localhost"
FF - prefs.js..network.proxy.http_port: 8118
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2013.03.08 20:29:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\ProgramData\Mozilla Firefox\components [2013.05.22 22:55:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\ProgramData\Mozilla Firefox\plugins [2013.05.17 07:24:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2012.10.23 19:26:29 | 000,000,000 | ---D | M]
[2011.10.19 11:51:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\computer\AppData\Roaming\mozilla\Extensions
[2013.06.01 11:15:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\17gbtzdc.default\extensions
[2013.05.20 22:59:21 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\17gbtzdc.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2013.05.27 22:51:15 | 000,000,000 | ---D | M] ("SimilarSites") -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\17gbtzdc.default\extensions\{E71B541F-5E72-5555-A47C-E47863195841}
[2013.05.22 19:06:33 | 000,000,000 | ---D | M] (Ant Video Downloader) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\17gbtzdc.default\extensions\anttoolbar@ant.com
[2013.03.05 10:28:57 | 000,000,000 | ---D | M] (Perapera Chinese) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\17gbtzdc.default\extensions\chineseperakun@gmail.com
[2013.06.01 00:22:14 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\17gbtzdc.default\extensions\firefox@ghostery.com
[2013.05.25 15:22:47 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\17gbtzdc.default\extensions\ich@maltegoetz.de
[2011.10.19 12:07:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\8fprm7jq.default\extensions
[2011.10.19 12:07:53 | 000,000,000 | ---D | M] (Firefox Throttle) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\8fprm7jq.default\extensions\{ca8b7b3d-b6e6-438f-b935-601b3de48d66}
[2011.10.19 12:07:53 | 000,000,000 | ---D | M] (Torbutton) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\8fprm7jq.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2011.10.19 12:07:53 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\8fprm7jq.default\extensions\moveplayer@movenetworks.com
[2011.10.19 12:06:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\Profiles\8fprm7jq.default\extensions
[2011.10.19 12:06:53 | 000,000,000 | ---D | M] (Firefox Throttle) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\Profiles\8fprm7jq.default\extensions\{ca8b7b3d-b6e6-438f-b935-601b3de48d66}
[2011.10.19 12:06:55 | 000,000,000 | ---D | M] (Torbutton) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\Profiles\8fprm7jq.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2011.10.19 12:06:49 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\Profiles\8fprm7jq.default\extensions\moveplayer@movenetworks.com
[2011.10.19 12:06:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\Profiles\rgjaxaqa.profiltest\extensions
[2011.10.19 12:06:59 | 000,000,000 | ---D | M] (Firefox Throttle) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\Profiles\rgjaxaqa.profiltest\extensions\{ca8b7b3d-b6e6-438f-b935-601b3de48d66}
[2011.10.19 12:07:01 | 000,000,000 | ---D | M] (Torbutton) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\Profiles\rgjaxaqa.profiltest\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2011.10.19 12:06:57 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\Profiles\rgjaxaqa.profiltest\extensions\moveplayer@movenetworks.com
[2011.10.19 12:07:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\Profiles\trdez4g5.Standard-Benutzer\extensions
[2011.10.19 12:07:07 | 000,000,000 | ---D | M] (Firefox Throttle) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\Profiles\trdez4g5.Standard-Benutzer\extensions\{ca8b7b3d-b6e6-438f-b935-601b3de48d66}
[2011.10.19 12:07:05 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\Profiles\trdez4g5.Standard-Benutzer\extensions\moveplayer@movenetworks.com
[2011.10.19 12:07:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\rgjaxaqa.profiltest\extensions
[2011.10.19 12:07:54 | 000,000,000 | ---D | M] (Firefox Throttle) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\rgjaxaqa.profiltest\extensions\{ca8b7b3d-b6e6-438f-b935-601b3de48d66}
[2011.10.19 12:07:54 | 000,000,000 | ---D | M] (Torbutton) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\rgjaxaqa.profiltest\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2011.10.19 12:07:54 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\rgjaxaqa.profiltest\extensions\moveplayer@movenetworks.com
[2011.10.19 12:07:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\trdez4g5.Standard-Benutzer\extensions
[2011.10.19 12:07:54 | 000,000,000 | ---D | M] (Firefox Throttle) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\trdez4g5.Standard-Benutzer\extensions\{ca8b7b3d-b6e6-438f-b935-601b3de48d66}
[2011.10.19 12:07:54 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\computer\AppData\Roaming\mozilla\Firefox\Profiles\trdez4g5.Standard-Benutzer\extensions\moveplayer@movenetworks.com
[2013.05.08 20:51:58 | 000,363,920 | ---- | M] () (No name found) -- C:\Users\computer\AppData\Roaming\mozilla\firefox\profiles\17gbtzdc.default\extensions\client@anonymox.net.xpi
[2013.02.05 23:35:44 | 000,037,531 | ---- | M] () (No name found) -- C:\Users\computer\AppData\Roaming\mozilla\firefox\profiles\17gbtzdc.default\extensions\searchdictcc@roughael.xpi
[2011.10.16 09:37:32 | 000,688,596 | ---- | M] () (No name found) -- C:\Users\computer\AppData\Roaming\mozilla\firefox\profiles\Profiles\trdez4g5.Standard-Benutzer\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2011.10.16 09:37:32 | 000,688,596 | ---- | M] () (No name found) -- C:\Users\computer\AppData\Roaming\mozilla\firefox\profiles\trdez4g5.Standard-Benutzer\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2013.06.01 00:49:47 | 000,001,294 | ---- | M] () -- C:\Users\computer\AppData\Roaming\mozilla\firefox\profiles\17gbtzdc.default\searchplugins\delta.xml
[2013.03.05 10:23:50 | 000,002,194 | ---- | M] () -- C:\Users\computer\AppData\Roaming\mozilla\firefox\profiles\17gbtzdc.default\searchplugins\dictcn-.xml
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\systemcore\ScriptSn.20120628125926.dll (McAfee, Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\mcafee\msk\mskapbho.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120628125926.dll (McAfee, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()
O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [NVHotkey] C:\Windows\SysNative\nvHotkey.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] c:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AccuWeatherWidget] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Reg Error: Value error.)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: CC679CB8-DC4B-458B-B817-D447B3B6AC31 vpnweb.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{732B53D2-3BD4-4138-A307-29C79BF326C9}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AF550B30-AFE2-42ED-946E-91776320BC3E}: DhcpNameServer = 131.188.0.10 131.188.0.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F51CF875-AAFC-4AE2-931B-4F6B47B37068}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (c:\windows\syswow64\nvinit.dll) - c:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.06.11 08:33:26 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{56045CB7-84B4-4102-87A2-D6E104B8101D}
[2013.06.11 00:44:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013.06.10 19:12:34 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\www.rene-zeidler.de
[2013.06.10 19:12:23 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Roaming\www.rene-zeidler.de
[2013.06.10 19:12:23 | 000,000,000 | ---D | C] -- C:\ProgramData\www.rene-zeidler.de
[2013.06.10 18:38:49 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{A350EC4D-2696-41E7-ADD1-9F9CB76C3739}
[2013.06.09 11:40:27 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{6CB90E29-D115-4EE9-A41C-41F6FB6C002E}
[2013.06.09 08:58:10 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{B0A3460A-2B45-4B98-B3F5-8523228F85D9}
[2013.06.08 16:58:35 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{30FA9937-99B7-462A-BBD0-36BCBF3E715D}
[2013.06.08 02:01:29 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{504AB5DD-6BFB-43B2-9F91-0C0EBEB82BC5}
[2013.06.07 08:44:11 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{A4E5E653-940D-46E8-840C-F0A5C028F420}
[2013.06.06 12:07:29 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{9A378F42-0D58-4A34-952C-385186D2B08E}
[2013.06.05 21:09:14 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{0AB6B7CC-097E-48B4-B403-2042CC4EA4C0}
[2013.06.05 09:08:38 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{4559D3B8-F810-4EAE-9A9D-BDFFC940B833}
[2013.06.04 23:03:54 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{1329FACA-BF49-43BA-BAC4-94AACAADE709}
[2013.06.04 10:10:28 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{5D797357-AC60-4AC6-91BD-43F211D7DC8A}
[2013.06.03 19:40:07 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{ECD24CF3-4C6F-459F-83C9-E06D437F5EB1}
[2013.06.02 21:07:44 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{9A3B1493-997B-4F0F-8DFB-CB9148815F0A}
[2013.06.02 09:07:08 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{21A9A8EE-C978-4D2A-8B6C-87BA247381E5}
[2013.06.01 11:12:39 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{C7BFF9CD-5BE8-4317-810D-9B524515953A}
[2013.06.01 00:49:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2013.06.01 00:49:22 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Roaming\Babylon
[2013.06.01 00:49:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2013.06.01 00:49:00 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Roaming\OpenCandy
[2013.06.01 00:49:00 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Roaming\DVDVideoSoft
[2013.06.01 00:49:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2013.06.01 00:49:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2013.05.31 22:24:36 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{B7CE5765-A895-4300-8458-BD74A50EC8A7}
[2013.05.31 10:24:11 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{64A96FA1-1B03-472A-9925-6049E8B23D14}
[2013.05.30 21:33:02 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{358E25E0-C3B9-4EFF-B6B1-DA75A7CCC90E}
[2013.05.30 09:32:34 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{BF073587-0FC6-482D-B4FB-85E7EE2AE9B4}
[2013.05.29 19:53:50 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{B98F19D9-E362-4B2D-AB42-515C30E88034}
[2013.05.28 20:24:29 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{393A88E4-71A5-4036-9451-BB3B76F8F91F}
[2013.05.28 08:23:54 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{90A83983-3F87-4F5C-9531-385EC8F6C4BB}
[2013.05.27 18:26:40 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{4662F5BF-0BAB-4035-B676-26FCC0D24FA5}
[2013.05.26 22:34:29 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{3DE0B93A-8BE2-4583-8D9B-03D9F08B4DE1}
[2013.05.26 10:13:14 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{0DF4C8E9-8C6D-4FF3-93A8-0640DC7A58EF}
[2013.05.25 21:19:13 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{6AD57218-0CBE-4C06-8F07-5C9EE4D4977C}
[2013.05.25 09:18:44 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{6A17E2A5-67D8-417E-8CAC-0C1B17E040A7}
[2013.05.24 09:05:44 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{A0C41C97-2B6A-4041-B572-E410A7B1866D}
[2013.05.23 23:46:40 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{60BE6870-6999-4415-A3F6-38E4BA638A9C}
[2013.05.23 10:27:58 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{56535AFF-1F79-4BC4-9C5C-55EE6B0B6B1F}
[2013.05.23 09:18:21 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{E9B84A01-45C9-4BA4-990C-719311C3B1B0}
[2013.05.22 19:33:41 | 000,000,000 | ---D | C] -- C:\ProgramData\PC-Doctor for Windows
[2013.05.22 19:33:23 | 000,000,000 | ---D | C] -- C:\Program Files\My Dell
[2013.05.22 19:06:48 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{573D5491-A2D1-4513-BE5E-1A9CC58FDBD7}
[2013.05.21 22:18:45 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{5663EA0C-7EF4-49F5-A19C-A4F6C9CBA7E9}
[2013.05.21 10:18:18 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{A2911C14-8C3B-489A-8494-85E8294CA011}
[2013.05.20 14:56:58 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{95E69396-7275-4F1C-B0DA-33D887A33E1F}
[2013.05.20 02:17:06 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{2BF40231-38BC-4AA5-AFB0-4480E0BB6B16}
[2013.05.19 11:53:23 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{23F65F35-97E3-433B-8A2C-2006EEAFE4C8}
[2013.05.18 23:23:32 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{519255C4-EBD9-41AD-A366-5F04851EA8CD}
[2013.05.18 10:19:23 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{671EDE16-7DBF-4C0B-A6CF-AFB7AECCC1B5}
[2013.05.17 19:50:46 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{4F22DEFD-47C5-4717-832D-8621EC82194B}
[2013.05.17 01:32:00 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{F15EFB9A-65DE-4F93-8C79-5A91BCDCDE47}
[2013.05.16 10:13:00 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{9CE2653C-858B-48F4-BE2A-A1C302BC412F}
[2013.05.15 20:15:19 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{F2C66B82-FE8B-41BC-8A02-4318E9172FA7}
[2013.05.15 12:19:56 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{DF962501-0EBE-45DF-8B79-DA5CF7EA4AB4}
[2013.05.14 10:00:42 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{7B683760-5C9A-4250-A60B-EAD7B131691B}
[2013.05.13 19:37:48 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{7B636F4F-8720-4923-92B0-07FD5227D130}
[2013.05.12 22:03:21 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{AB01F1E8-3A12-439E-B127-515ACAF083BE}
[2013.05.12 10:02:41 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\{83D4028C-3BE3-489F-9B83-A9EE9A5188F9}
[2 C:\Users\computer\Desktop\*.tmp files -> C:\Users\computer\Desktop\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.06.11 08:30:14 | 000,007,603 | ---- | M] () -- C:\Users\computer\AppData\Local\Resmon.ResmonCfg
[2013.06.11 08:26:05 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.11 07:56:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.06.11 00:47:18 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.11 00:47:18 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.11 00:40:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.11 00:39:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.11 00:39:37 | 2064,252,927 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.10 19:15:59 | 000,109,847 | ---- | M] () -- C:\Users\computer\Desktop\Untitled-2.jpg
[2013.06.09 09:08:24 | 000,077,958 | ---- | M] () -- C:\Users\computer\Desktop\Untitled-1.jpg
[2013.06.08 23:26:45 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.06.08 23:26:45 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.06.06 09:39:03 | 000,812,232 | ---- | M] () -- C:\Users\computer\Desktop\MASA.pdf
[2013.06.01 00:49:23 | 000,002,304 | ---- | M] () -- C:\Users\computer\Desktop\Free Video to MP3 Converter.lnk
[2013.05.28 14:29:41 | 000,006,122 | ---- | M] () -- C:\Users\computer\Documents\cc_20130528_142937.reg
[2013.05.27 18:58:09 | 001,621,308 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.05.27 18:58:09 | 000,700,418 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.05.27 18:58:09 | 000,655,090 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.05.27 18:58:09 | 000,149,182 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.05.27 18:58:09 | 000,121,962 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.05.18 18:54:34 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.05.17 07:24:03 | 000,002,021 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2 C:\Users\computer\Desktop\*.tmp files -> C:\Users\computer\Desktop\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.06.10 19:15:53 | 000,109,847 | ---- | C] () -- C:\Users\computer\Desktop\Untitled-2.jpg
[2013.06.09 09:08:22 | 000,077,958 | ---- | C] () -- C:\Users\computer\Desktop\Untitled-1.jpg
[2013.06.01 00:49:23 | 000,002,304 | ---- | C] () -- C:\Users\computer\Desktop\Free Video to MP3 Converter.lnk
[2013.05.28 14:29:39 | 000,006,122 | ---- | C] () -- C:\Users\computer\Documents\cc_20130528_142937.reg
[2013.04.05 20:53:10 | 000,000,218 | ---- | C] () -- C:\Users\computer\.recently-used.xbel
[2012.10.26 06:32:18 | 000,000,000 | ---- | C] () -- C:\Users\computer\AppData\Roaming\sc_switch.cfg
[2012.08.04 14:48:08 | 000,165,404 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012.08.01 20:29:44 | 000,000,132 | ---- | C] () -- C:\Users\computer\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2012.05.12 01:32:48 | 000,002,528 | ---- | C] () -- C:\Windows\FCIC.INI
[2012.01.10 19:21:59 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2012.01.10 19:21:59 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\BD7420.DAT
[2012.01.10 19:10:29 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\BrMuSNMP.dll
[2011.12.18 16:38:28 | 059,525,617 | ---- | C] () -- C:\Users\computer\wangzong.wmv
[2011.10.21 08:40:07 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011.10.20 19:26:45 | 000,007,603 | ---- | C] () -- C:\Users\computer\AppData\Local\Resmon.ResmonCfg
[2011.10.12 17:46:08 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2011.10.12 17:45:23 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.10.12 17:45:21 | 000,216,876 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.10.12 17:45:20 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010.11.21 05:23:55 | 014,174,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010.11.21 05:24:02 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Files - Unicode (All) ==========
[2013.06.09 21:04:53 | 000,001,182 | ---- | M] ()(C:\Windows\SysNative\?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????-?????????????????????????????????????????????????????????3zales - You .mp3.lnk) -- C:\Windows\SysNative\㩃啜敳獲慜獩湥䑜睯汮慯獤䅜瑮嘠摩潥屳慧湩呜敨吠浥数牔灡ⴠ匠敷瑥䐠獩潰楳楴湯⠠䅒⁃楍⥸椠䅒⁃*䡃偁䕔⁒乏⁅唨⁓敖獲潩⥮洮㍰猀ȴ牰ȴ熠ȴ烐ȴ瀀ȴ漰ȴ湠ȴ毰ȴ涐ȴ泀ȴ醈ȳ鉘ȳ邸ȳ迨ȳ蹈ȳ輘ȳ赸ȳ貨ȳ诘ȳ謈ȳ訸ȳ襨ȳ袘ȳ蟈ȳ蛸ȳ蘨ȳ蕘ȳ蒈ȳ莸ȳ犎楏ŀ耀Ǝ╥〲敔灭牥㈥吰慲╰〲┭〲睓敥╴〲楄灳獯瑩潩╮〲㈥券䍁㈥䴰硩㈥┹〲湩㈥到䍁㈥ⴰ㈥䌰䅈呐剅㈥估䕎㈥┰㠲单㈥嘰牥楳湯㈥⸹灭3zales - You .mp3.lnk
[2013.06.09 21:04:53 | 000,001,182 | ---- | C] ()(C:\Windows\SysNative\?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????-?????????????????????????????????????????????????????????3zales - You .mp3.lnk) -- C:\Windows\SysNative\㩃啜敳獲慜獩湥䑜睯汮慯獤䅜瑮嘠摩潥屳慧湩呜敨吠浥数牔灡ⴠ匠敷瑥䐠獩潰楳楴湯⠠䅒⁃楍⥸椠䅒⁃*䡃偁䕔⁒乏⁅唨⁓敖獲潩⥮洮㍰猀ȴ牰ȴ熠ȴ烐ȴ瀀ȴ漰ȴ湠ȴ毰ȴ涐ȴ泀ȴ醈ȳ鉘ȳ邸ȳ迨ȳ蹈ȳ輘ȳ赸ȳ貨ȳ诘ȳ謈ȳ訸ȳ襨ȳ袘ȳ蟈ȳ蛸ȳ蘨ȳ蕘ȳ蒈ȳ莸ȳ犎楏ŀ耀Ǝ╥〲敔灭牥㈥吰慲╰〲┭〲睓敥╴〲楄灳獯瑩潩╮〲㈥券䍁㈥䴰硩㈥┹〲湩㈥到䍁㈥ⴰ㈥䌰䅈呐剅㈥估䕎㈥┰㠲单㈥嘰牥楳湯㈥⸹灭3zales - You .mp3.lnk
[2013.06.08 22:22:52 | 000,001,946 | ---- | M] ()(C:\Windows\SysNative\???????????????????????????3??????????????????????????????u?t?????????????????????????????????????????????????????????????Té??p?N?????????????????????????????????????????????????????????????????w?.mp3.lnk) -- C:\Windows\SysNative\㩃啜敳獲慜獩湥䑜睯汮慯獤䅜瑮嘠摩潥屳㜰吠敨䘠物睥牯灭3罰ȹ脐ȹ聀ȹ纠ȹ緐ȹ紀ȹ簰ȹ筠ȹ皀ȹ窐ȹ秀ȹ磰ȹ砠ȹ睐ȹᰪu耀ŧӲӲӲӲӲӲ�Ӳ磐ʦ礸ʦ稈ʦ禠ʦ硨ʦӲ�Ӳ�ӲӲ�ӲӲӲӲ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�ӲӲ�ӲӲTéᰪp耀ŅӲӲӲӲӲӲ�Ӳ磐ʦ礸ʦ稈ʦ禠ʦ硨ʦӲ�Ӳ�ӲӲ�ӲӲӲӲ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�ӲӲ�ӲӲӲᰪw耀.mp3.lnk
[2013.06.08 22:22:52 | 000,001,946 | ---- | M] ()(C:\Windows\SysNative\??????????????????????????????3???????????????????????????u?t?????????????????????????????????????????????????????????????Té??p?N?????????????????????????????????????????????????????????????????w?.mp3.lnk) -- C:\Windows\SysNative\㩃啜敳獲慜獩湥䑜睯汮慯獤䅜瑮嘠摩潥屳㜰ⴠ传瑵漠桴潗摯灭3ȹ聀ȹ纠ȹ緐ȹ紀ȹ簰ȹ筠ȹ皀ȹ窐ȹ秀ȹ磰ȹ砠ȹ睐ȹᰪu耀ŧӲӲӲӲӲӲ�Ӳ磐ʦ礸ʦ稈ʦ禠ʦ硨ʦӲ�Ӳ�ӲӲ�ӲӲӲӲ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�ӲӲ�ӲӲTéᰪp耀ŅӲӲӲӲӲӲ�Ӳ磐ʦ礸ʦ稈ʦ禠ʦ硨ʦӲ�Ӳ�ӲӲ�ӲӲӲӲ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�ӲӲ�ӲӲӲᰪw耀.mp3.lnk
[2013.06.08 22:22:52 | 000,001,946 | ---- | C] ()(C:\Windows\SysNative\???????????????????????????3??????????????????????????????u?t?????????????????????????????????????????????????????????????Té??p?N?????????????????????????????????????????????????????????????????w?.mp3.lnk) -- C:\Windows\SysNative\㩃啜敳獲慜獩湥䑜睯汮慯獤䅜瑮嘠摩潥屳㜰吠敨䘠物睥牯灭3罰ȹ脐ȹ聀ȹ纠ȹ緐ȹ紀ȹ簰ȹ筠ȹ皀ȹ窐ȹ秀ȹ磰ȹ砠ȹ睐ȹᰪu耀ŧӲӲӲӲӲӲ�Ӳ磐ʦ礸ʦ稈ʦ禠ʦ硨ʦӲ�Ӳ�ӲӲ�ӲӲӲӲ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�ӲӲ�ӲӲTéᰪp耀ŅӲӲӲӲӲӲ�Ӳ磐ʦ礸ʦ稈ʦ禠ʦ硨ʦӲ�Ӳ�ӲӲ�ӲӲӲӲ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�ӲӲ�ӲӲӲᰪw耀.mp3.lnk
[2013.06.08 22:22:52 | 000,001,946 | ---- | C] ()(C:\Windows\SysNative\??????????????????????????????3???????????????????????????u?t?????????????????????????????????????????????????????????????Té??p?N?????????????????????????????????????????????????????????????????w?.mp3.lnk) -- C:\Windows\SysNative\㩃啜敳獲慜獩湥䑜睯汮慯獤䅜瑮嘠摩潥屳㜰ⴠ传瑵漠桴潗摯灭3ȹ聀ȹ纠ȹ緐ȹ紀ȹ簰ȹ筠ȹ皀ȹ窐ȹ秀ȹ磰ȹ砠ȹ睐ȹᰪu耀ŧӲӲӲӲӲӲ�Ӳ磐ʦ礸ʦ稈ʦ禠ʦ硨ʦӲ�Ӳ�ӲӲ�ӲӲӲӲ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�ӲӲ�ӲӲTéᰪp耀ŅӲӲӲӲӲӲ�Ӳ磐ʦ礸ʦ稈ʦ禠ʦ硨ʦӲ�Ӳ�ӲӲ�ӲӲӲӲ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�Ӳ�ӲӲ�ӲӲӲᰪw耀.mp3.lnk
[2013.06.08 21:06:07 | 000,001,798 | ---- | M] ()(C:\Windows\SysNative\????????????????????4??????????4??????3????????????????3??-???????????????????????????????????????????????????????????????????Y?t?????-????????????????????3??4?????????8?????????????????????3(??Y?.mp3.lnk) -- C:\Windows\SysNative\㩃啜敳獲慜獩湥䑜睯汮慯獤䅜瑮嘠摩潥屳桇獯⁴敂捡*敔牡唠灁牡⁴*潙呵扵灭3湉瑳畲敭瑮污删浥硩
*潙呵扵灭3郓綰-褀楦敬⼺⼯㩃唯敳獲愯獩湥䐯睯汮慯獤䄯瑮㈥嘰摩潥⽳畆汬㈥䌰慲整㈥砰㈥䴰牡㈥ⴰ㈥丰扯摯╹〲汅敳㈥┰㠲汃扵㈥䔰楤╴㤲㈥ⴰ㈥夰畯畔敢洮㍰Ȁ郄綰Y耀ƫ獯╴〲敂捡╨〲┭〲敔牡㈥唰╳〲灁牡╴〲┭〲潙呵扵灭3屳湁⁴楖敤獯䙜汵牃瑡⁸慍*潎潢祤䔠獬䌨畬摅瑩
*潙呵扵灭3(邵綰Y耀.mp3.lnk
[2013.06.08 21:06:07 | 000,001,798 | ---- | M] ()(C:\Windows\SysNative\????????????????????????????????????4?????????????????????-???????????????????????????????????????????????????????????????????Y?t?????-????????????????????3??4?????????8?????????????????????3(??Y?.mp3.lnk) -- C:\Windows\SysNative\㩃啜敳獲慜獩湥䑜睯汮慯獤䅜瑮嘠摩潥屳楈牯䌠牨湯歩ⴠ匠楴汬䘠杯祧⠠潃浳湯畡⁴片捥歨敖獲潩⥮ⴠ夠畯畔敢洮㍰砀ɉ睐ɉ郓綰-褀楦敬⼺⼯㩃唯敳獲愯獩湥䐯睯汮慯獤䄯瑮㈥嘰摩潥⽳畆汬㈥䌰慲整㈥砰㈥䴰牡㈥ⴰ㈥丰扯摯╹〲汅敳㈥┰㠲汃扵㈥䔰楤╴㤲㈥ⴰ㈥夰畯畔敢洮㍰Ȁ郄綰Y耀ƫ獯╴〲敂捡╨〲┭〲敔牡㈥唰╳〲灁牡╴〲┭〲潙呵扵灭3屳湁⁴楖敤獯䙜汵牃瑡⁸慍*潎潢祤䔠獬䌨畬摅瑩
*潙呵扵灭3(邵綰Y耀.mp3.lnk
[2013.06.08 21:06:07 | 000,001,798 | ---- | M] ()(C:\Windows\SysNative\??????????????????????????????????????????????????????????-???????????????????????????????????????????????????????????????????Y?t?????????????????????????????4?????????8?????????????????????3(??Y?.mp3.lnk) -- C:\Windows\SysNative\㩃啜敳獲慜獩湥䑜睯汮慯獤䅜瑮嘠摩潥屳畆汬䌠慲整砠䴠牡ⴠ丠扯摯⁹汅敳⠠汃扵䔠楤⥴ⴠ夠畯畔敢洮㍰稀ɉ秀ɉ磰ɉ砠ɉ睐ɉ郓綰-褀楦敬⼺⼯㩃唯敳獲愯獩湥䐯睯汮慯獤䄯瑮㈥嘰摩潥⽳畆汬㈥䌰慲整㈥砰㈥䴰牡㈥ⴰ㈥丰扯摯╹〲汅敳㈥┰㠲汃扵㈥䔰楤╴㤲㈥ⴰ㈥夰畯畔敢洮㍰Ȁ郄綰Y耀ƫ楤杮愠渠睥䴠䱒琠敲散瑮漠敮㩳䌠尺獕牥屳楡敳屮潄湷潬摡屳湁⁴楖敤獯䙜汵牃瑡⁸慍*潎潢祤䔠獬䌨畬摅瑩
*潙呵扵灭3(邵綰Y耀.mp3.lnk
[2013.06.08 21:06:07 | 000,001,798 | ---- | C] ()(C:\Windows\SysNative\????????????????????4??????????4??????3????????????????3??-???????????????????????????????????????????????????????????????????Y?t?????-????????????????????3??4?????????8?????????????????????3(??Y?.mp3.lnk) -- C:\Windows\SysNative\㩃啜敳獲慜獩湥䑜睯汮慯獤䅜瑮嘠摩潥屳桇獯⁴敂捡*敔牡唠灁牡⁴*潙呵扵灭3湉瑳畲敭瑮污删浥硩
*潙呵扵灭3郓綰-褀楦敬⼺⼯㩃唯敳獲愯獩湥䐯睯汮慯獤䄯瑮㈥嘰摩潥⽳畆汬㈥䌰慲整㈥砰㈥䴰牡㈥ⴰ㈥丰扯摯╹〲汅敳㈥┰㠲汃扵㈥䔰楤╴㤲㈥ⴰ㈥夰畯畔敢洮㍰Ȁ郄綰Y耀ƫ獯╴〲敂捡╨〲┭〲敔牡㈥唰╳〲灁牡╴〲┭〲潙呵扵灭3屳湁⁴楖敤獯䙜汵牃瑡⁸慍*潎潢祤䔠獬䌨畬摅瑩
*潙呵扵灭3(邵綰Y耀.mp3.lnk
[2013.06.08 21:06:07 | 000,001,798 | ---- | C] ()(C:\Windows\SysNative\????????????????????????????????????4?????????????????????-???????????????????????????????????????????????????????????????????Y?t?????-????????????????????3??4?????????8?????????????????????3(??Y?.mp3.lnk) -- C:\Windows\SysNative\㩃啜敳獲慜獩湥䑜睯汮慯獤䅜瑮嘠摩潥屳楈牯䌠牨湯歩ⴠ匠楴汬䘠杯祧⠠潃浳湯畡⁴片捥歨敖獲潩⥮ⴠ夠畯畔敢洮㍰砀ɉ睐ɉ郓綰-褀楦敬⼺⼯㩃唯敳獲愯獩湥䐯睯汮慯獤䄯瑮㈥嘰摩潥⽳畆汬㈥䌰慲整㈥砰㈥䴰牡㈥ⴰ㈥丰扯摯╹〲汅敳㈥┰㠲汃扵㈥䔰楤╴㤲㈥ⴰ㈥夰畯畔敢洮㍰Ȁ郄綰Y耀ƫ獯╴〲敂捡╨〲┭〲敔牡㈥唰╳〲灁牡╴〲┭〲潙呵扵灭3屳湁⁴楖敤獯䙜汵牃瑡⁸慍*潎潢祤䔠獬䌨畬摅瑩
*潙呵扵灭3(邵綰Y耀.mp3.lnk
[2013.06.08 21:06:07 | 000,001,798 | ---- | C] ()(C:\Windows\SysNative\??????????????????????????????????????????????????????????-???????????????????????????????????????????????????????????????????Y?t?????????????????????????????4?????????8?????????????????????3(??Y?.mp3.lnk) -- C:\Windows\SysNative\㩃啜敳獲慜獩湥䑜睯汮慯獤䅜瑮嘠摩潥屳畆汬䌠慲整砠䴠牡ⴠ丠扯摯⁹汅敳⠠汃扵䔠楤⥴ⴠ夠畯畔敢洮㍰稀ɉ秀ɉ磰ɉ砠ɉ睐ɉ郓綰-褀楦敬⼺⼯㩃唯敳獲愯獩湥䐯睯汮慯獤䄯瑮㈥嘰摩潥⽳畆汬㈥䌰慲整㈥砰㈥䴰牡㈥ⴰ㈥丰扯摯╹〲汅敳㈥┰㠲汃扵㈥䔰楤╴㤲㈥ⴰ㈥夰畯畔敢洮㍰Ȁ郄綰Y耀ƫ楤杮愠渠睥䴠䱒琠敲散瑮漠敮㩳䌠尺獕牥屳楡敳屮潄湷潬摡屳湁⁴楖敤獯䙜汵牃瑡⁸慍*潎潢祤䔠獬䌨畬摅瑩
*潙呵扵灭3(邵綰Y耀.mp3.lnk
< End of report >
--- --- --- |
Lesestoff:
GMER herunter: (Dateiname zufällig) 
Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
aswMBR.exe und speichere die Datei auf deinem Desktop.
TDSSKiller.exe und speichere diese Datei auf dem Desktop
AdwCleaner auf deinen Desktop.
Textbox. 