Code:
OTL logfile created on: 9/21/2013 12:34:00 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
64bit-Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 89.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 457.75 Gb Total Space | 109.45 Gb Free Space | 23.91% Space Free | Partition Type: NTFS
Drive D: | 3.80 Gb Total Space | 3.43 Gb Free Space | 90.32% Space Free | Partition Type: NTFS
Drive I: | 457.76 Gb Total Space | 195.10 Gb Free Space | 42.62% Space Free | Partition Type: NTFS
Drive J: | 161.69 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2009/10/06 19:47:10 | 000,191,000 | ---- | M] (Logitech Inc.) [Auto] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64)
SRV:64bit: - [2008/10/01 06:43:56 | 000,024,576 | ---- | M] () [Auto] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV - [2013/09/20 17:15:20 | 000,062,052 | ---- | M] (Microsoft Corporation) [Auto] -- C:\ProgramData\grr1bj6.pzz -- (Winmgmt)
SRV - [2013/09/06 16:55:40 | 000,565,672 | ---- | M] (Valve Corporation) [On_Demand] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/07/01 15:13:18 | 004,569,856 | ---- | M] () [Auto] -- C:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll -- (Akamai)
SRV - [2013/06/21 03:53:36 | 000,162,408 | R--- | M] (Skype Technologies) [Auto] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/06/12 03:11:54 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [Disabled] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/01/24 12:14:51 | 002,620,016 | ---- | M] (Iminent) [Disabled] -- C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe -- (SProtection)
SRV - [2012/11/01 22:51:18 | 005,174,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/10/10 16:23:42 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/07/16 11:28:42 | 002,416,040 | ---- | M] (TeamViewer GmbH) [Disabled] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2012/03/09 18:50:38 | 000,109,064 | ---- | M] (Wajam) [Disabled] -- C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe -- (WajamUpdater)
SRV - [2012/02/13 22:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Disabled] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/09/04 12:58:14 | 001,355,968 | ---- | M] (Lavasoft) [Auto] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011/03/01 12:29:58 | 000,130,976 | ---- | M] (Futuremark Corporation) [Disabled] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2010/03/18 07:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/04 17:38:00 | 000,071,096 | ---- | M] () [Disabled] -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2009/03/30 00:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/12/04 08:00:26 | 000,354,840 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008/07/29 12:53:00 | 000,500,784 | ---- | M] (Egis Incorporated) [Disabled] -- C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008/05/20 12:50:50 | 000,269,448 | ---- | M] (CyberLink) [Auto] -- C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe -- (Acer HomeMedia Connect Service)
SRV - [2007/05/31 12:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 12:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/04/10 21:18:40 | 000,384,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\Windows\System32\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012/12/09 22:28:34 | 000,127,328 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2012/11/07 22:49:24 | 000,307,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\Windows\System32\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2012/07/03 05:50:00 | 000,036,352 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lgandnetmodem64.sys -- (ANDNetModem)
DRV:64bit: - [2012/07/03 05:50:00 | 000,029,184 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lgandnetdiag64.sys -- (AndNetDiag)
DRV:64bit: - [2012/04/18 22:50:26 | 000,028,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot] -- C:\Windows\System32\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012/01/30 22:46:48 | 000,036,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot] -- C:\Windows\System32\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/12/23 07:32:14 | 000,047,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System] -- C:\Windows\System32\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/12/23 07:32:04 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\avgidsfiltera.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/09/04 12:58:28 | 000,069,376 | ---- | M] (Lavasoft AB) [File_System | Boot] -- C:\Windows\System32\drivers\Lbd.sys -- (Lbd)
DRV:64bit: - [2010/01/26 22:09:02 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto] -- C:\Windows\System32\drivers\npf.sys -- (npf)
DRV:64bit: - [2009/10/06 19:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2009/10/06 19:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2009/09/30 20:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\WpdUsb.sys -- (WpdUsb)
DRV:64bit: - [2009/04/30 16:55:58 | 002,755,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\LV302V64.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV:64bit: - [2008/10/01 02:32:22 | 000,095,584 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot] -- C:\Windows\System32\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2008/05/02 01:59:48 | 000,166,912 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2006/09/18 17:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- C:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2005/08/25 10:44:37 | 000,024,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand] -- C:\Windows\System32\drivers\RtVlan60.sys -- (RTVLANPT) Realtek Vlan Protocol Driver (NDIS 6.0)
DRV:64bit: - [2005/08/25 10:44:36 | 000,043,008 | ---- | M] (Realtek Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\RtTeam60.sys -- (TEAM) Realtek Virtual Miniport Driver for Teaming (NDIS 6.0)
DRV:64bit: - [2005/08/25 10:44:36 | 000,043,008 | ---- | M] (Realtek Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\RtTeam60.sys -- (RTTEAMPT) Realtek Teaming Protocol Driver (NDIS 6.0)
DRV - [2009/11/12 08:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)
DRV - [2008/09/30 04:42:20 | 000,017,952 | ---- | M] (Acer, Inc.) [Kernel | Auto] -- C:\Windows\SysWOW64\drivers\int15_64.sys -- (int15)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\HetzerHofi_ON_C\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://search.babylon.com/?affID=110824&tt=031012_ccp_4012_3&babsrc=HP_ss&mntrId=fa628876000000000000002421180ee5
IE - HKU\HetzerHofi_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\HetzerHofi_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/?pc=UP97&ocid=UP97DHP
IE - HKU\HetzerHofi_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\HetzerHofi_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\HetzerHofi_ON_C\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\HetzerHofi_ON_C\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - Reg Error: Key error. File not found
IE - HKU\HetzerHofi_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\HetzerHofi_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\System32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: C:\Program Files (x86)\VistaCodecPack\rm\Browser\Plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\VistaCodecPack\rm\Browser\Plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files (x86)\Google\Google Gears\Firefox\ [2010/03/05 22:43:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/10/19 04:17:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2013/05/15 03:48:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ [2012/07/03 11:12:16 | 000,000,000 | ---D | M]
[2011/05/17 14:02:06 | 000,002,428 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
O1 HOSTS File: ([2006/09/18 17:37:24 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\ActiveToolBand.dll (Egis)
O2:64bit: - BHO: (Loader Class) - {9D717F81-9148-4f12-8568-69135F087DB0} - File not found
O2:64bit: - BHO: (DataMngr) - {C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} - File not found
O2 - BHO: (Shopping Assistant Plugin) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.6.4\PriceGongIE.dll (PriceGong)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Loader Class) - {9D717F81-9148-4f12-8568-69135F087DB0} - File not found
O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll (Iminent)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (DataMngr) - {C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} - File not found
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - File not found
O2 - BHO: (Search-Results Toolbar) - {f34c9277-6577-4dff-b2d7-7d58092f272f} - File not found
O3:64bit: - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStoolbar.dll (Egis Incorporated.)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - File not found
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - File not found
O3 - HKLM\..\Toolbar: (Search-Results Toolbar) - {f34c9277-6577-4dff-b2d7-7d58092f272f} - File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\HetzerHofi_ON_C\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\HetzerHofi_ON_C\..\Toolbar\WebBrowser: (no name) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No CLSID value found.
O3 - HKU\HetzerHofi_ON_C\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\HetzerHofi_ON_C\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O3 - HKU\HetzerHofi_ON_C\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - File not found
O4:64bit: - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Program Files\Acer\Empowering Technology\SysMonitor.exe ()
O4:64bit: - HKLM..\Run: [eDataSecurity Loader] C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSloader.exe (Egis Incorporated)
O4:64bit: - HKLM..\Run: [EmpoweringTechnology] File not found
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Iminent] C:\Program Files (x86)\Iminent\Iminent.exe (Iminent)
O4 - HKLM..\Run: [PCMMediaSharing] C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
O4 - HKU\123_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\HetzerHofi_ON_C..\Run: [CollaborationHost] File not found
O4 - HKU\HetzerHofi_ON_C..\Run: [IE10Updater] C:\Users\HetzerHofi\AppData\Local\Temp\vhcekoionunfibwnlah.bfg ()
O4 - HKU\HetzerHofi_ON_C..\Run: [Speech Recognition] C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation)
O4 - HKU\HetzerHofi_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\UpdatusUser_ON_C..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\UpdatusUser_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\123_ON_C..\RunOnce: [avg_spchecker] File not found
O4 - HKLM..\RunServices: [Driver32] File not found
O4 - Startup: C:\Users\HetzerHofi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\dtlrj6j.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation)
O4 - Startup: C:\Users\HetzerHofi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\grr1bj6.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra 'Tools' menuitem : &Gears-Einstellungen - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - File not found
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = zimt-pc
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~3\Wincert\WIN64C~1.DLL) - C:\ProgramData\Wincert\win64cert.dll ()
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll) - File not found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\x64\IEBHO.dll) - File not found
O20 - AppInit_DLLs: (C:\PROGRA~3\Wincert\WIN32C~1.DLL) - C:\ProgramData\Wincert\win32cert.dll ()
O20 - AppInit_DLLs: (c:\progra~3\browse~1\23762~1.17\{16cdf~1\browse~1.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart) - C:\Program Files (x86)\AVG\AVG2012\avgrsa.exe (AVG Technologies CZ, s.r.o.)
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2013/09/20 17:15:20 | 000,062,052 | ---- | C] (Microsoft Corporation) -- C:\ProgramData\grr1bj6.pzz
[2013/09/20 17:15:15 | 000,192,868 | ---- | C] (Daniel Pistelli) -- C:\ProgramData\6jb1rrg.plz
[2013/09/12 14:23:38 | 000,689,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themeui.dll
[2013/09/12 14:23:38 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\themeui.dll
[2013/09/11 21:05:33 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/09/11 21:05:33 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/09/11 21:05:33 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmled.dll
[2013/09/11 21:05:33 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/09/11 21:05:32 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/09/11 21:05:32 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/09/11 21:05:31 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/09/11 21:05:31 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/09/11 21:05:30 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/09/11 21:05:30 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll
[2013/09/11 21:05:30 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/09/11 21:05:30 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/09/11 21:05:30 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/09/11 21:05:30 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/09/11 21:05:30 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2013/09/11 21:05:29 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2013/09/11 21:05:29 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2013/09/07 17:20:54 | 000,062,560 | ---- | C] (Microsoft Corporation) -- C:\ProgramData\dtlrj6j.pzz
[2013/08/27 17:39:58 | 001,706,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2013/08/27 17:39:58 | 001,548,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2009/01/12 21:14:34 | 000,049,152 | R--- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
========== Files - Modified Within 30 Days ==========
[2013/09/21 05:17:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/09/21 05:15:49 | 095,025,368 | ---- | M] () -- C:\ProgramData\grr1bj6.pff
[2013/09/21 05:15:47 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/09/21 05:15:47 | 000,000,298 | -H-- | M] () -- C:\Windows\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
[2013/09/21 05:15:46 | 000,000,000 | ---- | M] () -- C:\ProgramData\grr1bj6.ctrl
[2013/09/21 05:15:46 | 000,000,000 | ---- | M] () -- C:\ProgramData\dtlrj6j.ctrl
[2013/09/21 05:15:44 | 000,000,374 | ---- | M] () -- C:\Windows\tasks\WinMaximizer64-HetzerHofi-Startup.job
[2013/09/21 05:15:28 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/09/21 05:15:28 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/09/20 18:10:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/09/20 17:31:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/09/20 17:30:06 | 000,016,181 | ---- | M] () -- C:\ProgramData\2hl.exe
[2013/09/20 17:19:54 | 554,735,914 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/09/20 17:15:20 | 000,062,052 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\grr1bj6.pzz
[2013/09/20 17:15:18 | 000,000,872 | ---- | M] () -- C:\Users\HetzerHofi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\grr1bj6.lnk
[2013/09/20 17:15:15 | 000,192,868 | ---- | M] (Daniel Pistelli) -- C:\ProgramData\6jb1rrg.plz
[2013/09/20 17:08:02 | 000,079,310 | ---- | M] () -- C:\Users\HetzerHofi\Documents\1240076_576053302455799_1630020488_n.jpg
[2013/09/20 16:09:03 | 000,001,158 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-154907131-2759872459-510984776-1000UA.job
[2013/09/19 19:09:00 | 000,001,136 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-154907131-2759872459-510984776-1000Core.job
[2013/09/19 14:13:14 | 000,002,029 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/09/17 14:32:03 | 000,681,892 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013/09/17 14:32:03 | 000,640,922 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/09/17 14:32:03 | 000,149,356 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013/09/17 14:32:03 | 000,122,806 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/09/11 21:31:20 | 095,025,368 | ---- | M] () -- C:\ProgramData\dtlrj6j.pff
[2013/09/11 21:29:27 | 000,519,672 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/09/07 17:20:54 | 000,062,560 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\dtlrj6j.pzz
[2013/09/07 17:20:51 | 000,000,872 | ---- | M] () -- C:\Users\HetzerHofi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\dtlrj6j.lnk
[2013/09/07 17:20:48 | 000,166,400 | ---- | M] () -- C:\ProgramData\j6jrltd.plz
========== Files Created - No Company Name ==========
[2013/09/20 17:30:06 | 000,016,181 | ---- | C] () -- C:\ProgramData\2hl.exe
[2013/09/20 17:15:18 | 000,000,872 | ---- | C] () -- C:\Users\HetzerHofi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\grr1bj6.lnk
[2013/09/20 17:15:18 | 000,000,000 | ---- | C] () -- C:\ProgramData\grr1bj6.ctrl
[2013/09/20 17:15:15 | 095,025,368 | ---- | C] () -- C:\ProgramData\grr1bj6.pff
[2013/09/20 17:08:01 | 000,079,310 | ---- | C] () -- C:\Users\HetzerHofi\Documents\1240076_576053302455799_1630020488_n.jpg
[2013/09/07 17:20:51 | 000,000,872 | ---- | C] () -- C:\Users\HetzerHofi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\dtlrj6j.lnk
[2013/09/07 17:20:51 | 000,000,000 | ---- | C] () -- C:\ProgramData\dtlrj6j.ctrl
[2013/09/07 17:20:50 | 095,025,368 | ---- | C] () -- C:\ProgramData\dtlrj6j.pff
[2013/09/07 17:20:48 | 000,166,400 | ---- | C] () -- C:\ProgramData\j6jrltd.plz
[2013/08/14 07:55:47 | 000,060,432 | ---- | C] () -- C:\Users\HetzerHofi\AppData\Roaming\data.dat
[2013/04/23 15:22:58 | 001,169,609 | ---- | C] () -- C:\Windows\unins000.exe
[2013/04/23 15:22:58 | 000,081,833 | ---- | C] () -- C:\Windows\unins000.dat
[2012/02/01 13:46:12 | 000,000,336 | ---- | C] () -- C:\Windows\game.ini
[2011/11/22 12:44:53 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2011/11/22 12:44:53 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2011/09/24 09:13:24 | 000,000,098 | ---- | C] () -- C:\Users\HetzerHofi\AppData\Local\fusioncache.dat
[2011/09/24 09:12:44 | 001,568,022 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/09/08 16:24:46 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2011/04/16 13:21:27 | 000,444,283 | ---- | C] () -- C:\Program Files (x86)\Common Files\WinPcapNmap.exe
[2011/02/16 14:29:20 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/02/09 11:47:23 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011/01/31 17:23:51 | 000,031,837 | ---- | C] () -- C:\Users\HetzerHofi\AppData\Roaming\UserTile.png
[2010/06/22 15:05:20 | 000,000,000 | ---- | C] () -- C:\Users\HetzerHofi\AppData\Local\prvlcl.dat
[2010/04/22 05:39:27 | 000,007,168 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2010/04/22 05:36:29 | 000,000,783 | ---- | C] () -- C:\Windows\NTIWVEDT.INI
[2010/02/28 13:15:03 | 000,080,896 | ---- | C] () -- C:\Windows\cadkasdeinst01.exe
[2010/02/03 09:59:27 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/01/26 22:09:02 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2010/01/06 13:36:48 | 000,000,360 | ---- | C] () -- C:\Windows\wininit.ini
[2009/12/11 02:46:59 | 000,000,680 | ---- | C] () -- C:\Users\HetzerHofi\AppData\Local\d3d9caps.dat
[2009/12/05 04:17:48 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/12/05 04:17:39 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/12/05 04:17:30 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/12/04 21:44:31 | 000,153,600 | ---- | C] () -- C:\Users\HetzerHofi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/30 08:41:57 | 000,114,778 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/11/30 08:39:34 | 000,114,778 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/09/23 18:46:04 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009/05/29 20:37:40 | 000,205,824 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009/05/29 20:31:52 | 000,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2009/01/12 12:59:28 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2008/01/20 22:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2007/09/04 06:56:10 | 000,164,352 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2007/04/27 05:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2007/02/05 14:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2006/11/02 11:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 11:02:31 | 000,197,632 | ---- | C] () -- C:\Windows\SysWow64\ir32_32.dll
[2006/11/02 08:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 08:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 08:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 05:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
========== LOP Check ==========
[2009/01/12 14:50:41 | 000,000,000 | ---D | M] -- C:\Users\123\AppData\Roaming\Acer GameZone Console
[2012/03/12 05:46:15 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\ACD Systems
[2009/01/12 14:50:41 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\Acer GameZone Console
[2013/01/28 13:30:15 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\AVG January 2013 Campaign
[2012/06/06 11:29:49 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\AVG2012
[2012/05/16 13:48:31 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\Babylon
[2012/07/29 11:07:29 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\Blender Foundation
[2011/02/26 18:18:01 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\Buonp
[2010/04/22 05:39:37 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\Canneverbe Limited
[2012/12/15 04:28:17 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\DVDVideoSoft
[2012/12/15 04:27:58 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\DVDVideoSoftIEHelpers
[2010/08/03 07:18:58 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\eSobi
[2013/04/27 06:56:06 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\ExpressFiles
[2011/09/08 16:39:06 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\FreeVideoConverter
[2010/04/19 19:41:41 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\Go Go Gourmet
[2010/12/22 12:51:01 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\gtk-2.0
[2011/03/09 04:16:12 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\Guvay
[2012/04/11 13:59:32 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\ICQ
[2013/01/15 13:02:20 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\Iminent
[2011/06/06 04:31:04 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\ITTerritory
[2011/02/26 18:16:42 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\k
[2010/10/27 14:00:41 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\Leadertech
[2011/11/22 13:18:57 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\LG Electronics
[2012/10/05 07:14:42 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\Mael
[2013/01/23 15:37:58 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\MAGIX
[2010/04/19 19:36:40 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\Meridian93
[2010/12/28 19:41:23 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\Mumble
[2012/01/18 01:06:52 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\MusicNet
[2012/02/19 07:02:31 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\Need for Speed World
[2012/12/15 04:27:46 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\OpenCandy
[2012/02/22 03:15:36 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\OpenOffice.org
[2011/01/31 17:23:51 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\PeerNetworking
[2012/03/12 04:56:23 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\PhotoScape
[2010/04/08 07:35:04 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\smc
[2012/08/01 07:48:06 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\TeamViewer
[2013/08/26 05:09:55 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\TS3Client
[2012/12/15 04:28:45 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\TuneUp Software
[2011/12/21 04:22:22 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\Unity
[2011/04/16 13:23:27 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\VDownloader
[2009/12/04 21:49:29 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\VistaCodecs
[2012/06/07 08:59:21 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\Vjaf
[2012/05/16 13:48:28 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\YourFileDownloader
[2012/03/12 05:44:52 | 000,000,000 | ---D | M] -- C:\ProgramData\ACD Systems
[2009/01/12 14:50:41 | 000,000,000 | ---D | M] -- C:\ProgramData\Acer GameZone Console
[2009/12/03 12:09:28 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten
[2006/11/02 11:42:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2010/04/19 19:38:05 | 000,000,000 | ---D | M] -- C:\ProgramData\Arcade Lab
[2013/02/08 05:13:58 | 000,000,000 | ---D | M] -- C:\ProgramData\AVG2012
[2012/06/05 11:28:08 | 000,000,000 | ---D | M] -- C:\ProgramData\avg9
[2012/05/16 13:48:32 | 000,000,000 | ---D | M] -- C:\ProgramData\Babylon
[2012/05/16 12:08:51 | 000,000,000 | ---D | M] -- C:\ProgramData\Battle.net
[2013/01/09 22:47:24 | 000,000,000 | ---D | M] -- C:\ProgramData\boost_interprocess
[2012/10/05 07:55:29 | 000,000,000 | ---D | M] -- C:\ProgramData\Browser Manager
[2010/04/22 05:39:36 | 000,000,000 | ---D | M] -- C:\ProgramData\Canneverbe Limited
[2011/03/15 04:10:01 | 000,000,000 | -H-D | M] -- C:\ProgramData\Common Files
[2006/11/02 11:42:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2006/11/02 11:42:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2009/12/03 12:09:28 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente
[2012/02/19 06:10:10 | 000,000,000 | ---D | M] -- C:\ProgramData\Electronic Arts
[2009/01/12 15:04:41 | 000,000,000 | ---D | M] -- C:\ProgramData\eSobi
[2009/12/03 12:09:28 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten
[2006/11/02 11:42:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2011/01/20 13:51:21 | 000,000,000 | ---D | M] -- C:\ProgramData\ICQ
[2010/03/25 07:02:54 | 000,000,000 | ---D | M] -- C:\ProgramData\IM
[2013/01/15 13:02:06 | 000,000,000 | ---D | M] -- C:\ProgramData\Iminent
[2010/03/25 07:02:22 | 000,000,000 | ---D | M] -- C:\ProgramData\IncrediMail
[2013/04/27 15:56:10 | 000,000,000 | ---D | M] -- C:\ProgramData\LGMOBILEAX
[2013/01/23 15:37:58 | 000,000,000 | ---D | M] -- C:\ProgramData\MAGIX
[2010/04/19 19:36:58 | 000,000,000 | ---D | M] -- C:\ProgramData\Meridian93
[2013/05/15 03:48:49 | 000,000,000 | ---D | M] -- C:\ProgramData\MFAData
[2009/12/29 01:27:19 | 000,000,000 | ---D | M] -- C:\ProgramData\PC Drivers HeadQuarters
[2010/03/25 07:02:51 | 000,000,000 | ---D | M] -- C:\ProgramData\PhotoMail
[2011/03/22 03:20:22 | 000,000,000 | ---D | M] -- C:\ProgramData\PMB Files
[2009/12/05 18:41:13 | 000,000,000 | ---D | M] -- C:\ProgramData\SpinTop Games
[2006/11/02 11:42:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2009/12/03 12:09:28 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü
[2013/01/15 12:59:36 | 000,000,000 | ---D | M] -- C:\ProgramData\Tarma Installer
[2012/06/05 11:16:21 | 000,000,000 | ---D | M] -- C:\ProgramData\TEMP
[2006/11/02 11:42:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2012/11/03 18:58:55 | 000,000,000 | ---D | M] -- C:\ProgramData\TERA
[2012/12/15 04:28:45 | 000,000,000 | ---D | M] -- C:\ProgramData\TuneUp Software
[2009/12/29 01:27:21 | 000,000,000 | ---D | M] -- C:\ProgramData\UAB
[2009/12/04 21:49:29 | 000,000,000 | ---D | M] -- C:\ProgramData\VistaCodecs
[2009/12/03 12:09:28 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen
[2012/12/29 21:30:49 | 000,000,000 | ---D | M] -- C:\ProgramData\Wincert
[2010/08/03 06:36:02 | 000,000,000 | ---D | M] -- C:\ProgramData\WindowsSearch
[2010/04/15 19:16:14 | 000,000,000 | ---D | M] -- C:\ProgramData\WinMaximizer
[2010/09/09 05:35:57 | 000,000,000 | ---D | M] -- C:\ProgramData\Zylom
[2011/09/04 12:49:50 | 000,000,000 | -H-D | M] -- C:\ProgramData\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2011/04/28 09:34:04 | 000,000,000 | ---D | M] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2012/12/15 04:28:36 | 000,000,000 | -HSD | M] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2011/09/04 11:35:41 | 000,000,000 | -H-D | M] -- C:\ProgramData\~0
[2013/09/19 19:09:00 | 000,001,136 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-154907131-2759872459-510984776-1000Core.job
[2013/09/20 16:09:03 | 000,001,158 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-154907131-2759872459-510984776-1000UA.job
[2013/09/21 05:16:43 | 000,032,514 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013/09/21 05:15:44 | 000,000,374 | ---- | M] () -- C:\Windows\Tasks\WinMaximizer64-HetzerHofi-Startup.job
[2013/09/21 05:15:47 | 000,000,298 | -H-- | M] () -- C:\Windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:4D066AD2
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:4CF61E54
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:AB689DEA
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:793F316E
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:2634FC95
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:A42A9F39
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:DAFD38AE
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D1B5B4F1
< End of report >
finde die extra.txt datei nicht
otlpe hat nur eine otl datei erstellt
so habe erneut einen scan durchgeführt
und diesmal auch die extra txt datei
OTL log:
OTL Logfile: Code:
OTL logfile created on: 9/21/2013 2:25:19 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
64bit-Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 86.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 96.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 457.75 Gb Total Space | 109.46 Gb Free Space | 23.91% Space Free | Partition Type: NTFS
Drive D: | 3.80 Gb Total Space | 3.76 Gb Free Space | 98.83% Space Free | Partition Type: NTFS
Drive I: | 457.76 Gb Total Space | 195.10 Gb Free Space | 42.62% Space Free | Partition Type: NTFS
Drive J: | 161.69 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2009/10/06 19:47:10 | 000,191,000 | ---- | M] (Logitech Inc.) [Auto] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64)
SRV:64bit: - [2008/10/01 06:43:56 | 000,024,576 | ---- | M] () [Auto] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV - [2013/09/20 17:15:20 | 000,062,052 | ---- | M] (Microsoft Corporation) [Auto] -- C:\ProgramData\grr1bj6.pzz -- (Winmgmt)
SRV - [2013/09/06 16:55:40 | 000,565,672 | ---- | M] (Valve Corporation) [On_Demand] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/07/01 15:13:18 | 004,569,856 | ---- | M] () [Auto] -- C:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll -- (Akamai)
SRV - [2013/06/21 03:53:36 | 000,162,408 | R--- | M] (Skype Technologies) [Auto] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/06/12 03:11:54 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [Disabled] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/01/24 12:14:51 | 002,620,016 | ---- | M] (Iminent) [Disabled] -- C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe -- (SProtection)
SRV - [2012/11/01 22:51:18 | 005,174,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/10/10 16:23:42 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/07/16 11:28:42 | 002,416,040 | ---- | M] (TeamViewer GmbH) [Disabled] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2012/03/09 18:50:38 | 000,109,064 | ---- | M] (Wajam) [Disabled] -- C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe -- (WajamUpdater)
SRV - [2012/02/13 22:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Disabled] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/09/04 12:58:14 | 001,355,968 | ---- | M] (Lavasoft) [Auto] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011/03/01 12:29:58 | 000,130,976 | ---- | M] (Futuremark Corporation) [Disabled] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2010/03/18 07:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/04 17:38:00 | 000,071,096 | ---- | M] () [Disabled] -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2009/03/30 00:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/12/04 08:00:26 | 000,354,840 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008/07/29 12:53:00 | 000,500,784 | ---- | M] (Egis Incorporated) [Disabled] -- C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008/05/20 12:50:50 | 000,269,448 | ---- | M] (CyberLink) [Auto] -- C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe -- (Acer HomeMedia Connect Service)
SRV - [2007/05/31 12:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 12:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/04/10 21:18:40 | 000,384,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\Windows\System32\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012/12/09 22:28:34 | 000,127,328 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2012/11/07 22:49:24 | 000,307,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\Windows\System32\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2012/07/03 05:50:00 | 000,036,352 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lgandnetmodem64.sys -- (ANDNetModem)
DRV:64bit: - [2012/07/03 05:50:00 | 000,029,184 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lgandnetdiag64.sys -- (AndNetDiag)
DRV:64bit: - [2012/04/18 22:50:26 | 000,028,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot] -- C:\Windows\System32\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012/01/30 22:46:48 | 000,036,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot] -- C:\Windows\System32\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/12/23 07:32:14 | 000,047,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System] -- C:\Windows\System32\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/12/23 07:32:04 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\avgidsfiltera.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/09/04 12:58:28 | 000,069,376 | ---- | M] (Lavasoft AB) [File_System | Boot] -- C:\Windows\System32\drivers\Lbd.sys -- (Lbd)
DRV:64bit: - [2010/01/26 22:09:02 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto] -- C:\Windows\System32\drivers\npf.sys -- (npf)
DRV:64bit: - [2009/10/06 19:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2009/10/06 19:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2009/09/30 20:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\WpdUsb.sys -- (WpdUsb)
DRV:64bit: - [2009/04/30 16:55:58 | 002,755,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\LV302V64.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV:64bit: - [2008/10/01 02:32:22 | 000,095,584 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot] -- C:\Windows\System32\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2008/05/02 01:59:48 | 000,166,912 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2006/09/18 17:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- C:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2005/08/25 10:44:37 | 000,024,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand] -- C:\Windows\System32\drivers\RtVlan60.sys -- (RTVLANPT) Realtek Vlan Protocol Driver (NDIS 6.0)
DRV:64bit: - [2005/08/25 10:44:36 | 000,043,008 | ---- | M] (Realtek Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\RtTeam60.sys -- (TEAM) Realtek Virtual Miniport Driver for Teaming (NDIS 6.0)
DRV:64bit: - [2005/08/25 10:44:36 | 000,043,008 | ---- | M] (Realtek Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\RtTeam60.sys -- (RTTEAMPT) Realtek Teaming Protocol Driver (NDIS 6.0)
DRV - [2009/11/12 08:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)
DRV - [2008/09/30 04:42:20 | 000,017,952 | ---- | M] (Acer, Inc.) [Kernel | Auto] -- C:\Windows\SysWOW64\drivers\int15_64.sys -- (int15)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\HetzerHofi_ON_C\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = Babylon Search
IE - HKU\HetzerHofi_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\HetzerHofi_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
IE - HKU\HetzerHofi_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
IE - HKU\HetzerHofi_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\HetzerHofi_ON_C\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\HetzerHofi_ON_C\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - Reg Error: Key error. File not found
IE - HKU\HetzerHofi_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\HetzerHofi_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\System32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: C:\Program Files (x86)\VistaCodecPack\rm\Browser\Plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\VistaCodecPack\rm\Browser\Plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files (x86)\Google\Google Gears\Firefox\ [2010/03/05 22:43:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/10/19 04:17:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2013/05/15 03:48:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ [2012/07/03 11:12:16 | 000,000,000 | ---D | M]
[2011/05/17 14:02:06 | 000,002,428 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
O1 HOSTS File: ([2006/09/18 17:37:24 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\ActiveToolBand.dll (Egis)
O2:64bit: - BHO: (Loader Class) - {9D717F81-9148-4f12-8568-69135F087DB0} - File not found
O2:64bit: - BHO: (DataMngr) - {C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} - File not found
O2 - BHO: (Shopping Assistant Plugin) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.6.4\PriceGongIE.dll (PriceGong)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Loader Class) - {9D717F81-9148-4f12-8568-69135F087DB0} - File not found
O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll (Iminent)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (DataMngr) - {C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} - File not found
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - File not found
O2 - BHO: (Search-Results Toolbar) - {f34c9277-6577-4dff-b2d7-7d58092f272f} - File not found
O3:64bit: - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStoolbar.dll (Egis Incorporated.)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - File not found
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - File not found
O3 - HKLM\..\Toolbar: (Search-Results Toolbar) - {f34c9277-6577-4dff-b2d7-7d58092f272f} - File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\HetzerHofi_ON_C\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\HetzerHofi_ON_C\..\Toolbar\WebBrowser: (no name) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No CLSID value found.
O3 - HKU\HetzerHofi_ON_C\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\HetzerHofi_ON_C\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O3 - HKU\HetzerHofi_ON_C\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - File not found
O4:64bit: - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Program Files\Acer\Empowering Technology\SysMonitor.exe ()
O4:64bit: - HKLM..\Run: [eDataSecurity Loader] C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSloader.exe (Egis Incorporated)
O4:64bit: - HKLM..\Run: [EmpoweringTechnology] File not found
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Iminent] C:\Program Files (x86)\Iminent\Iminent.exe (Iminent)
O4 - HKLM..\Run: [PCMMediaSharing] C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
O4 - HKU\123_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\HetzerHofi_ON_C..\Run: [CollaborationHost] File not found
O4 - HKU\HetzerHofi_ON_C..\Run: [IE10Updater] C:\Users\HetzerHofi\AppData\Local\Temp\vhcekoionunfibwnlah.bfg ()
O4 - HKU\HetzerHofi_ON_C..\Run: [Speech Recognition] C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation)
O4 - HKU\HetzerHofi_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\UpdatusUser_ON_C..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\UpdatusUser_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\123_ON_C..\RunOnce: [avg_spchecker] File not found
O4 - HKLM..\RunServices: [Driver32] File not found
O4 - Startup: C:\Users\HetzerHofi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\dtlrj6j.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation)
O4 - Startup: C:\Users\HetzerHofi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\grr1bj6.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra 'Tools' menuitem : &Gears-Einstellungen - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - File not found
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = zimt-pc
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~3\Wincert\WIN64C~1.DLL) - C:\ProgramData\Wincert\win64cert.dll ()
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll) - File not found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\x64\IEBHO.dll) - File not found
O20 - AppInit_DLLs: (C:\PROGRA~3\Wincert\WIN32C~1.DLL) - C:\ProgramData\Wincert\win32cert.dll ()
O20 - AppInit_DLLs: (c:\progra~3\browse~1\23762~1.17\{16cdf~1\browse~1.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart) - C:\Program Files (x86)\AVG\AVG2012\avgrsa.exe (AVG Technologies CZ, s.r.o.)
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2013/09/21 12:39:54 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013/09/20 17:15:20 | 000,062,052 | ---- | C] (Microsoft Corporation) -- C:\ProgramData\grr1bj6.pzz
[2013/09/20 17:15:15 | 000,192,868 | ---- | C] (Daniel Pistelli) -- C:\ProgramData\6jb1rrg.plz
[2013/09/12 14:23:38 | 000,689,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themeui.dll
[2013/09/12 14:23:38 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\themeui.dll
[2013/09/11 21:05:33 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/09/11 21:05:33 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/09/11 21:05:33 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmled.dll
[2013/09/11 21:05:33 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/09/11 21:05:32 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/09/11 21:05:32 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/09/11 21:05:31 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/09/11 21:05:31 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/09/11 21:05:30 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/09/11 21:05:30 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll
[2013/09/11 21:05:30 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/09/11 21:05:30 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/09/11 21:05:30 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/09/11 21:05:30 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/09/11 21:05:30 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2013/09/11 21:05:29 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2013/09/11 21:05:29 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2013/09/07 17:20:54 | 000,062,560 | ---- | C] (Microsoft Corporation) -- C:\ProgramData\dtlrj6j.pzz
[2013/08/27 17:39:58 | 001,706,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2013/08/27 17:39:58 | 001,548,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2009/01/12 21:14:34 | 000,049,152 | R--- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
========== Files - Modified Within 30 Days ==========
[2013/09/21 05:17:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/09/21 05:15:49 | 095,025,368 | ---- | M] () -- C:\ProgramData\grr1bj6.pff
[2013/09/21 05:15:47 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/09/21 05:15:47 | 000,000,298 | -H-- | M] () -- C:\Windows\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
[2013/09/21 05:15:46 | 000,000,000 | ---- | M] () -- C:\ProgramData\grr1bj6.ctrl
[2013/09/21 05:15:46 | 000,000,000 | ---- | M] () -- C:\ProgramData\dtlrj6j.ctrl
[2013/09/21 05:15:44 | 000,000,374 | ---- | M] () -- C:\Windows\tasks\WinMaximizer64-HetzerHofi-Startup.job
[2013/09/21 05:15:28 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/09/21 05:15:28 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/09/20 18:10:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/09/20 17:31:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/09/20 17:30:06 | 000,016,181 | ---- | M] () -- C:\ProgramData\2hl.exe
[2013/09/20 17:19:54 | 554,735,914 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/09/20 17:15:20 | 000,062,052 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\grr1bj6.pzz
[2013/09/20 17:15:18 | 000,000,872 | ---- | M] () -- C:\Users\HetzerHofi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\grr1bj6.lnk
[2013/09/20 17:15:15 | 000,192,868 | ---- | M] (Daniel Pistelli) -- C:\ProgramData\6jb1rrg.plz
[2013/09/20 17:08:02 | 000,079,310 | ---- | M] () -- C:\Users\HetzerHofi\Documents\1240076_576053302455799_1630020488_n.jpg
[2013/09/20 16:09:03 | 000,001,158 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-154907131-2759872459-510984776-1000UA.job
[2013/09/19 19:09:00 | 000,001,136 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-154907131-2759872459-510984776-1000Core.job
[2013/09/19 14:13:14 | 000,002,029 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/09/17 14:32:03 | 000,681,892 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013/09/17 14:32:03 | 000,640,922 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/09/17 14:32:03 | 000,149,356 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013/09/17 14:32:03 | 000,122,806 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/09/11 21:31:20 | 095,025,368 | ---- | M] () -- C:\ProgramData\dtlrj6j.pff
[2013/09/11 21:29:27 | 000,519,672 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/09/07 17:20:54 | 000,062,560 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\dtlrj6j.pzz
[2013/09/07 17:20:51 | 000,000,872 | ---- | M] () -- C:\Users\HetzerHofi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\dtlrj6j.lnk
[2013/09/07 17:20:48 | 000,166,400 | ---- | M] () -- C:\ProgramData\j6jrltd.plz
========== Files Created - No Company Name ==========
[2013/09/20 17:30:06 | 000,016,181 | ---- | C] () -- C:\ProgramData\2hl.exe
[2013/09/20 17:15:18 | 000,000,872 | ---- | C] () -- C:\Users\HetzerHofi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\grr1bj6.lnk
[2013/09/20 17:15:18 | 000,000,000 | ---- | C] () -- C:\ProgramData\grr1bj6.ctrl
[2013/09/20 17:15:15 | 095,025,368 | ---- | C] () -- C:\ProgramData\grr1bj6.pff
[2013/09/20 17:08:01 | 000,079,310 | ---- | C] () -- C:\Users\HetzerHofi\Documents\1240076_576053302455799_1630020488_n.jpg
[2013/09/07 17:20:51 | 000,000,872 | ---- | C] () -- C:\Users\HetzerHofi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\dtlrj6j.lnk
[2013/09/07 17:20:51 | 000,000,000 | ---- | C] () -- C:\ProgramData\dtlrj6j.ctrl
[2013/09/07 17:20:50 | 095,025,368 | ---- | C] () -- C:\ProgramData\dtlrj6j.pff
[2013/09/07 17:20:48 | 000,166,400 | ---- | C] () -- C:\ProgramData\j6jrltd.plz
[2013/08/14 07:55:47 | 000,060,432 | ---- | C] () -- C:\Users\HetzerHofi\AppData\Roaming\data.dat
[2013/04/23 15:22:58 | 001,169,609 | ---- | C] () -- C:\Windows\unins000.exe
[2013/04/23 15:22:58 | 000,081,833 | ---- | C] () -- C:\Windows\unins000.dat
[2012/02/01 13:46:12 | 000,000,336 | ---- | C] () -- C:\Windows\game.ini
[2011/11/22 12:44:53 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2011/11/22 12:44:53 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2011/09/24 09:13:24 | 000,000,098 | ---- | C] () -- C:\Users\HetzerHofi\AppData\Local\fusioncache.dat
[2011/09/24 09:12:44 | 001,568,022 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/09/08 16:24:46 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2011/04/16 13:21:27 | 000,444,283 | ---- | C] () -- C:\Program Files (x86)\Common Files\WinPcapNmap.exe
[2011/02/16 14:29:20 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/02/09 11:47:23 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011/01/31 17:23:51 | 000,031,837 | ---- | C] () -- C:\Users\HetzerHofi\AppData\Roaming\UserTile.png
[2010/06/22 15:05:20 | 000,000,000 | ---- | C] () -- C:\Users\HetzerHofi\AppData\Local\prvlcl.dat
[2010/04/22 05:39:27 | 000,007,168 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2010/04/22 05:36:29 | 000,000,783 | ---- | C] () -- C:\Windows\NTIWVEDT.INI
[2010/02/28 13:15:03 | 000,080,896 | ---- | C] () -- C:\Windows\cadkasdeinst01.exe
[2010/02/03 09:59:27 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/01/26 22:09:02 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2010/01/06 13:36:48 | 000,000,360 | ---- | C] () -- C:\Windows\wininit.ini
[2009/12/11 02:46:59 | 000,000,680 | ---- | C] () -- C:\Users\HetzerHofi\AppData\Local\d3d9caps.dat
[2009/12/05 04:17:48 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/12/05 04:17:39 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/12/05 04:17:30 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/12/04 21:44:31 | 000,153,600 | ---- | C] () -- C:\Users\HetzerHofi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/30 08:41:57 | 000,114,778 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/11/30 08:39:34 | 000,114,778 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/09/23 18:46:04 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009/05/29 20:37:40 | 000,205,824 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009/05/29 20:31:52 | 000,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2009/01/12 12:59:28 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2008/01/20 22:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2007/09/04 06:56:10 | 000,164,352 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2007/04/27 05:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2007/02/05 14:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2006/11/02 11:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 11:02:31 | 000,197,632 | ---- | C] () -- C:\Windows\SysWow64\ir32_32.dll
[2006/11/02 08:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 08:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 08:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 05:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
========== LOP Check ==========
[2009/01/12 14:50:41 | 000,000,000 | ---D | M] -- C:\Users\123\AppData\Roaming\Acer GameZone Console
[2012/03/12 05:46:15 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\ACD Systems
[2009/01/12 14:50:41 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\Acer GameZone Console
[2013/01/28 13:30:15 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\AVG January 2013 Campaign
[2012/06/06 11:29:49 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\AVG2012
[2012/05/16 13:48:31 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\Babylon
[2012/07/29 11:07:29 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\Blender Foundation
[2011/02/26 18:18:01 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\Buonp
[2010/04/22 05:39:37 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\Canneverbe Limited
[2012/12/15 04:28:17 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\DVDVideoSoft
[2012/12/15 04:27:58 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\DVDVideoSoftIEHelpers
[2010/08/03 07:18:58 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\eSobi
[2013/04/27 06:56:06 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\ExpressFiles
[2011/09/08 16:39:06 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\FreeVideoConverter
[2010/04/19 19:41:41 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\Go Go Gourmet
[2010/12/22 12:51:01 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\gtk-2.0
[2011/03/09 04:16:12 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\Guvay
[2012/04/11 13:59:32 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\ICQ
[2013/01/15 13:02:20 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\Iminent
[2011/06/06 04:31:04 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\ITTerritory
[2011/02/26 18:16:42 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\k
[2010/10/27 14:00:41 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\Leadertech
[2011/11/22 13:18:57 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\LG Electronics
[2012/10/05 07:14:42 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\Mael
[2013/01/23 15:37:58 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\MAGIX
[2010/04/19 19:36:40 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\Meridian93
[2010/12/28 19:41:23 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\Mumble
[2012/01/18 01:06:52 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\MusicNet
[2012/02/19 07:02:31 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\Need for Speed World
[2012/12/15 04:27:46 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\OpenCandy
[2012/02/22 03:15:36 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\OpenOffice.org
[2011/01/31 17:23:51 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\PeerNetworking
[2012/03/12 04:56:23 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\PhotoScape
[2010/04/08 07:35:04 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\smc
[2012/08/01 07:48:06 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\TeamViewer
[2013/08/26 05:09:55 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\TS3Client
[2012/12/15 04:28:45 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\TuneUp Software
[2011/12/21 04:22:22 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\Unity
[2011/04/16 13:23:27 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\VDownloader
[2009/12/04 21:49:29 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\VistaCodecs
[2012/06/07 08:59:21 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\Vjaf
[2012/05/16 13:48:28 | 000,000,000 | ---D | M] -- C:\Users\HetzerHofi\AppData\Roaming\YourFileDownloader
[2012/03/12 05:44:52 | 000,000,000 | ---D | M] -- C:\ProgramData\ACD Systems
[2009/01/12 14:50:41 | 000,000,000 | ---D | M] -- C:\ProgramData\Acer GameZone Console
[2009/12/03 12:09:28 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten
[2006/11/02 11:42:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2010/04/19 19:38:05 | 000,000,000 | ---D | M] -- C:\ProgramData\Arcade Lab
[2013/02/08 05:13:58 | 000,000,000 | ---D | M] -- C:\ProgramData\AVG2012
[2012/06/05 11:28:08 | 000,000,000 | ---D | M] -- C:\ProgramData\avg9
[2012/05/16 13:48:32 | 000,000,000 | ---D | M] -- C:\ProgramData\Babylon
[2012/05/16 12:08:51 | 000,000,000 | ---D | M] -- C:\ProgramData\Battle.net
[2013/01/09 22:47:24 | 000,000,000 | ---D | M] -- C:\ProgramData\boost_interprocess
[2012/10/05 07:55:29 | 000,000,000 | ---D | M] -- C:\ProgramData\Browser Manager
[2010/04/22 05:39:36 | 000,000,000 | ---D | M] -- C:\ProgramData\Canneverbe Limited
[2011/03/15 04:10:01 | 000,000,000 | -H-D | M] -- C:\ProgramData\Common Files
[2006/11/02 11:42:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2006/11/02 11:42:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2009/12/03 12:09:28 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente
[2012/02/19 06:10:10 | 000,000,000 | ---D | M] -- C:\ProgramData\Electronic Arts
[2009/01/12 15:04:41 | 000,000,000 | ---D | M] -- C:\ProgramData\eSobi
[2009/12/03 12:09:28 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten
[2006/11/02 11:42:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2011/01/20 13:51:21 | 000,000,000 | ---D | M] -- C:\ProgramData\ICQ
[2010/03/25 07:02:54 | 000,000,000 | ---D | M] -- C:\ProgramData\IM
[2013/01/15 13:02:06 | 000,000,000 | ---D | M] -- C:\ProgramData\Iminent
[2010/03/25 07:02:22 | 000,000,000 | ---D | M] -- C:\ProgramData\IncrediMail
[2013/04/27 15:56:10 | 000,000,000 | ---D | M] -- C:\ProgramData\LGMOBILEAX
[2013/01/23 15:37:58 | 000,000,000 | ---D | M] -- C:\ProgramData\MAGIX
[2010/04/19 19:36:58 | 000,000,000 | ---D | M] -- C:\ProgramData\Meridian93
[2013/05/15 03:48:49 | 000,000,000 | ---D | M] -- C:\ProgramData\MFAData
[2009/12/29 01:27:19 | 000,000,000 | ---D | M] -- C:\ProgramData\PC Drivers HeadQuarters
[2010/03/25 07:02:51 | 000,000,000 | ---D | M] -- C:\ProgramData\PhotoMail
[2011/03/22 03:20:22 | 000,000,000 | ---D | M] -- C:\ProgramData\PMB Files
[2009/12/05 18:41:13 | 000,000,000 | ---D | M] -- C:\ProgramData\SpinTop Games
[2006/11/02 11:42:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2009/12/03 12:09:28 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü
[2013/01/15 12:59:36 | 000,000,000 | ---D | M] -- C:\ProgramData\Tarma Installer
[2012/06/05 11:16:21 | 000,000,000 | ---D | M] -- C:\ProgramData\TEMP
[2006/11/02 11:42:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2012/11/03 18:58:55 | 000,000,000 | ---D | M] -- C:\ProgramData\TERA
[2012/12/15 04:28:45 | 000,000,000 | ---D | M] -- C:\ProgramData\TuneUp Software
[2009/12/29 01:27:21 | 000,000,000 | ---D | M] -- C:\ProgramData\UAB
[2009/12/04 21:49:29 | 000,000,000 | ---D | M] -- C:\ProgramData\VistaCodecs
[2009/12/03 12:09:28 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen
[2012/12/29 21:30:49 | 000,000,000 | ---D | M] -- C:\ProgramData\Wincert
[2010/08/03 06:36:02 | 000,000,000 | ---D | M] -- C:\ProgramData\WindowsSearch
[2010/04/15 19:16:14 | 000,000,000 | ---D | M] -- C:\ProgramData\WinMaximizer
[2010/09/09 05:35:57 | 000,000,000 | ---D | M] -- C:\ProgramData\Zylom
[2011/09/04 12:49:50 | 000,000,000 | -H-D | M] -- C:\ProgramData\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2011/04/28 09:34:04 | 000,000,000 | ---D | M] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2012/12/15 04:28:36 | 000,000,000 | -HSD | M] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2011/09/04 11:35:41 | 000,000,000 | -H-D | M] -- C:\ProgramData\~0
[2013/09/19 19:09:00 | 000,001,136 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-154907131-2759872459-510984776-1000Core.job
[2013/09/20 16:09:03 | 000,001,158 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-154907131-2759872459-510984776-1000UA.job
[2013/09/21 05:16:43 | 000,032,514 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013/09/21 05:15:44 | 000,000,374 | ---- | M] () -- C:\Windows\Tasks\WinMaximizer64-HetzerHofi-Startup.job
[2013/09/21 05:15:47 | 000,000,298 | -H-- | M] () -- C:\Windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:4D066AD2
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:4CF61E54
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:AB689DEA
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:793F316E
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:2634FC95
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:A42A9F39
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:DAFD38AE
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D1B5B4F1
< End of report >
--- --- ---
und die extra log:
OTL Logfile: Code:
OTL Extras logfile created on: 9/21/2013 2:25:19 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
64bit-Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 86.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 96.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 457.75 Gb Total Space | 109.46 Gb Free Space | 23.91% Space Free | Partition Type: NTFS
Drive D: | 3.80 Gb Total Space | 3.76 Gb Free Space | 98.83% Space Free | Partition Type: NTFS
Drive I: | 457.76 Gb Total Space | 195.10 Gb Free Space | 42.62% Space Free | Partition Type: NTFS
Drive J: | 161.69 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 4B DA C8 71 AC 75 CA 01 [binary data]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
========== Firewall Settings ==========
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
"{70E8EBD5-78C9-4258-B20A-5098CCA000F0}" = Dolby Control Center
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{987FE247-4E69-4A2E-A961-D14F901FDBF6}" = Logitech Webcam Software
"{9AD35249-2D3B-4FB6-A292-0E625475A027}" = AVG 2012
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DFE4E6BB-70F0-4292-B7EB-7A3AD48EBB5C}" = AVG 2012
"{F30AE017-6791-43F1-8591-D31EDDDDFF1A}" = MAGIX Speed burnR (MSI)
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"AVG" = AVG 2012
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"TeamSpeak 3 Client" = TeamSpeak 3 Client
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
"{70E8EBD5-78C9-4258-B20A-5098CCA000F0}" = Dolby Control Center
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{987FE247-4E69-4A2E-A961-D14F901FDBF6}" = Logitech Webcam Software
"{9AD35249-2D3B-4FB6-A292-0E625475A027}" = AVG 2012
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DFE4E6BB-70F0-4292-B7EB-7A3AD48EBB5C}" = AVG 2012
"{F30AE017-6791-43F1-8591-D31EDDDDFF1A}" = MAGIX Speed burnR (MSI)
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"AVG" = AVG 2012
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"TeamSpeak 3 Client" = TeamSpeak 3 Client
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\HetzerHofi_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"ExpressFiles" = ExpressFiles
"UnityWebPlayer" = Unity Web Player
"Wajam" = Wajam
"YourFileDownloader" = YourFileDownloader
< End of report >
--- --- --- |
Textbox.