AVASoft Virenscanner Problem....

Sven Rausch · 04.04.2013, 20:08

Ich habe ihn mir heute beim Surfen durch das Netz geholt.
Ich arbeite mit Windows 7, seit einiger Zeit nicht geupdatet, da Window7 irgendwie nicht will! Und den updates prozeß dann wieder rückgäning macht.

Rkill hab ich mir besorgt und im abgesichterten Modus durchlaufen lassen

Hier die Log Datei:

Rkill 2.4.7 by Lawrence Abrams (Grinler)
hxxp://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
hxxp://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 04/04/2013 08:19:11 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* COM+ Event System (EventSystem) is not Running.
Startup Type set to: Automatic

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

* Sikkerhedscenter (wscsvc) is not Running.
Startup Type set to: Automatic (Delayed Start)

* Windows Update (wuauserv) is not Running.
Startup Type set to: Automatic (Delayed Start)

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.255.255.255 activate.adobe.com practivate.adobe.com

Program finished at: 04/04/2013 08:19:23 PM
Execution time: 0 hours(s), 0 minute(s), and 11 seconds(s)

Danach hab ich mir im abgesicherten Modus Malewareantibytes runtergeladen und durch laufen lassen (Abgesicherter Modus).
Hier die Log Dateien:

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.04.04.05

Windows 7 Service Pack 1 x64 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 9.0.8112.16421
Sven :: SVEN-PC [Administrator]

04.04.2013 20:24:13
MBAM-log-2013-04-04 (20-45-19).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|G:\|H:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 106421
Laufzeit: 20 Minute(n), 39 Sekunde(n) [Abgebrochen]

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce|8CEB0A1989F57C4E00008CEA7D3380C2 (Trojan.FakeAlert.RRE) -> Daten: C:\ProgramData\8CEB0A1989F57C4E00008CEA7D3380C2\8CEB0A1989F57C4E00008CEA7D3380C2.exe -> Keine Aktion durchgeführt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\ProgramData\8CEB0A1989F57C4E00008CEA7D3380C2\8CEB0A1989F57C4E00008CEA7D3380C2.exe (Trojan.FakeAlert.RRE) -> Keine Aktion durchgeführt.

(Ende)

Habe nach dem Fund, auf entfernen gedrückt!
Habe nun mein system wieder im Normal Modus laufen!!!
Allerdings erscheint in der Windowsprogramm leiste ( Links unten) immer noch dieses Ominöse Program.

Wie gehe ich weiter vor....
Ich lasse es nochmal durchlaufen und freue mich auf die nächste Log datei ;-)

Viele liebe grüsse an euch!

DerJazzer · 04.04.2013, 20:21

Hallo und

Ich bin Christoph alias DerJazzer. Ich werde dich durch die Bereinigung begleiten und bin währenddessen dein Ansprechpartner für dieses Thema.

Je nach Art der vorliegenden Infektion kann viel Arbeit und ein großer Zeiteinsatz auf dich (und auf mich) zukommen. Ein Neuaufsetzen ist damit meist als der schnellere, aber immer als der sicherere Weg zu betrachten.

Für den Erfolg der Bereinigung gilt:
Ich kann dir zu keinem Zeitpunkt garantieren, dass der PC nach der Bereinigung auch wirklich frei von Malware ist!

Wenn du das akzeptierst, bitte ich dich, hier so lange mitzuarbeiten, bis ich dir sage, dass der PC aus meiner Sicht malwarefrei ist.

Um die Bereinigung so effektiv und nervenschonend wie möglich zu gestalten, bitte ich dich, folgende Punkte ebenfalls zu beachten:

Bitte arbeite alle Schritte in der von mir genannten Reihenfolge nacheinander ab.
Bitte lies dir meine Anleitungen einmal kurz durch, bevor du beginnst. Solltest du Fragen haben, stelle sie bitte hier im Thema.
Sollten während des Abarbeitens der Anleitungen und des Einsaztes der geforderten Tools Probleme auftauchen, stoppe bitte bei dem betreffenden Schritt und beschreibe dein Problem so genau wie möglich.
Bitte setze keine Tools auf eigene Faust ein, sondern benutze nur von mir ausdrücklich geforderte Tools. Ebenso bitte ich dich, während der Bereinigung keine neuen Programme ohne meine Aufforderung zu installieren.
Im Interesse der Höflichkeit (auch im "anonymen" Internet!) appelliere ich an dich, sog. Crossposting (Posten deines Problems in mehreren Foren) auch aus Wertschätzung meiner Arbeit zu unterlassen.

Um mir das Auswerten deiner Logs (Berichte der verwendeten Programme) zu erleichtern, bitte ich dich, diese zwischen Code-Tags zu posten. Dazu drückst du einfach den #-Button im Antwortfenster und fügst dort zwischen den eckigen Klammern dein Log ein. Das sieht dann so aus: [CODE] eingefügtes Log [/CODE]

Vista und Win7 User
Alle Tools mit Rechtsklick "als Administrator ausführen" starten.

Um eine weitere Analyse zu ermöglichen, befolge bitte die hier geschilderten Anweisungen und poste die geforderten Logfiles.

Bitte poste in deiner nächsten Antwort

OTL.txt & Extras.txt
Gmer.txt

Sven Rausch · 04.04.2013, 20:48

Hier die OTL.txt

Code:

ATTFilter

OTL logfile created on: 04.04.2013 21:27:49 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Downloads\Software
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Tyskland | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 0,37 Gb Available Physical Memory | 18,74% Memory free
3,98 Gb Paging File | 2,04 Gb Available in Paging File | 51,25% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297,99 Gb Total Space | 41,95 Gb Free Space | 14,08% Space Free | Partition Type: NTFS
Drive G: | 29,41 Mb Total Space | 25,35 Mb Free Space | 86,19% Space Free | Partition Type: FAT
Drive H: | 14,90 Gb Total Space | 6,83 Gb Free Space | 45,83% Space Free | Partition Type: FAT32
 
Computer Name: SVEN-PC | User Name: Sven | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.04.04 21:26:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Downloads\Software\OTL.exe
PRC - [2013.03.27 17:43:12 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013.03.27 17:43:11 | 000,083,680 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\program files (x86)\avira\antivir desktop\ipmGui.exe
PRC - [2013.03.27 17:43:02 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.03.27 17:43:02 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.03.17 19:08:22 | 000,706,776 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe
PRC - [2013.03.12 09:05:50 | 029,106,336 | ---- | M] (Dropbox, Inc.) -- C:\Users\Sven\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013.02.13 13:35:34 | 001,393,744 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\mshaktuell.exe
PRC - [2013.01.17 00:06:36 | 006,860,288 | ---- | M] (FreeDownloadManager.ORG) -- C:\Program Files (x86)\Free Download Manager\fdm.exe
PRC - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.12.14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.11.10 20:35:14 | 000,510,976 | ---- | M] () -- C:\ProgramData\BOINC\projects\www.enigmaathome.net\wrapper_5.32_windows_intelx86.exe
PRC - [2012.11.10 20:35:12 | 000,057,856 | ---- | M] () -- C:\ProgramData\BOINC\slots\1\enigma_0.76.exe
PRC - [2012.11.10 20:35:12 | 000,057,856 | ---- | M] () -- C:\ProgramData\BOINC\slots\0\enigma_0.76.exe
PRC - [2011.12.22 00:11:26 | 003,961,464 | ---- | M] (Eye-Fi, Inc.) -- C:\Program Files (x86)\Eye-Fi\Helper\EyeFiHelper.exe
PRC - [2011.01.27 17:51:04 | 002,253,688 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2010.11.02 21:32:28 | 000,138,440 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\NokiaInternetModem_AppStart.exe
PRC - [2010.09.14 18:09:52 | 001,213,848 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2010.07.27 02:44:03 | 000,137,680 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
PRC - [2009.12.18 11:58:28 | 000,057,344 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\nlssrv32.exe
PRC - [2009.08.11 12:19:48 | 006,798,714 | ---- | M] () -- C:\Program Files (x86)\Datacolor\Spyder3Express\Utility\Spyder3Utility.exe
PRC - [2008.08.28 19:34:14 | 013,145,448 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files (x86)\Adobe\Adobe Bridge CS4\Bridge.exe
PRC - [2006.06.09 01:11:00 | 000,024,576 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files (x86)\Creative\Creative Live! Cam\VideoFX\StartFX.exe
PRC - [2006.06.07 19:00:00 | 000,032,768 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\V0250Mon.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.02.13 13:36:30 | 002,980,944 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wcore13.dll
MOD - [2013.02.13 13:35:44 | 006,758,480 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wkont13.dll
MOD - [2013.02.13 13:35:38 | 001,313,872 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wfabu13.dll
MOD - [2013.02.13 13:35:34 | 001,393,744 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\mshaktuell.exe
MOD - [2013.02.13 13:35:30 | 002,152,528 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wfvie13.dll
MOD - [2013.02.13 13:35:29 | 001,230,848 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wimp13.dll
MOD - [2013.02.13 13:35:28 | 001,467,984 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wmain13.dll
MOD - [2013.02.13 13:35:26 | 000,136,272 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\rsodbc48.dll
MOD - [2013.02.13 13:35:25 | 001,310,800 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wwerb13.dll
MOD - [2013.02.13 13:35:24 | 001,202,768 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\whau213.dll
MOD - [2013.02.13 13:35:24 | 001,150,032 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\whau113.dll
MOD - [2013.02.13 13:35:24 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\rsdcom48.dll
MOD - [2013.02.13 13:35:23 | 004,923,984 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wbae113.dll
MOD - [2013.02.13 13:35:20 | 001,747,024 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wbae313.dll
MOD - [2013.02.13 13:35:20 | 001,556,048 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wbae413.dll
MOD - [2013.02.13 13:35:19 | 001,367,632 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wbae213.dll
MOD - [2013.02.13 13:35:06 | 008,907,856 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wgui13.dll
MOD - [2013.02.13 13:34:43 | 001,716,304 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wreli13.dll
MOD - [2013.02.13 13:34:42 | 001,604,176 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wsteu13.dll
MOD - [2013.02.13 13:34:41 | 000,321,104 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\rsguiwinapi48.dll
MOD - [2013.02.13 13:34:39 | 000,308,816 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\rscorewinapi48.dll
MOD - [2013.02.12 13:25:57 | 004,128,848 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wauff13.dll
MOD - [2013.02.12 13:03:49 | 001,041,408 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\clucene-core.dll
MOD - [2013.02.12 13:03:49 | 000,251,392 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\clucene-contribs-lib.dll
MOD - [2013.02.12 13:03:49 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\clucene-shared.dll
MOD - [2013.01.11 04:22:32 | 003,547,136 | ---- | M] () -- C:\Program Files (x86)\Free Download Manager\fdmbtsupp.dll
MOD - [2013.01.11 04:17:32 | 000,105,984 | ---- | M] () -- C:\Program Files (x86)\Free Download Manager\fdmumsp.dll
MOD - [2012.11.10 20:35:14 | 000,510,976 | ---- | M] () -- C:\ProgramData\BOINC\projects\www.enigmaathome.net\wrapper_5.32_windows_intelx86.exe
MOD - [2012.11.10 20:35:12 | 000,057,856 | ---- | M] () -- C:\ProgramData\BOINC\slots\1\enigma_0.76.exe
MOD - [2012.11.10 20:35:12 | 000,057,856 | ---- | M] () -- C:\ProgramData\BOINC\slots\0\enigma_0.76.exe
MOD - [2011.12.22 00:05:12 | 000,014,848 | ---- | M] () -- C:\Program Files (x86)\Eye-Fi\Helper\Locales\de\Helper.dll
MOD - [2011.12.21 23:59:12 | 000,133,120 | ---- | M] () -- C:\Program Files (x86)\Eye-Fi\Helper\libexif.dll
MOD - [2011.12.21 23:56:16 | 000,209,408 | ---- | M] () -- C:\Program Files (x86)\Eye-Fi\Helper\libopenraw.dll
MOD - [2011.09.27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.09.27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010.11.02 21:33:02 | 000,028,160 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\ressources\plugins\DiscoveryGeneric.plugin
MOD - [2010.11.02 21:33:02 | 000,017,408 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\ressources\plugins\DiscoveryNdis.plugin
MOD - [2010.11.02 21:32:30 | 001,048,064 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\wxmsw28u_core_vc_custom.dll
MOD - [2010.11.02 21:32:30 | 000,759,808 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\UIToolkit.dll
MOD - [2010.11.02 21:32:30 | 000,726,528 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\wxbase28u_vc_custom.dll
MOD - [2010.11.02 21:32:30 | 000,506,368 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\Toolkit.dll
MOD - [2010.11.02 21:32:28 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\pcre3.dll
MOD - [2010.11.02 21:32:28 | 000,138,440 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\NokiaInternetModem_AppStart.exe
MOD - [2010.11.02 21:32:28 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\Preferences.dll
MOD - [2010.11.02 21:32:26 | 000,311,296 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\Device.dll
MOD - [2010.11.02 21:32:26 | 000,246,784 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\DB.dll
MOD - [2010.11.02 21:32:26 | 000,125,952 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\Discovery.dll
MOD - [2010.11.02 21:32:26 | 000,058,880 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\DriveDetector.dll
MOD - [2010.11.02 21:32:24 | 000,088,576 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\ComCore.dll
MOD - [2009.08.11 12:19:48 | 006,798,714 | ---- | M] () -- C:\Program Files (x86)\Datacolor\Spyder3Express\Utility\Spyder3Utility.exe
MOD - [2009.08.11 12:19:48 | 000,897,024 | ---- | M] () -- C:\Program Files (x86)\Datacolor\Spyder3Express\Utility\Spyder3Utility Libs\RBScript.dll
MOD - [2009.08.11 12:19:48 | 000,762,368 | ---- | M] () -- C:\Program Files (x86)\Datacolor\Spyder3Express\Utility\Spyder3Utility Libs\XML.dll
MOD - [2009.08.11 12:19:48 | 000,335,872 | ---- | M] () -- C:\Program Files (x86)\Datacolor\Spyder3Express\Utility\Spyder3Utility Libs\CGamma.dll
MOD - [2009.08.11 12:19:48 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\Datacolor\Spyder3Express\Utility\Spyder3Utility Libs\RegEx.dll
MOD - [2009.08.11 12:19:48 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Datacolor\Spyder3Express\Utility\Spyder3Utility Libs\Appearance Pak.dll
MOD - [2009.08.11 12:19:48 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Datacolor\Spyder3Express\Utility\Spyder3Utility Libs\CSensor.dll
MOD - [2009.08.11 12:19:48 | 000,098,304 | ---- | M] () -- C:\Program Files (x86)\Datacolor\Spyder3Express\Utility\Spyder3Utility Libs\Shell.dll
MOD - [2009.08.11 12:19:48 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Datacolor\Spyder3Express\Utility\Spyder3Utility Libs\MBSRegistrationPlugin16042.dll
MOD - [2009.08.11 12:19:48 | 000,025,600 | ---- | M] () -- C:\Program Files (x86)\Datacolor\Spyder3Express\Utility\Spyder3Utility Libs\MBSPluginVersionPlugin16042.dll
MOD - [2008.08.28 16:54:56 | 000,891,904 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Bridge CS4\FileInfo.dll
MOD - [2008.08.28 16:54:56 | 000,502,272 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Bridge CS4\AdobeXMPFiles.dll
MOD - [2008.08.28 16:54:56 | 000,424,960 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Bridge CS4\AdobeXMP.dll
MOD - [2008.08.28 16:53:58 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Bridge CS4\Symlib.dll
MOD - [2008.08.28 16:47:50 | 002,748,416 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Bridge CS4\LIBMYSQLD.dll
MOD - [2006.06.09 16:48:52 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\Creative\Creative Live! Cam\VideoFX\EyeCatcherEx.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2010.04.10 19:30:35 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013.03.27 17:43:12 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.03.27 17:43:02 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.03.17 20:08:22 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.07.03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.05.29 13:25:58 | 000,080,256 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\ezGOSvc.dll -- (ezGOSvc)
SRV - [2011.01.27 17:51:04 | 002,253,688 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2010.07.27 02:44:03 | 000,137,680 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE -- (IJPLMSVC)
SRV - [2010.04.10 19:30:26 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.12.18 11:58:28 | 000,057,344 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\nlssrv32.exe -- (nlsX86cc)
SRV - [2009.10.27 09:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.03.27 17:43:15 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013.03.27 17:43:15 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013.03.27 17:43:15 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012.12.14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.08.21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.07.15 21:21:32 | 000,828,912 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.09.23 01:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010.04.22 16:07:26 | 000,098,304 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nokia_cs1x_cdc_acm.sys -- (nokia_cs1x_cdc_acm)
DRV:64bit: - [2010.04.22 16:07:26 | 000,097,280 | ---- | M] (Nokia) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nokia_cs1x_dc_enum.sys -- (nokia_cs1x_dc_enum)
DRV:64bit: - [2010.04.22 16:07:26 | 000,053,760 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nokia_cs1x_cdc_ecm.sys -- (nokia_cs1x_cdc_ecm)
DRV:64bit: - [2010.04.22 16:07:26 | 000,013,824 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nokia_cs1x_cpo.sys -- (nokia_cs1x_cpo)
DRV:64bit: - [2010.04.19 20:29:18 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2009.10.22 15:10:30 | 000,069,320 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2009.10.22 15:09:12 | 000,084,808 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2009.10.06 11:56:34 | 000,172,544 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2009.10.06 11:54:18 | 000,008,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64j.sys -- (UsbserFilt)
DRV:64bit: - [2009.10.06 11:53:56 | 000,025,088 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdcx64)
DRV:64bit: - [2009.10.06 11:53:56 | 000,008,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2009.10.06 11:53:54 | 000,018,944 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64)
DRV:64bit: - [2009.09.23 19:23:02 | 006,180,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.02 00:05:32 | 000,187,392 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2008.09.08 18:26:20 | 000,015,360 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Spyder3.sys -- (Spyder3)
DRV:64bit: - [2008.08.28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2008.06.27 07:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV:64bit: - [2006.06.27 05:17:14 | 000,219,328 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\V0250Dev.sys -- (V0250Dev)
DRV:64bit: - [2006.05.05 08:14:04 | 000,010,752 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\V0250Vfx.sys -- (V0250Vfx)
DRV:64bit: - [2005.09.24 00:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.facebook.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://dk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = da
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 73 37 CD EB C8 6E CA 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {9A06E93B-73F6-4FAA-9765-B567D0542B62}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{612A4701-C1F5-45AC-8B86-9C46516883FD}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=8CF3F8FB-5BA0-4A89-B200-3A336220F72E&apn_sauid=90D25B16-8F3F-4013-A8E3-AA320D6BE642
IE - HKCU\..\SearchScopes\{9A06E93B-73F6-4FAA-9765-B567D0542B62}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.facebook.com/|hxxp://www.fotorausch.dk/|hxxp://www.mygall.net/memberaccount.php"
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..browser.startup.homepage: "hxxp://www.hiergehtslos.de"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..keyword.URL: "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=&locale=&apn_uid=8CF3F8FB-5BA0-4A89-B200-3A336220F72E&apn_ptnrs=&apn_sauid=90D25B16-8F3F-4013-A8E3-AA320D6BE642&apn_dtid=OSJ000&&q="
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/CCBPL: C:\Program Files (x86)\Canon\APU\npCCBPLFirefox.dll (Canon Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_39: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Sven\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Sven\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
 
 
[2010.05.15 22:08:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sven\AppData\Roaming\mozilla\Extensions
[2012.11.05 13:33:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sven\AppData\Roaming\mozilla\Firefox\Profiles\rfki08v6.default\extensions
[2012.09.04 22:18:01 | 000,002,299 | ---- | M] () -- C:\Users\Sven\AppData\Roaming\mozilla\firefox\profiles\rfki08v6.default\searchplugins\askcom.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: 
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Sven\appdata\local\google\chrome\application\26.0.1410.43\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Sven\appdata\local\google\chrome\application\26.0.1410.43\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Sven\appdata\local\google\chrome\application\26.0.1410.43\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files (x86)\Canon\APU\npCCBPLFirefox.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U32 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.320.5 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - Extension: YouTube = C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google-Suche = C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Mail = C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2010.02.12 23:24:15 | 000,000,884 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.255.255.255 activate.adobe.com practivate.adobe.com 
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Free Download Manager) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
O2 - BHO: (Reg Error: Value error.) - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files (x86)\PicLensIE\cooliris.dll (Cooliris Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [boincmgr] C:\Program Files\BOINC\boincmgr.exe (Space Sciences Laboratory)
O4:64bit: - HKLM..\Run: [boinctray] C:\Program Files\BOINC\boinctray.exe (Space Sciences Laboratory)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVFX Engine] C:\Program Files (x86)\Creative\Creative Live! Cam\VideoFX\StartFX.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [NokiaInternetModem_AppStart.exe] C:\Program Files (x86)\Nokia\Nokia Internet Modem\NokiaInternetModem_AppStart.exe ()
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [V0250Cfg.exe] C:\Windows\V0250Cfg.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [V0250Mon.exe] C:\Windows\V0250Mon.exe (Creative Technology Ltd.)
O4 - HKCU..\Run: [AdobeBridge] C:\Program Files (x86)\Adobe\Adobe Bridge CS4\Bridge.exe (Adobe Systems, Inc.)
O4 - HKCU..\Run: [Eye-Fi] C:\Program Files (x86)\Eye-Fi\Helper\EyeFiHelper.exe (Eye-Fi, Inc.)
O4 - HKCU..\Run: [Free Download Manager] C:\Program Files (x86)\Free Download Manager\fdm.exe (FreeDownloadManager.ORG)
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe File not found
O4 - Startup: C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Sven\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk = C:\Program Files (x86)\WISO\Steuersoftware 2013\mshaktuell.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8:64bit: - Extra context menu item: Download alle med Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8:64bit: - Extra context menu item: Download med Free Download Manager - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8:64bit: - Extra context menu item: Download valgte med Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8:64bit: - Extra context menu item: Download video with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8:64bit: - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8:64bit: - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8:64bit: - Extra context menu item: Search Image on TinEye - C:\Users\Sven\Documents\TinEye IE Plugin\TinEye.js ()
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: Download alle med Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Download med Free Download Manager - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Download valgte med Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Download video with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8 - Extra context menu item: Search Image on TinEye - C:\Users\Sven\Documents\TinEye IE Plugin\TinEye.js ()
O9 - Extra Button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files (x86)\PicLensIE\cooliris.dll (Cooliris Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15:64bit: - ..Trusted Domains: danid.dk ([]http in Trusted sites)
O15:64bit: - ..Trusted Domains: danid.dk ([]https in Trusted sites)
O15 - HKLM\..Trusted Domains: danid.dk ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: danid.dk ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: danid.dk ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: danid.dk ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: danskebank.dk ([]* in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {19D6A3D5-EA50-4C3B-88F0-79627C325570} hxxp://iloapp.fotorausch.dk/gallery/executable/IlosoftMultipleImageUpload.dll (IlosoftMultipleImageCtrl Class)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} hxxp://dkbn.dk/imageuploader/ImageUploader5.cab (Image Uploader Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 1.6.0_39)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} hxxp://lads.myspace.com/upload/MySpaceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {ADACAA8F-3595-47FE-9C31-9C7471B9BEC7} hxxp://217.7.212.168/cab/OCXChecker_8320.cab (OCXDownloadChecker Control)
O16 - DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 1.6.0_39)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 1.6.0_39)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab (e-Safekey)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{45940A75-94BF-43AF-8967-DDA36A417BEF}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BF1AB261-E711-4693-8DA5-3FEF65A44F1E}: DhcpNameServer = 62.44.166.69 62.44.166.197
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DE45C950-FFDD-47DD-9CF8-4B8539479346}: DhcpNameServer = 194.239.134.83 193.162.153.164
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.04.04 20:23:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.04.04 20:23:30 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.04.04 20:23:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.04.04 20:08:30 | 000,000,000 | ---D | C] -- C:\Users\Sven\Desktop\rkill
[2013.04.04 20:08:18 | 001,752,992 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\Sven\Desktop\Maus.exe.com
[2013.04.04 19:44:07 | 000,000,000 | ---D | C] -- C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVASoft Professional Antivirus
[2013.04.04 19:38:00 | 000,000,000 | ---D | C] -- C:\ProgramData\8CEB0A1989F57C4E00008CEA7D3380C2
[2013.03.27 17:43:39 | 000,130,016 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.03.27 17:43:39 | 000,100,712 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.03.27 17:43:39 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.04.04 21:13:01 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4227535391-2076138595-3690493484-1000UA.job
[2013.04.04 21:08:02 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.04 20:56:14 | 000,013,632 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.04 20:56:14 | 000,013,632 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.04 20:48:08 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.04.04 20:47:23 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.04.04 20:47:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.04 20:47:01 | 1602,985,984 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.04 20:32:16 | 000,000,136 | ---- | M] () -- C:\Windows\SIERRA.INI
[2013.04.04 20:23:31 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.04.04 20:14:14 | 000,000,000 | ---- | M] () -- C:\Users\Sven\Desktop\Maus.exe64.com
[2013.04.04 20:08:21 | 001,752,992 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\Sven\Desktop\Maus.exe.com
[2013.04.04 19:44:07 | 000,002,066 | ---- | M] () -- C:\Users\Sven\Desktop\AVASoft Professional Antivirus.lnk
[2013.04.04 19:35:33 | 000,037,722 | ---- | M] () -- C:\Users\Sven\Desktop\colorbeauty5.jpg
[2013.04.04 13:13:00 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4227535391-2076138595-3690493484-1000Core.job
[2013.04.03 22:02:14 | 001,373,392 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.04.03 22:02:14 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.04.03 22:02:14 | 000,507,212 | ---- | M] () -- C:\Windows\SysNative\perfh006.dat
[2013.04.03 22:02:14 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.04.03 22:02:14 | 000,097,474 | ---- | M] () -- C:\Windows\SysNative\perfc006.dat
[2013.04.01 21:14:13 | 000,002,362 | ---- | M] () -- C:\Users\Sven\Desktop\Google Chrome.lnk
[2013.03.31 22:31:51 | 000,760,437 | ---- | M] () -- C:\Users\Sven\Desktop\Daten-und-Fakten-2_2012.pdf
[2013.03.28 21:32:18 | 000,001,047 | ---- | M] () -- C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013.03.27 17:43:15 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.03.27 17:43:15 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.03.27 17:43:15 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013.03.25 19:00:53 | 000,004,135 | ---- | M] () -- C:\Users\Sven\Desktop\Modelrelease_de Fineartprints.pdf
[2013.03.09 02:26:09 | 000,015,384 | ---- | M] () -- C:\Users\Sven\Documents\kameraaufbau.odt
[4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.04.04 20:23:31 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.04.04 20:14:14 | 000,000,000 | ---- | C] () -- C:\Users\Sven\Desktop\Maus.exe64.com
[2013.04.04 19:44:07 | 000,002,066 | ---- | C] () -- C:\Users\Sven\Desktop\AVASoft Professional Antivirus.lnk
[2013.04.04 19:37:54 | 000,037,722 | ---- | C] () -- C:\Users\Sven\Desktop\colorbeauty5.jpg
[2013.03.31 22:31:51 | 000,760,437 | ---- | C] () -- C:\Users\Sven\Desktop\Daten-und-Fakten-2_2012.pdf
[2013.03.25 19:00:52 | 000,004,135 | ---- | C] () -- C:\Users\Sven\Desktop\Modelrelease_de Fineartprints.pdf
[2013.03.09 02:26:08 | 000,015,384 | ---- | C] () -- C:\Users\Sven\Documents\kameraaufbau.odt
[2013.02.26 13:10:19 | 000,000,638 | ---- | C] () -- C:\Windows\wiso.ini
[2012.12.16 23:30:26 | 000,177,908 | ---- | C] () -- C:\Users\Sven\20121216-_MG_4794.jpg
[2012.12.16 23:29:54 | 000,194,379 | ---- | C] () -- C:\Users\Sven\20121216-_MG_4793.jpg
[2012.12.16 23:29:40 | 000,141,784 | ---- | C] () -- C:\Users\Sven\20121216-_MG_4792.jpg
[2012.09.09 19:16:29 | 000,000,136 | ---- | C] () -- C:\Windows\SIERRA.INI
[2011.09.26 23:06:34 | 000,019,926 | -H-- | C] () -- C:\Users\Sven\ZbThumbnail.info
[2011.07.08 21:36:21 | 000,080,256 | ---- | C] () -- C:\Windows\SysWow64\ezGOSvc.dll
[2011.06.22 21:12:06 | 000,876,278 | ---- | C] () -- C:\Users\Sven\fv.jpg
[2011.06.22 21:12:06 | 000,603,243 | ---- | C] () -- C:\Users\Sven\cxch.jpg
[2011.02.13 18:19:26 | 000,000,268 | ---- | C] () -- C:\Users\Sven\AppData\Roaming\.ptbt0
[2011.02.13 15:56:33 | 000,007,671 | ---- | C] () -- C:\Users\Sven\AppData\Local\Resmon.ResmonCfg
[2010.09.05 10:10:30 | 000,033,134 | ---- | C] () -- C:\Users\Sven\AppData\Roaming\UserTile.png
[2010.04.11 17:32:44 | 000,018,967 | ---- | C] () -- C:\Users\Sven\.recently-used.xbel
[2010.01.29 20:10:50 | 000,012,800 | ---- | C] () -- C:\Users\Sven\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.01.14 20:16:46 | 000,000,000 | ---- | C] () -- C:\Users\Sven\temp.dat
[2009.11.26 22:04:16 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2011.09.16 02:15:43 | 000,000,000 | -HSD | M] -- C:\Users\Sven\AppData\Roaming\.#
[2010.01.14 06:30:51 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\.purple
[2010.02.02 12:59:20 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\ACD Systems
[2011.04.27 23:04:50 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Anthropics
[2011.07.15 21:25:09 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\AquaSoft
[2012.04.15 22:03:24 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Avery
[2012.11.05 09:43:44 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Azureus
[2013.02.26 13:05:00 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Buhl Data Service
[2012.07.13 00:24:20 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Canon
[2009.11.30 21:05:01 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\CD-LabelPrint
[2012.11.05 17:12:32 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\com.adobe.newhope.NHProject.prod.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1
[2011.08.07 14:01:50 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\com.flashgallerycom.photoGalleryBuilder.BE456FDD426FDC61C9F8B47A33E5FBCFF9D5695C.1
[2010.01.08 08:24:43 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Cryptomathic
[2013.04.04 20:48:29 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Dropbox
[2012.08.03 00:37:29 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\DVDVideoSoft
[2010.04.27 13:50:40 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\EuroTalk
[2013.04.04 21:37:39 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Eye-Fi
[2010.12.24 13:06:50 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\FILEminimizerPictures
[2013.01.09 01:39:21 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\FileZilla
[2013.04.04 21:27:20 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Free Download Manager
[2011.02.05 12:42:42 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\GetRightToGo
[2011.07.09 08:05:53 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\go
[2010.04.11 17:32:44 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\gtk-2.0
[2010.01.09 07:45:18 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\MAGIX
[2010.07.13 21:51:26 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Nik Software
[2010.05.11 21:56:19 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Nokia
[2012.08.03 00:32:07 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\OpenCandy
[2009.12.02 12:45:22 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\OpenOffice.org
[2010.05.11 21:56:32 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\PC Suite
[2010.04.28 17:26:23 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Photo! 3D Album
[2009.11.29 03:09:53 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Photo! Web Album
[2013.04.04 20:32:34 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Software Informer
[2011.01.31 23:54:49 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\TeamViewer
[2011.09.26 23:27:44 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\TiltShift.E66C440A17F1D70FFD66FDB4568328647297CFDC.1
[2011.12.27 11:33:08 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Titanium
[2012.08.03 00:33:09 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\TuneUp Software
[2009.11.26 21:47:06 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Zoner
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >

hier die extras.txt Datei

Code:

ATTFilter

OTL Extras logfile created on: 04.04.2013 21:27:49 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Downloads\Software
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Tyskland | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 0,37 Gb Available Physical Memory | 18,74% Memory free
3,98 Gb Paging File | 2,04 Gb Available in Paging File | 51,25% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297,99 Gb Total Space | 41,95 Gb Free Space | 14,08% Space Free | Partition Type: NTFS
Drive G: | 29,41 Mb Total Space | 25,35 Mb Free Space | 86,19% Space Free | Partition Type: FAT
Drive H: | 14,90 Gb Total Space | 6,83 Gb Free Space | 45,83% Space Free | Partition Type: FAT32
 
Computer Name: SVEN-PC | User Name: Sven | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{080F3DAE-99CD-4CED-BC31-40FE5DA7D4EC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{0D7763AD-4E25-4A9B-A3D4-C634E945841A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{0E49E8BF-D880-4B5A-AD19-FDC76AEE4A6D}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{18B29922-6464-40F7-8830-384ADC32E891}" = rport=139 | protocol=6 | dir=out | app=system | 
"{2C421F34-3AAD-4FC7-88E6-A8A0AC2273CE}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | 
"{2E06D69A-9AA7-4808-B2B2-071809ECDF3F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{32976D50-E56A-4B8A-9A5D-17E637981C52}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{34C6492F-68B4-4665-AA80-291CB6B2C41D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{46FB5134-365E-4C87-A5F3-B4198472E143}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{5BA62470-F620-42B5-B753-E09B3D451F7B}" = rport=137 | protocol=17 | dir=out | app=system | 
"{5D7DCAC2-597A-4622-8769-7A26B5BA142E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{631EEE9C-C675-483B-B6F5-F534AA89957E}" = lport=139 | protocol=6 | dir=in | app=system | 
"{6840137C-1513-43CE-BB1B-9B41A83800D2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{6F1E3BB0-CE91-435A-ACE4-C4A08E0450BA}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{72C8463D-FA32-425E-9B79-BFE86BD41870}" = lport=445 | protocol=6 | dir=in | app=system | 
"{7B646A5C-3671-40D1-9379-1D1ED15513C8}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 | 
"{7BFCCF27-2A66-4D9D-9AB1-C1BFF4384C42}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{80495C4D-8827-45D4-8A50-050527910A5F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{84F0AFF0-0BF2-47F0-B568-B66D0C6B0678}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{9F8AF6CA-AE02-4EC6-BF35-91F7AC12FB74}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{A6062DC1-DE39-4935-B43C-5F4CB0828D6B}" = lport=137 | protocol=17 | dir=in | app=system | 
"{ACDE4067-357F-42ED-B5EA-29605F6D9210}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{AD79C4A7-72FE-4F20-9B65-606DC2B72872}" = rport=445 | protocol=6 | dir=out | app=system | 
"{B92EACAD-169D-4974-84C7-E23A7B958FD4}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{CD7F4369-0DC6-41E9-B49A-844723D0D726}" = lport=138 | protocol=17 | dir=in | app=system | 
"{E36C72B1-7AD1-4542-A677-321DFC65B87F}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{FD18EF3F-79DB-4CC7-93BF-54FB080C2C83}" = rport=138 | protocol=17 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00C79B09-7E6D-47D6-950A-3D6F6B0D7B45}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\rm.exe | 
"{05090626-A542-47A0-9E50-0C48FECEED23}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{0A9048B9-2C77-4DE6-AED2-88B7975E378B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{10286EF1-5FC8-4254-BBFF-4FAE441FE923}" = protocol=6 | dir=in | app=c:\users\sven\appdata\roaming\dropbox\bin\dropbox.exe | 
"{17CFCC9A-E6A5-4549-B3E4-529ECD8319ED}" = protocol=6 | dir=out | app=system | 
"{1E2B3CBC-5659-4D71-B035-F31A662E5274}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{27B1886D-8A5A-4946-9059-DE217C4F1BEE}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe | 
"{3193D79E-260C-4DDC-9701-1E8C80C5C7C5}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\studio.exe | 
"{33C51BF9-EC5B-4713-B0D3-34EA03CD1897}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{3F678836-B07C-4785-B51B-FBEEFB4B9052}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe | 
"{41411783-86CA-4F12-8A7D-C7D1DA45484B}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe | 
"{43204A2B-CC1E-46D3-B0F7-10B8DBF80702}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{525BA90F-9BAD-4A45-A546-0C2E90CF3318}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{56F942B6-C3EE-4EA7-B2F7-733B5C0E58F3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{5D6287A9-E1E1-4300-86A5-6F3D517FE800}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{61729FCD-34CB-499A-822A-A8EF6EC4848B}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version5\teamviewer.exe | 
"{6453FD17-D551-48D1-8946-2CF1F28C64F8}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{67CADADB-86E9-40F0-8A31-EC82D967BFEC}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\umi.exe | 
"{6A6FD1D4-A4CF-45DF-BC3C-57DF4949CF35}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{6F40AAC0-30B0-49EA-9830-9BD71CD0BD52}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{70C7E918-E6E6-4983-A726-4D64C6C58C34}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\umi.exe | 
"{7B9350ED-C215-4518-BD59-D3A07FEFB8B3}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{7EC22303-389E-4A57-AA07-6F9D008B037B}" = protocol=17 | dir=in | app=c:\users\sven\appdata\roaming\dropbox\bin\dropbox.exe | 
"{8BAF8A59-474A-4A37-BEC4-15D32D4DF43A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{92380B61-77F7-46B6-8027-A1CEB8C90355}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{9661686E-9233-4570-84EC-CB12FCC5ABFA}" = protocol=6 | dir=in | app=c:\ubisoft\silent hunter 5\sh5.exe | 
"{968D8035-5E87-42D8-BF1B-50F970118447}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{9A799DBA-C1BA-4BAF-B3F8-ABD7CB1B6C50}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe | 
"{A442D292-86D3-4193-B2A3-BD0FC958949D}" = protocol=17 | dir=in | app=c:\ubisoft\silent hunter 5\sh5.exe | 
"{A73C277D-6258-432B-933B-2342815A0045}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{AD18E185-0D7C-4142-812B-2D7EB2EF9021}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{B0FA2B43-EB72-4FAC-8F6E-5ED7716F7277}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{B39508FD-38BD-4DA4-95B3-24BE353480DD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{B5F48EC2-34A6-4A61-92E5-AB3055D22693}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{B90EF88C-1CC4-4545-A6DE-4C3B46C93B0B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{BC58FBE2-FBC3-4369-BA98-2AF24889E05D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{C37C6EA7-3AA5-434F-B3CE-C80588CBE0B8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{CD2F3662-E6B0-461B-904B-C2BC1972399B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{D1EF402A-9CBB-4009-8162-EC6527515B97}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{D6111495-32C5-4B81-B51C-F47128751042}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version5\teamviewer.exe | 
"{D7B2FFCA-052D-4BDC-AFE7-F6CFE2A16245}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\rm.exe | 
"{DD4E8701-D547-45FD-8CE5-96BCFAE888AC}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{E0E20085-D7B1-4179-AB77-80EF1C900B49}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{F87D10A7-9944-4FD8-93F2-C2B38CF70550}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe | 
"{F9A33EDD-4AA0-4D17-AEC6-1A5CC1EB0595}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe | 
"{FF2BCAC8-6E78-4A39-9BE9-BECFF2310E2B}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\studio.exe | 
"TCP Query User{BFC62941-92D5-496F-AA75-72BAADCED752}C:\program files (x86)\eye-fi\helper\eyefihelper.exe" = protocol=6 | dir=in | app=c:\program files (x86)\eye-fi\helper\eyefihelper.exe | 
"TCP Query User{C79F50E3-9A34-4C2D-967B-B31BF9069CF5}C:\program files (x86)\eye-fi\helper\eyefihelper.exe" = protocol=6 | dir=in | app=c:\program files (x86)\eye-fi\helper\eyefihelper.exe | 
"TCP Query User{CABEDEA9-B307-4A71-BFAA-8580022B8933}C:\users\sven\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\sven\appdata\roaming\dropbox\bin\dropbox.exe | 
"UDP Query User{9DE4242D-FA99-4B42-85DF-397D72F5A1E8}C:\users\sven\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\sven\appdata\roaming\dropbox\bin\dropbox.exe | 
"UDP Query User{DB8D545C-8EDE-4E40-A177-BCB5DC0D7D44}C:\program files (x86)\eye-fi\helper\eyefihelper.exe" = protocol=17 | dir=in | app=c:\program files (x86)\eye-fi\helper\eyefihelper.exe | 
"UDP Query User{EC0A3E1E-61AF-4AFC-AFC7-8ECA7D02C46E}C:\program files (x86)\eye-fi\helper\eyefihelper.exe" = protocol=17 | dir=in | app=c:\program files (x86)\eye-fi\helper\eyefihelper.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{034106B5-54B7-467F-B477-5B7DBB492624}" = Microsoft Sync Framework Services v1.0 SP1 (x64)
"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4600_series" = Canon iP4600 series Printer Driver
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX880_series" = Canon MX880 series MP Drivers
"{1AB7EDC5-D891-34C5-9FF1-BE6A85ACC44B}" = Microsoft Team Foundation Server 2010 Object Model - ENU
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{22D8AE6F-3C6B-47E8-8F04-629F23DBE978}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F86416021FF}" = Java(TM) 6 Update 21 (64-bit)
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4A8CE6D7-4D52-43B9-970B-03FC75FAD667}" = Microsoft SQL Server System CLR Types (x64)
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5EB90C06-964F-4195-B83E-BD7E55C88415}" = Pinnacle Video Treiber
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{662014D2-0450-37ED-ABAE-157C88127BEB}" = Visual Studio 2010 Prerequisites - English
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}" = MobileMe Control Panel
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8438EC02-B8A9-462D-AC72-1B521349C001}" = Microsoft Sync Framework Runtime v1.0 SP1 (x64)
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{8BADD53C-3A6D-4D22-B8C5-56ACD699C17D}" = Digital Signatur
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{AA72DFB8-BA38-49C9-B5A4-A95FD62641F8}" = BOINC
"{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}" = Microsoft SQL Server 2008 Native Client
"{C3600AE6-93A0-3DB7-B7AA-45BD58F133B5}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D0CB24F4-084F-40DE-B6B9-A03626E682F0}" = iCloud
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{D4F66BBA-D79E-4F11-9B06-70C3D75A2958}" = Adobe Photoshop Lightroom 3.6 64-bit
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{D93AC9C8-B6CF-391E-BD2F-48AF4727476C}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30411
"{DA67488A-2689-4F10-B90F-D2F6977509D6}" = Microsoft SQL Server 2008 R2 Management Objects (x64)
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5079164-1DB9-3BDA-853B-F78AF67CE071}" = Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F83E9BF0-B8D8-3D68-9E07-7505290C2202}" = Microsoft .NET Framework 4 Client Profile DAN Language Pack
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"AutopanoGiga2.5" = Kolor Autopano Giga 2.5
"Creative VF0250" = Creative Live! Cam Notebook Pro Driver (1.02.06.0627)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-driverpakke - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DAN Language Pack" = Microsoft .NET Framework 4 Client Profile DAN sprogpakke
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Team Foundation Server 2010 Object Model - ENU" = Microsoft Team Foundation Server 2010 Object Model - ENU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0DDCEC37-369C-484B-B16D-B4413FD42FB9}" = Microsoft SQL Server 2008 R2 Data-Tier Application Framework
"{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}" = Microsoft Sync Framework SDK v1.0 SP1
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java(TM) 6 Update 39
"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
"{2F3082BF-4A3B-45CA-805F-52DBBFD3C645}" = Windows Live Essentials
"{2FAA2415-618E-4EC0-8253-3CDA076C84D6}" = AquaSoft DiaShow 7 Ultimate
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3DC9BFC1-AF45-47F6-B696-28C8BEC3D12B}_is1" = Bildschutz Pro 3.01
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{49DC7D87-B9F9-4782-9386-B7F13BC75E48}" = Adobe Creative Suite 5 Design Standard
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{52FEFA2C-F1E7-44D3-8C31-BFADB45E9FC8}" = Nokia Internet Modem
"{592ED299-14EF-4C0E-93B4-B687CD5A2EBE}_is1" = posterXXL.de Bestellsoftware 4.80
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319
"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D80B6D8-C7FC-C635-B3D2-1DFE9BEE890D}" = TiltShiftGenerator: artandmobile.com
"{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution
"{6FAB7C8A-F677-41D9-8841-62D92B8002DA}" = Extensis Suitcase Fusion 3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{729A3000-BC8A-3B74-BA5D-5068FE12D70C}" = Microsoft Visual F# 2.0 Runtime
"{7764F7B0-7225-4145-82B6-2AB4540D33A6}" = Eye-Fi Center 3.4
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78C3657E-742C-40B1-9F53-E5A921D40F17}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8A8C4EAC-9AB7-45FA-9480-5716FD261030}" = Nero 7 Essentials
"{8BADD53C-3A6D-4D22-B8C5-56ACD699C17D}" = Digital Signatur
"{90170409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{91D18A92-69C2-9A7B-6662-159D8E6CBEF1}" = Project ROME
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94B8F069-F223-4F48-BC88-7104CBA77F30}" = Windows Live Messenger
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96BF7ECE-A88D-0ECF-089D-7307A160C095}" = Photo Gallery Builder
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DFDD0C5-5AC1-484B-ACF8-0F3E1041750B}_is1" = AquaSoft "DiaShow 7 für YouTube"
"{9F9BE2A8-2FA2-438E-934B-6F237B641167}" = Cooliris for Internet Explorer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB63F0FF-B184-48B4-8365-1C7C938E1177}" = KingBill 2011
"{AC61C594-5F86-4BE9-ABAF-763C6A8E2302}" = Silent Hunter 5
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.4 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{AD1C7ACE-30DC-4107-B6A7-9495D12DC846}" = TinEye Internet Explorer plugin 1.2
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BFD09E5B-6D40-4CAD-A349-103BFEF1C574}" = Windows Live Mail
"{C50EF365-2898-489A-B6C7-30DAA466E9A2}" = Nokia Connectivity Cable Driver
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{CC23FF9A-989C-4DEB-8970-50E6E4862315}" = EOSInfo
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E5AE9031-79A5-4627-9641-BEFA82819B08}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
"{E5E54037-31CD-4EBD-9211-4C384F4E7E79}" = e-Safekey
"{E7EADF4C-C40F-467E-96E3-7E62C9CDC079}" = AquaSoft DiaShow 6 for YouTube
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F82C6574-AD88-4B40-A432-970BC77F1BD2}" = DesignPro 5
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F9CD0190-4A88-49B4-88C5-CFF9CD2723F0}" = OpenOffice.org 3.1
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"8461-7759-5462-8226" = Vuze
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Advanced Video FX Engine" = Advanced Video FX Engine
"APU" = CANON iMAGE GATEWAY Album Plugin Utility
"AquaSoft DiaShow 6 for YouTube" = AquaSoft DiaShow 6 for YouTube
"AquaSoft DiaShow 7 Ultimate" = AquaSoft DiaShow 7 Ultimate
"Avira AntiVir Desktop" = Avira Free Antivirus
"Benutzerhandbuch für Creative Live! Cam Notebook Pro German" = Benutzerhandbuch für Creative Live! Cam Notebook Pro (Deutsch)
"BookSmart® 3.2.5 3.2.5" = BookSmart® 3.2.5 3.2.5
"CameraWindowDC" = Canon Utilities CameraWindow DC
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon iP4600 series Brugerregistrering" = Canon iP4600 series Brugerregistrering
"Canon MX880 series Brugerregistrering" = Canon MX880 series Brugerregistrering
"Canon RAW Codec" = Canon RAW Codec
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CanonSolutionMenuEX" = Canon Solution Menu EX
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Color Efex Pro 3.0 Complete" = Color Efex Pro 3.0 Complete
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.newhope.NHProject.prod.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1" = Project ROME
"com.flashgallerycom.photoGalleryBuilder.BE456FDD426FDC61C9F8B47A33E5FBCFF9D5695C.1" = Photo Gallery Builder
"Creative Live! Cam Center" = Creative Live! Cam Center
"Creative Live! Cam Manager" = Creative Live! Cam Manager
"Dfine 2.0" = Dfine 2.0
"Digital Photo Professional" = Canon Utilities Digital Photo Professional 3.11
"Digital Signatur" = Digital Signatur
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"EOS Utility" = Canon Utilities EOS Utility
"FileZilla Client" = FileZilla Client 3.5.3
"Free Download Manager_is1" = Free Download Manager 3.9.2
"Free MP4 Video Converter_is1" = Free MP4 Video Converter version 5.0.15.706
"Hugin" = Hugin 2010.4.0
"InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}" = DesignPro 5
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MP Navigator EX 4.1" = Canon MP Navigator EX 4.1
"My Pictures Editor_is1" = Photo! 3D Album and Photo! 3D ScreenSaver 1.2
"MyCamera" = Canon Utilities MyCamera
"MyCameraDC" = Canon Utilities MyCamera DC
"Panoweaver700_std_is1" = Panoweaver Standard Edition
"Photo! Web Album_is1" = Photo! Web Album 1.2
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RemoteCaptureDC" = Canon Utilities RemoteCapture DC
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"Sharpener Pro 3.0" = Sharpener Pro 3.0
"Sierra Utilities" = Sierra Utilities
"SightSpeed" = SightSpeed (remove only)
"Silver Efex Pro" = Silver Efex Pro
"Speed Dial Utility" = Canon Tastopkaldsfunktion
"Spyder3Express" = Spyder3Express
"SysInfo" = Creative-Systeminformationen
"TeamViewer 6" = TeamViewer 6
"TiltShift.E66C440A17F1D70FFD66FDB4568328647297CFDC.1" = TiltShiftGenerator: artandmobile.com
"Viveza 2" = Viveza 2
"VLC media player" = VLC media player 1.1.9
"WFTK" = Canon Utilities WFT-E1/E2/E3 Utility
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"ZonerPhotoStudio11_DE_is1" = Zoner Photo Studio 11
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}" = WISO Steuer-Sparbuch 2013
"Dropbox" = Dropbox
"Game Organizer" = EasyBits GO
"Google Chrome" = Google Chrome
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 24.03.2013 14:00:04 | Computer Name = Sven-Pc | Source = Windows Backup | ID = 4103
Description = 
 
Error - 25.03.2013 10:12:46 | Computer Name = Sven-Pc | Source = SideBySide | ID = 16842827
Description = Aktiveringskontekstgenereringen mislykkedes for "C:\Program Files 
(x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe". Der er en fejl 
i manifestet eller politikfilen "C:\Program Files (x86)\Skype\Toolbars\Internet 
Explorer\SkypeIEPluginBroker.exe" i linje 2.  Flere requestedPrivileges-elementer 
er ikke tilladt i manifest.
 
Error - 27.03.2013 07:57:21 | Computer Name = Sven-Pc | Source = SideBySide | ID = 16842827
Description = Aktiveringskontekstgenereringen mislykkedes for "C:\Program Files 
(x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe". Der er en fejl 
i manifestet eller politikfilen "C:\Program Files (x86)\Skype\Toolbars\Internet 
Explorer\SkypeIEPluginBroker.exe" i linje 2.  Flere requestedPrivileges-elementer 
er ikke tilladt i manifest.
 
Error - 28.03.2013 17:16:36 | Computer Name = Sven-Pc | Source = SideBySide | ID = 16842827
Description = Aktiveringskontekstgenereringen mislykkedes for "C:\Program Files 
(x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe". Der er en fejl 
i manifestet eller politikfilen "C:\Program Files (x86)\Skype\Toolbars\Internet 
Explorer\SkypeIEPluginBroker.exe" i linje 2.  Flere requestedPrivileges-elementer 
er ikke tilladt i manifest.
 
Error - 30.03.2013 09:27:20 | Computer Name = Sven-Pc | Source = SideBySide | ID = 16842827
Description = Aktiveringskontekstgenereringen mislykkedes for "C:\Program Files 
(x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe". Der er en fejl 
i manifestet eller politikfilen "C:\Program Files (x86)\Skype\Toolbars\Internet 
Explorer\SkypeIEPluginBroker.exe" i linje 2.  Flere requestedPrivileges-elementer 
er ikke tilladt i manifest.
 
Error - 30.03.2013 10:04:52 | Computer Name = Sven-Pc | Source = SideBySide | ID = 16842827
Description = Aktiveringskontekstgenereringen mislykkedes for "C:\Program Files 
(x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe". Der er en fejl 
i manifestet eller politikfilen "C:\Program Files (x86)\Skype\Toolbars\Internet 
Explorer\SkypeIEPluginBroker.exe" i linje 2.  Flere requestedPrivileges-elementer 
er ikke tilladt i manifest.
 
Error - 31.03.2013 13:00:10 | Computer Name = Sven-Pc | Source = Windows Backup | ID = 4103
Description = 
 
Error - 31.03.2013 19:48:26 | Computer Name = Sven-Pc | Source = SideBySide | ID = 16842827
Description = Aktiveringskontekstgenereringen mislykkedes for "C:\Program Files 
(x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe". Der er en fejl 
i manifestet eller politikfilen "C:\Program Files (x86)\Skype\Toolbars\Internet 
Explorer\SkypeIEPluginBroker.exe" i linje 2.  Flere requestedPrivileges-elementer 
er ikke tilladt i manifest.
 
Error - 02.04.2013 14:42:36 | Computer Name = Sven-Pc | Source = SideBySide | ID = 16842827
Description = Aktiveringskontekstgenereringen mislykkedes for "C:\Program Files 
(x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe". Der er en fejl 
i manifestet eller politikfilen "C:\Program Files (x86)\Skype\Toolbars\Internet 
Explorer\SkypeIEPluginBroker.exe" i linje 2.  Flere requestedPrivileges-elementer 
er ikke tilladt i manifest.
 
Error - 04.04.2013 09:11:38 | Computer Name = Sven-Pc | Source = SideBySide | ID = 16842827
Description = Aktiveringskontekstgenereringen mislykkedes for "C:\Program Files 
(x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe". Der er en fejl 
i manifestet eller politikfilen "C:\Program Files (x86)\Skype\Toolbars\Internet 
Explorer\SkypeIEPluginBroker.exe" i linje 2.  Flere requestedPrivileges-elementer 
er ikke tilladt i manifest.
 
[ Media Center Events ]
Error - 02.09.2010 10:42:32 | Computer Name = Sven-Pc | Source = MCUpdate | ID = 0
Description = 16:42:32 - Fejl under oprettelse af forbindelse til internettet.  16:42:32
 -     Der kunne ikke oprettes forbindelse til serveren..  
 
Error - 02.09.2010 10:42:58 | Computer Name = Sven-Pc | Source = MCUpdate | ID = 0
Description = 16:42:53 - Fejl under oprettelse af forbindelse til internettet.  16:42:53
 -     Der kunne ikke oprettes forbindelse til serveren..  
 
Error - 08.09.2010 14:54:24 | Computer Name = Sven-Pc | Source = MCUpdate | ID = 0
Description = 20:54:24 - Fejl under oprettelse af forbindelse til internettet.  20:54:24
 -     Der kunne ikke oprettes forbindelse til serveren..  
 
Error - 08.09.2010 14:54:51 | Computer Name = Sven-Pc | Source = MCUpdate | ID = 0
Description = 20:54:46 - Fejl under oprettelse af forbindelse til internettet.  20:54:46
 -     Der kunne ikke oprettes forbindelse til serveren..  
 
[ System Events ]
Error - 04.04.2013 14:50:09 | Computer Name = Sven-Pc | Source = PNRPSvc | ID = 102
Description = 
 
Error - 04.04.2013 14:50:09 | Computer Name = Sven-Pc | Source = Service Control Manager | ID = 7023
Description = Tjenesten PNRP (Peer Name Resolution Protocol) blev afbrudt med følgende
 fejl:   %%-2140993535
 
Error - 04.04.2013 14:50:09 | Computer Name = Sven-Pc | Source = Service Control Manager | ID = 7001
Description = Tjenesten Gruppering af peer-netværk afhænger af tjenesten PNRP (Peer
 Name Resolution Protocol), der ikke kunne starte pga. følgende fejl:   %%-2140993535
 
Error - 04.04.2013 14:50:09 | Computer Name = Sven-Pc | Source = Service Control Manager | ID = 7023
Description = Tjenesten PNRP (Peer Name Resolution Protocol) blev afbrudt med følgende
 fejl:   %%-2140993535
 
Error - 04.04.2013 14:50:09 | Computer Name = Sven-Pc | Source = Service Control Manager | ID = 7001
Description = Tjenesten Gruppering af peer-netværk afhænger af tjenesten PNRP (Peer
 Name Resolution Protocol), der ikke kunne starte pga. følgende fejl:   %%-2140993535
 
Error - 04.04.2013 14:50:09 | Computer Name = Sven-Pc | Source = Service Control Manager | ID = 7001
Description = Tjenesten Gruppering af peer-netværk afhænger af tjenesten PNRP (Peer
 Name Resolution Protocol), der ikke kunne starte pga. følgende fejl:   %%-2140993535
 
Error - 04.04.2013 14:50:09 | Computer Name = Sven-Pc | Source = Service Control Manager | ID = 7023
Description = Tjenesten PNRP (Peer Name Resolution Protocol) blev afbrudt med følgende
 fejl:   %%-2140993535
 
Error - 04.04.2013 14:50:16 | Computer Name = Sven-Pc | Source = PNRPSvc | ID = 102
Description = 
 
Error - 04.04.2013 14:50:16 | Computer Name = Sven-Pc | Source = Service Control Manager | ID = 7023
Description = Tjenesten PNRP (Peer Name Resolution Protocol) blev afbrudt med følgende
 fejl:   %%-2140993535
 
Error - 04.04.2013 14:50:16 | Computer Name = Sven-Pc | Source = Service Control Manager | ID = 7001
Description = Tjenesten Gruppering af peer-netværk afhænger af tjenesten PNRP (Peer
 Name Resolution Protocol), der ikke kunne starte pga. følgende fejl:   %%-2140993535
 
 
< End of report >

ich besorg nun die gmer.txt... dauert ein bissel ;-)

LG

Sven

gmer stürzt bei mir ab....
???

DerJazzer · 04.04.2013, 21:35

Bitte probiere GMER im Abgesicherten Modus

Sven Rausch · 05.04.2013, 01:14

Hier der gmer.txt als zip.datei

Sven Rausch · 05.04.2013, 01:20

Ich sag dann auch erstmal gute nacht!

Meine Maus hat die rechner freie yeit gleich genutzt ;-)

DerJazzer · 05.04.2013, 22:52

Hi

ich seh da nur ein paar Überreste

Schritt 1

Bitte gehe zu

Start --> Systemsteuerung --> Software

und deinstalliere die folgende Software:

Code:

ATTFilter

TuneUp Utilities

Bitte gib Bescheid wenn Du eines der gelisteten Programme nicht finden oder nicht deinstallieren kannst.

Schritt 2

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Schritt 4

Fixen mit OTL

Starte bitte die OTL.exe.
Kopiere nun den Inhalt aus der Codebox in die Textbox.

Code:

ATTFilter

:OTL
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
[2013.04.04 19:44:07 | 000,002,066 | ---- | M] () -- C:\Users\Sven\Desktop\AVASoft Professional Antivirus.lnk
[2013.04.04 19:44:07 | 000,000,000 | ---D | C] -- C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVASoft Professional Antivirus
[2013.04.04 19:38:00 | 000,000,000 | ---D | C] -- C:\ProgramData\8CEB0A1989F57C4E00008CEA7D3380C2
[2012.08.03 00:33:09 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\TuneUp Software

:Commands
[emptytemp]

Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
Schließe bitte nun alle Programme.
Klicke nun bitte auf den Fix Button.
OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
Kopiere nun den Inhalt hier in Deinen Thread

Schritt 5

Starte bitte die OTL.exe.
Wähle unter
Extra Registrierung: Benutze Safe List und klicke auf den Scan Button.
Poste die OTL.txt und die Extras.txt hier in deinen Thread.

Bitte poste in deiner nächsten Antwort

AdwCleaner-Log & JRT.txt
OTL-Fixlog
OTL.txt & Extras.txt

Sven Rausch · 05.04.2013, 23:01

Tut mir leid aber das zu deinstalierende Program ist nicht zu finden. Auch nicht wenn ich es über die suchmaske eingebe und es suchen lasse

DerJazzer · 05.04.2013, 23:08

Ok, danke für die Info. Habe gerade editiert, nimm bitte das OTL-Skript, das jetzt oben angezeigt wird

Sven Rausch · 05.04.2013, 23:38

Zu Schritt 2

Code:

ATTFilter

# AdwCleaner v2.200 - Logfil lavet d. 06/04/2013 kl. 00:27:16
# Opdateret d. 02/04/2013 af Xplode
# Operativ system : Windows 7 Home Premium Service Pack 1 (64 bits)
# Bruger : Sven - SVEN-PC
# Boot Mode : Normal
# Kører fra : C:\Downloads\adwcleaner.exe
# Indstilling [Slet]


***** [Servicer] *****


***** [Filer / Mapper] *****

Filer Slettet : C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\rfki08v6.default\searchplugins\Askcom.xml
Mapper Slettet : C:\ProgramData\Ask
Mapper Slettet : C:\Users\Maus\AppData\LocalLow\AskToolbar
Mapper Slettet : C:\Users\Sven\AppData\Local\PackageAware
Mapper Slettet : C:\Users\Sven\AppData\Roaming\OpenCandy

***** [Registeret] *****

Nøgle Slettet : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B0DE3308-5D5A-470D-81B9-634FC078393B}
Nøgle Slettet : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Nøgle Slettet : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Nøgle Slettet : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Nøgle Slettet : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16447

[OK] Registeret er rent.

-\\ Mozilla Firefox v [Kan ikke hente version]

Filer : C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\rfki08v6.default\prefs.js

Slettet : user_pref("browser.search.selectedEngine", "Ask.com");
Slettet : user_pref("browser.search.order.1", "Ask.com");
Slettet : user_pref("browser.search.defaultengine", "Ask.com");
Slettet : user_pref("browser.search.defaultenginename", "Ask.com");
Slettet : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=&locale=&apn_u[...]
Slettet : user_pref("extensions.asktb.ff-original-keyword-url", "");

-\\ Google Chrome v26.0.1410.43

Filer : C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Filen er ren.

*************************

AdwCleaner[S1].txt - [2067 octets] - [06/04/2013 00:27:16]

########## EOF - C:\AdwCleaner[S1].txt - [2127 octets] ##########

zu Schritt 3

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.8.3 (04.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Sven on 06.04.2013 at  0:41:08,57
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\windows\currentversion\run\\free download manager



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\eula.1028.txt
Successfully deleted: [File] C:\eula.1031.txt
Successfully deleted: [File] C:\eula.1033.txt
Successfully deleted: [File] C:\eula.1036.txt
Successfully deleted: [File] C:\eula.1040.txt
Successfully deleted: [File] C:\eula.1041.txt
Successfully deleted: [File] C:\eula.1042.txt
Successfully deleted: [File] C:\eula.2052.txt
Successfully deleted: [File] C:\install.res.1028.dll
Successfully deleted: [File] C:\install.res.1031.dll
Successfully deleted: [File] C:\install.res.1033.dll
Successfully deleted: [File] C:\install.res.1036.dll
Successfully deleted: [File] C:\install.res.1040.dll
Successfully deleted: [File] C:\install.res.1041.dll
Successfully deleted: [File] C:\install.res.1042.dll
Successfully deleted: [File] C:\install.res.2052.dll
Successfully deleted: [File] C:\install.res.3082.dll



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Sven\AppData\Roaming\software informer"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 06.04.2013 at  0:51:20,36
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

zu Schritt 4

Code:

ATTFilter

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Low Rights\ deleted successfully.
C:\Users\Sven\Desktop\AVASoft Professional Antivirus.lnk moved successfully.
C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVASoft Professional Antivirus folder moved successfully.
Folder C:\ProgramData\8CEB0A1989F57C4E00008CEA7D3380C2\ not found.
C:\Users\Sven\AppData\Roaming\TuneUp Software\TU2012\Dashboard folder moved successfully.
C:\Users\Sven\AppData\Roaming\TuneUp Software\TU2012\Backups folder moved successfully.
C:\Users\Sven\AppData\Roaming\TuneUp Software\TU2012 folder moved successfully.
C:\Users\Sven\AppData\Roaming\TuneUp Software folder moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 58264 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Maus
->Temp folder emptied: 11303295 bytes
->Temporary Internet Files folder emptied: 31243135 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 57071 bytes
 
User: Public
 
User: Sven
->Temp folder emptied: 4493048806 bytes
->Temporary Internet Files folder emptied: 910218961 bytes
->Java cache emptied: 7015699 bytes
->FireFox cache emptied: 14977101 bytes
->Google Chrome cache emptied: 328307825 bytes
->Apple Safari cache emptied: 8555520 bytes
->Flash cache emptied: 62723 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 1340064 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 438178202 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 102223 bytes
RecycleBin emptied: 1848229927 bytes
 
Total Files Cleaned = 7.718,00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 04062013_011737

Files\Folders moved on Reboot...
C:\Users\Sven\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Zu Schritt 5:
extras.txt

Code:

ATTFilter

OTL Extras logfile created on: 06.04.2013 01:42:14 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Downloads\Software
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Tyskland | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 0,52 Gb Available Physical Memory | 26,17% Memory free
3,98 Gb Paging File | 2,25 Gb Available in Paging File | 56,42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297,99 Gb Total Space | 49,05 Gb Free Space | 16,46% Space Free | Partition Type: NTFS
Drive G: | 29,41 Mb Total Space | 25,35 Mb Free Space | 86,19% Space Free | Partition Type: FAT
Drive H: | 14,90 Gb Total Space | 6,83 Gb Free Space | 45,83% Space Free | Partition Type: FAT32
 
Computer Name: SVEN-PC | User Name: Sven | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{080F3DAE-99CD-4CED-BC31-40FE5DA7D4EC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{0D7763AD-4E25-4A9B-A3D4-C634E945841A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{0E49E8BF-D880-4B5A-AD19-FDC76AEE4A6D}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{18B29922-6464-40F7-8830-384ADC32E891}" = rport=139 | protocol=6 | dir=out | app=system | 
"{2C421F34-3AAD-4FC7-88E6-A8A0AC2273CE}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | 
"{2E06D69A-9AA7-4808-B2B2-071809ECDF3F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{32976D50-E56A-4B8A-9A5D-17E637981C52}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{34C6492F-68B4-4665-AA80-291CB6B2C41D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{46FB5134-365E-4C87-A5F3-B4198472E143}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{5BA62470-F620-42B5-B753-E09B3D451F7B}" = rport=137 | protocol=17 | dir=out | app=system | 
"{5D7DCAC2-597A-4622-8769-7A26B5BA142E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{631EEE9C-C675-483B-B6F5-F534AA89957E}" = lport=139 | protocol=6 | dir=in | app=system | 
"{6840137C-1513-43CE-BB1B-9B41A83800D2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{6F1E3BB0-CE91-435A-ACE4-C4A08E0450BA}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{72C8463D-FA32-425E-9B79-BFE86BD41870}" = lport=445 | protocol=6 | dir=in | app=system | 
"{7B646A5C-3671-40D1-9379-1D1ED15513C8}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 | 
"{7BFCCF27-2A66-4D9D-9AB1-C1BFF4384C42}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{80495C4D-8827-45D4-8A50-050527910A5F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{84F0AFF0-0BF2-47F0-B568-B66D0C6B0678}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{9F8AF6CA-AE02-4EC6-BF35-91F7AC12FB74}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{A6062DC1-DE39-4935-B43C-5F4CB0828D6B}" = lport=137 | protocol=17 | dir=in | app=system | 
"{ACDE4067-357F-42ED-B5EA-29605F6D9210}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{AD79C4A7-72FE-4F20-9B65-606DC2B72872}" = rport=445 | protocol=6 | dir=out | app=system | 
"{B92EACAD-169D-4974-84C7-E23A7B958FD4}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{CD7F4369-0DC6-41E9-B49A-844723D0D726}" = lport=138 | protocol=17 | dir=in | app=system | 
"{E36C72B1-7AD1-4542-A677-321DFC65B87F}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{FD18EF3F-79DB-4CC7-93BF-54FB080C2C83}" = rport=138 | protocol=17 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00C79B09-7E6D-47D6-950A-3D6F6B0D7B45}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\rm.exe | 
"{05090626-A542-47A0-9E50-0C48FECEED23}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{0A9048B9-2C77-4DE6-AED2-88B7975E378B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{10286EF1-5FC8-4254-BBFF-4FAE441FE923}" = protocol=6 | dir=in | app=c:\users\sven\appdata\roaming\dropbox\bin\dropbox.exe | 
"{17CFCC9A-E6A5-4549-B3E4-529ECD8319ED}" = protocol=6 | dir=out | app=system | 
"{1E2B3CBC-5659-4D71-B035-F31A662E5274}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{27B1886D-8A5A-4946-9059-DE217C4F1BEE}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe | 
"{3193D79E-260C-4DDC-9701-1E8C80C5C7C5}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\studio.exe | 
"{33C51BF9-EC5B-4713-B0D3-34EA03CD1897}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{3F678836-B07C-4785-B51B-FBEEFB4B9052}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe | 
"{41411783-86CA-4F12-8A7D-C7D1DA45484B}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe | 
"{43204A2B-CC1E-46D3-B0F7-10B8DBF80702}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{525BA90F-9BAD-4A45-A546-0C2E90CF3318}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{56F942B6-C3EE-4EA7-B2F7-733B5C0E58F3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{5D6287A9-E1E1-4300-86A5-6F3D517FE800}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{61729FCD-34CB-499A-822A-A8EF6EC4848B}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version5\teamviewer.exe | 
"{6453FD17-D551-48D1-8946-2CF1F28C64F8}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{67CADADB-86E9-40F0-8A31-EC82D967BFEC}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\umi.exe | 
"{6A6FD1D4-A4CF-45DF-BC3C-57DF4949CF35}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{6F40AAC0-30B0-49EA-9830-9BD71CD0BD52}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{70C7E918-E6E6-4983-A726-4D64C6C58C34}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\umi.exe | 
"{7B9350ED-C215-4518-BD59-D3A07FEFB8B3}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{7EC22303-389E-4A57-AA07-6F9D008B037B}" = protocol=17 | dir=in | app=c:\users\sven\appdata\roaming\dropbox\bin\dropbox.exe | 
"{8BAF8A59-474A-4A37-BEC4-15D32D4DF43A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{92380B61-77F7-46B6-8027-A1CEB8C90355}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{9661686E-9233-4570-84EC-CB12FCC5ABFA}" = protocol=6 | dir=in | app=c:\ubisoft\silent hunter 5\sh5.exe | 
"{968D8035-5E87-42D8-BF1B-50F970118447}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{9A799DBA-C1BA-4BAF-B3F8-ABD7CB1B6C50}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe | 
"{A442D292-86D3-4193-B2A3-BD0FC958949D}" = protocol=17 | dir=in | app=c:\ubisoft\silent hunter 5\sh5.exe | 
"{A73C277D-6258-432B-933B-2342815A0045}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{AD18E185-0D7C-4142-812B-2D7EB2EF9021}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{B0FA2B43-EB72-4FAC-8F6E-5ED7716F7277}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{B39508FD-38BD-4DA4-95B3-24BE353480DD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{B5F48EC2-34A6-4A61-92E5-AB3055D22693}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{B90EF88C-1CC4-4545-A6DE-4C3B46C93B0B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{BC58FBE2-FBC3-4369-BA98-2AF24889E05D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{C37C6EA7-3AA5-434F-B3CE-C80588CBE0B8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{CD2F3662-E6B0-461B-904B-C2BC1972399B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{D1EF402A-9CBB-4009-8162-EC6527515B97}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{D6111495-32C5-4B81-B51C-F47128751042}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version5\teamviewer.exe | 
"{D7B2FFCA-052D-4BDC-AFE7-F6CFE2A16245}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\rm.exe | 
"{DD4E8701-D547-45FD-8CE5-96BCFAE888AC}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{E0E20085-D7B1-4179-AB77-80EF1C900B49}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{F87D10A7-9944-4FD8-93F2-C2B38CF70550}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe | 
"{F9A33EDD-4AA0-4D17-AEC6-1A5CC1EB0595}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe | 
"{FF2BCAC8-6E78-4A39-9BE9-BECFF2310E2B}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\studio.exe | 
"TCP Query User{BFC62941-92D5-496F-AA75-72BAADCED752}C:\program files (x86)\eye-fi\helper\eyefihelper.exe" = protocol=6 | dir=in | app=c:\program files (x86)\eye-fi\helper\eyefihelper.exe | 
"TCP Query User{C79F50E3-9A34-4C2D-967B-B31BF9069CF5}C:\program files (x86)\eye-fi\helper\eyefihelper.exe" = protocol=6 | dir=in | app=c:\program files (x86)\eye-fi\helper\eyefihelper.exe | 
"TCP Query User{CABEDEA9-B307-4A71-BFAA-8580022B8933}C:\users\sven\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\sven\appdata\roaming\dropbox\bin\dropbox.exe | 
"UDP Query User{9DE4242D-FA99-4B42-85DF-397D72F5A1E8}C:\users\sven\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\sven\appdata\roaming\dropbox\bin\dropbox.exe | 
"UDP Query User{DB8D545C-8EDE-4E40-A177-BCB5DC0D7D44}C:\program files (x86)\eye-fi\helper\eyefihelper.exe" = protocol=17 | dir=in | app=c:\program files (x86)\eye-fi\helper\eyefihelper.exe | 
"UDP Query User{EC0A3E1E-61AF-4AFC-AFC7-8ECA7D02C46E}C:\program files (x86)\eye-fi\helper\eyefihelper.exe" = protocol=17 | dir=in | app=c:\program files (x86)\eye-fi\helper\eyefihelper.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{034106B5-54B7-467F-B477-5B7DBB492624}" = Microsoft Sync Framework Services v1.0 SP1 (x64)
"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4600_series" = Canon iP4600 series Printer Driver
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX880_series" = Canon MX880 series MP Drivers
"{1AB7EDC5-D891-34C5-9FF1-BE6A85ACC44B}" = Microsoft Team Foundation Server 2010 Object Model - ENU
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{22D8AE6F-3C6B-47E8-8F04-629F23DBE978}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F86416021FF}" = Java(TM) 6 Update 21 (64-bit)
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4A8CE6D7-4D52-43B9-970B-03FC75FAD667}" = Microsoft SQL Server System CLR Types (x64)
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5EB90C06-964F-4195-B83E-BD7E55C88415}" = Pinnacle Video Treiber
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{662014D2-0450-37ED-ABAE-157C88127BEB}" = Visual Studio 2010 Prerequisites - English
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}" = MobileMe Control Panel
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8438EC02-B8A9-462D-AC72-1B521349C001}" = Microsoft Sync Framework Runtime v1.0 SP1 (x64)
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{8BADD53C-3A6D-4D22-B8C5-56ACD699C17D}" = Digital Signatur
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{AA72DFB8-BA38-49C9-B5A4-A95FD62641F8}" = BOINC
"{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}" = Microsoft SQL Server 2008 Native Client
"{C3600AE6-93A0-3DB7-B7AA-45BD58F133B5}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D0CB24F4-084F-40DE-B6B9-A03626E682F0}" = iCloud
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{D4F66BBA-D79E-4F11-9B06-70C3D75A2958}" = Adobe Photoshop Lightroom 3.6 64-bit
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{D93AC9C8-B6CF-391E-BD2F-48AF4727476C}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30411
"{DA67488A-2689-4F10-B90F-D2F6977509D6}" = Microsoft SQL Server 2008 R2 Management Objects (x64)
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5079164-1DB9-3BDA-853B-F78AF67CE071}" = Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F83E9BF0-B8D8-3D68-9E07-7505290C2202}" = Microsoft .NET Framework 4 Client Profile DAN Language Pack
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"AutopanoGiga2.5" = Kolor Autopano Giga 2.5
"Creative VF0250" = Creative Live! Cam Notebook Pro Driver (1.02.06.0627)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-driverpakke - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DAN Language Pack" = Microsoft .NET Framework 4 Client Profile DAN sprogpakke
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Team Foundation Server 2010 Object Model - ENU" = Microsoft Team Foundation Server 2010 Object Model - ENU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0DDCEC37-369C-484B-B16D-B4413FD42FB9}" = Microsoft SQL Server 2008 R2 Data-Tier Application Framework
"{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}" = Microsoft Sync Framework SDK v1.0 SP1
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java(TM) 6 Update 39
"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
"{2F3082BF-4A3B-45CA-805F-52DBBFD3C645}" = Windows Live Essentials
"{2FAA2415-618E-4EC0-8253-3CDA076C84D6}" = AquaSoft DiaShow 7 Ultimate
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3DC9BFC1-AF45-47F6-B696-28C8BEC3D12B}_is1" = Bildschutz Pro 3.01
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{49DC7D87-B9F9-4782-9386-B7F13BC75E48}" = Adobe Creative Suite 5 Design Standard
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{52FEFA2C-F1E7-44D3-8C31-BFADB45E9FC8}" = Nokia Internet Modem
"{592ED299-14EF-4C0E-93B4-B687CD5A2EBE}_is1" = posterXXL.de Bestellsoftware 4.80
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319
"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D80B6D8-C7FC-C635-B3D2-1DFE9BEE890D}" = TiltShiftGenerator: artandmobile.com
"{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution
"{6FAB7C8A-F677-41D9-8841-62D92B8002DA}" = Extensis Suitcase Fusion 3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{729A3000-BC8A-3B74-BA5D-5068FE12D70C}" = Microsoft Visual F# 2.0 Runtime
"{7764F7B0-7225-4145-82B6-2AB4540D33A6}" = Eye-Fi Center 3.4
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78C3657E-742C-40B1-9F53-E5A921D40F17}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8A8C4EAC-9AB7-45FA-9480-5716FD261030}" = Nero 7 Essentials
"{8BADD53C-3A6D-4D22-B8C5-56ACD699C17D}" = Digital Signatur
"{90170409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{91D18A92-69C2-9A7B-6662-159D8E6CBEF1}" = Project ROME
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94B8F069-F223-4F48-BC88-7104CBA77F30}" = Windows Live Messenger
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96BF7ECE-A88D-0ECF-089D-7307A160C095}" = Photo Gallery Builder
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DFDD0C5-5AC1-484B-ACF8-0F3E1041750B}_is1" = AquaSoft "DiaShow 7 für YouTube"
"{9F9BE2A8-2FA2-438E-934B-6F237B641167}" = Cooliris for Internet Explorer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB63F0FF-B184-48B4-8365-1C7C938E1177}" = KingBill 2011
"{AC61C594-5F86-4BE9-ABAF-763C6A8E2302}" = Silent Hunter 5
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.4 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{AD1C7ACE-30DC-4107-B6A7-9495D12DC846}" = TinEye Internet Explorer plugin 1.2
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BFD09E5B-6D40-4CAD-A349-103BFEF1C574}" = Windows Live Mail
"{C50EF365-2898-489A-B6C7-30DAA466E9A2}" = Nokia Connectivity Cable Driver
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{CC23FF9A-989C-4DEB-8970-50E6E4862315}" = EOSInfo
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E5AE9031-79A5-4627-9641-BEFA82819B08}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
"{E5E54037-31CD-4EBD-9211-4C384F4E7E79}" = e-Safekey
"{E7EADF4C-C40F-467E-96E3-7E62C9CDC079}" = AquaSoft DiaShow 6 for YouTube
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F82C6574-AD88-4B40-A432-970BC77F1BD2}" = DesignPro 5
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F9CD0190-4A88-49B4-88C5-CFF9CD2723F0}" = OpenOffice.org 3.1
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"8461-7759-5462-8226" = Vuze
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Advanced Video FX Engine" = Advanced Video FX Engine
"APU" = CANON iMAGE GATEWAY Album Plugin Utility
"AquaSoft DiaShow 6 for YouTube" = AquaSoft DiaShow 6 for YouTube
"AquaSoft DiaShow 7 Ultimate" = AquaSoft DiaShow 7 Ultimate
"Avira AntiVir Desktop" = Avira Free Antivirus
"Benutzerhandbuch für Creative Live! Cam Notebook Pro German" = Benutzerhandbuch für Creative Live! Cam Notebook Pro (Deutsch)
"BookSmart® 3.2.5 3.2.5" = BookSmart® 3.2.5 3.2.5
"CameraWindowDC" = Canon Utilities CameraWindow DC
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon iP4600 series Brugerregistrering" = Canon iP4600 series Brugerregistrering
"Canon MX880 series Brugerregistrering" = Canon MX880 series Brugerregistrering
"Canon RAW Codec" = Canon RAW Codec
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CanonSolutionMenuEX" = Canon Solution Menu EX
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Color Efex Pro 3.0 Complete" = Color Efex Pro 3.0 Complete
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.newhope.NHProject.prod.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1" = Project ROME
"com.flashgallerycom.photoGalleryBuilder.BE456FDD426FDC61C9F8B47A33E5FBCFF9D5695C.1" = Photo Gallery Builder
"Creative Live! Cam Center" = Creative Live! Cam Center
"Creative Live! Cam Manager" = Creative Live! Cam Manager
"Dfine 2.0" = Dfine 2.0
"Digital Photo Professional" = Canon Utilities Digital Photo Professional 3.11
"Digital Signatur" = Digital Signatur
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"EOS Utility" = Canon Utilities EOS Utility
"FileZilla Client" = FileZilla Client 3.5.3
"Free Download Manager_is1" = Free Download Manager 3.9.2
"Free MP4 Video Converter_is1" = Free MP4 Video Converter version 5.0.15.706
"Hugin" = Hugin 2010.4.0
"InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}" = DesignPro 5
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MP Navigator EX 4.1" = Canon MP Navigator EX 4.1
"My Pictures Editor_is1" = Photo! 3D Album and Photo! 3D ScreenSaver 1.2
"MyCamera" = Canon Utilities MyCamera
"MyCameraDC" = Canon Utilities MyCamera DC
"Panoweaver700_std_is1" = Panoweaver Standard Edition
"Photo! Web Album_is1" = Photo! Web Album 1.2
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RemoteCaptureDC" = Canon Utilities RemoteCapture DC
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"Sharpener Pro 3.0" = Sharpener Pro 3.0
"Sierra Utilities" = Sierra Utilities
"SightSpeed" = SightSpeed (remove only)
"Silver Efex Pro" = Silver Efex Pro
"Speed Dial Utility" = Canon Tastopkaldsfunktion
"Spyder3Express" = Spyder3Express
"SysInfo" = Creative-Systeminformationen
"TeamViewer 6" = TeamViewer 6
"TiltShift.E66C440A17F1D70FFD66FDB4568328647297CFDC.1" = TiltShiftGenerator: artandmobile.com
"Viveza 2" = Viveza 2
"VLC media player" = VLC media player 1.1.9
"WFTK" = Canon Utilities WFT-E1/E2/E3 Utility
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"ZonerPhotoStudio11_DE_is1" = Zoner Photo Studio 11
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}" = WISO Steuer-Sparbuch 2013
"Dropbox" = Dropbox
"Game Organizer" = EasyBits GO
"Google Chrome" = Google Chrome
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 05.04.2013 19:01:03 | Computer Name = Sven-Pc | Source = SideBySide | ID = 16842827
Description = Aktiveringskontekstgenereringen mislykkedes for "C:\Program Files 
(x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe". Der er en fejl 
i manifestet eller politikfilen "C:\Program Files (x86)\Skype\Toolbars\Internet 
Explorer\SkypeIEPluginBroker.exe" i linje 2.  Flere requestedPrivileges-elementer 
er ikke tilladt i manifest.
 
[ System Events ]
Error - 05.04.2013 19:24:32 | Computer Name = Sven-Pc | Source = Service Control Manager | ID = 7001
Description = Tjenesten Gruppering af peer-netværk afhænger af tjenesten PNRP (Peer
 Name Resolution Protocol), der ikke kunne starte pga. følgende fejl:   %%-2140993535
 
Error - 05.04.2013 19:26:59 | Computer Name = Sven-Pc | Source = PNRPSvc | ID = 102
Description = 
 
Error - 05.04.2013 19:27:00 | Computer Name = Sven-Pc | Source = Service Control Manager | ID = 7001
Description = Tjenesten Gruppering af peer-netværk afhænger af tjenesten PNRP (Peer
 Name Resolution Protocol), der ikke kunne starte pga. følgende fejl:   %%-2140993535
 
Error - 05.04.2013 19:27:00 | Computer Name = Sven-Pc | Source = Service Control Manager | ID = 7023
Description = Tjenesten PNRP (Peer Name Resolution Protocol) blev afbrudt med følgende
 fejl:   %%-2140993535
 
Error - 05.04.2013 19:27:12 | Computer Name = Sven-Pc | Source = PNRPSvc | ID = 102
Description = 
 
Error - 05.04.2013 19:27:12 | Computer Name = Sven-Pc | Source = PNRPSvc | ID = 102
Description = 
 
Error - 05.04.2013 19:27:12 | Computer Name = Sven-Pc | Source = Service Control Manager | ID = 7023
Description = Tjenesten PNRP (Peer Name Resolution Protocol) blev afbrudt med følgende
 fejl:   %%-2140993535
 
Error - 05.04.2013 19:27:12 | Computer Name = Sven-Pc | Source = Service Control Manager | ID = 7001
Description = Tjenesten Gruppering af peer-netværk afhænger af tjenesten PNRP (Peer
 Name Resolution Protocol), der ikke kunne starte pga. følgende fejl:   %%-2140993535
 
Error - 05.04.2013 19:27:12 | Computer Name = Sven-Pc | Source = Service Control Manager | ID = 7023
Description = Tjenesten PNRP (Peer Name Resolution Protocol) blev afbrudt med følgende
 fejl:   %%-2140993535
 
Error - 05.04.2013 19:27:12 | Computer Name = Sven-Pc | Source = Service Control Manager | ID = 7001
Description = Tjenesten Gruppering af peer-netværk afhænger af tjenesten PNRP (Peer
 Name Resolution Protocol), der ikke kunne starte pga. følgende fejl:   %%-2140993535
 
 
< End of report >

und OTL.txt

Code:

ATTFilter

OTL logfile created on: 06.04.2013 01:42:14 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Downloads\Software
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Tyskland | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 0,52 Gb Available Physical Memory | 26,17% Memory free
3,98 Gb Paging File | 2,25 Gb Available in Paging File | 56,42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297,99 Gb Total Space | 49,05 Gb Free Space | 16,46% Space Free | Partition Type: NTFS
Drive G: | 29,41 Mb Total Space | 25,35 Mb Free Space | 86,19% Space Free | Partition Type: FAT
Drive H: | 14,90 Gb Total Space | 6,83 Gb Free Space | 45,83% Space Free | Partition Type: FAT32
 
Computer Name: SVEN-PC | User Name: Sven | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.04.04 21:26:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Downloads\Software\OTL.exe
PRC - [2013.03.27 17:43:12 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013.03.27 17:43:11 | 000,083,680 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\program files (x86)\avira\antivir desktop\ipmGui.exe
PRC - [2013.03.27 17:43:02 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.03.27 17:43:02 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.03.17 19:08:22 | 000,706,776 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe
PRC - [2013.03.12 09:05:50 | 029,106,336 | ---- | M] (Dropbox, Inc.) -- C:\Users\Sven\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013.02.13 13:35:34 | 001,393,744 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\mshaktuell.exe
PRC - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.12.14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.11.10 20:35:14 | 000,510,976 | ---- | M] () -- C:\ProgramData\BOINC\projects\www.enigmaathome.net\wrapper_5.32_windows_intelx86.exe
PRC - [2012.11.10 20:35:12 | 000,057,856 | ---- | M] () -- C:\ProgramData\BOINC\slots\1\enigma_0.76.exe
PRC - [2012.11.10 20:35:12 | 000,057,856 | ---- | M] () -- C:\ProgramData\BOINC\slots\0\enigma_0.76.exe
PRC - [2011.12.22 00:11:26 | 003,961,464 | ---- | M] (Eye-Fi, Inc.) -- C:\Program Files (x86)\Eye-Fi\Helper\EyeFiHelper.exe
PRC - [2011.01.27 17:51:04 | 002,253,688 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2010.11.02 21:32:28 | 000,138,440 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\NokiaInternetModem_AppStart.exe
PRC - [2010.09.14 18:09:52 | 001,213,848 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2010.07.27 02:44:03 | 000,137,680 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
PRC - [2009.12.18 11:58:28 | 000,057,344 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\nlssrv32.exe
PRC - [2009.08.11 12:19:48 | 006,798,714 | ---- | M] () -- C:\Program Files (x86)\Datacolor\Spyder3Express\Utility\Spyder3Utility.exe
PRC - [2008.08.28 19:34:14 | 013,145,448 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files (x86)\Adobe\Adobe Bridge CS4\Bridge.exe
PRC - [2006.06.09 01:11:00 | 000,024,576 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files (x86)\Creative\Creative Live! Cam\VideoFX\StartFX.exe
PRC - [2006.06.07 19:00:00 | 000,032,768 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\V0250Mon.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.02.13 13:36:30 | 002,980,944 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wcore13.dll
MOD - [2013.02.13 13:35:44 | 006,758,480 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wkont13.dll
MOD - [2013.02.13 13:35:38 | 001,313,872 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wfabu13.dll
MOD - [2013.02.13 13:35:34 | 001,393,744 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\mshaktuell.exe
MOD - [2013.02.13 13:35:30 | 002,152,528 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wfvie13.dll
MOD - [2013.02.13 13:35:29 | 001,230,848 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wimp13.dll
MOD - [2013.02.13 13:35:28 | 001,467,984 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wmain13.dll
MOD - [2013.02.13 13:35:26 | 000,136,272 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\rsodbc48.dll
MOD - [2013.02.13 13:35:25 | 001,310,800 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wwerb13.dll
MOD - [2013.02.13 13:35:24 | 001,202,768 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\whau213.dll
MOD - [2013.02.13 13:35:24 | 001,150,032 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\whau113.dll
MOD - [2013.02.13 13:35:24 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\rsdcom48.dll
MOD - [2013.02.13 13:35:23 | 004,923,984 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wbae113.dll
MOD - [2013.02.13 13:35:20 | 001,747,024 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wbae313.dll
MOD - [2013.02.13 13:35:20 | 001,556,048 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wbae413.dll
MOD - [2013.02.13 13:35:19 | 001,367,632 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wbae213.dll
MOD - [2013.02.13 13:35:06 | 008,907,856 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wgui13.dll
MOD - [2013.02.13 13:34:43 | 001,716,304 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wreli13.dll
MOD - [2013.02.13 13:34:42 | 001,604,176 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wsteu13.dll
MOD - [2013.02.13 13:34:41 | 000,321,104 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\rsguiwinapi48.dll
MOD - [2013.02.13 13:34:39 | 000,308,816 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\rscorewinapi48.dll
MOD - [2013.02.12 13:25:57 | 004,128,848 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wauff13.dll
MOD - [2013.02.12 13:03:49 | 001,041,408 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\clucene-core.dll
MOD - [2013.02.12 13:03:49 | 000,251,392 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\clucene-contribs-lib.dll
MOD - [2013.02.12 13:03:49 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\clucene-shared.dll
MOD - [2012.11.10 20:35:14 | 000,510,976 | ---- | M] () -- C:\ProgramData\BOINC\projects\www.enigmaathome.net\wrapper_5.32_windows_intelx86.exe
MOD - [2012.11.10 20:35:12 | 000,057,856 | ---- | M] () -- C:\ProgramData\BOINC\slots\1\enigma_0.76.exe
MOD - [2012.11.10 20:35:12 | 000,057,856 | ---- | M] () -- C:\ProgramData\BOINC\slots\0\enigma_0.76.exe
MOD - [2011.12.22 00:05:12 | 000,014,848 | ---- | M] () -- C:\Program Files (x86)\Eye-Fi\Helper\Locales\de\Helper.dll
MOD - [2011.12.21 23:59:12 | 000,133,120 | ---- | M] () -- C:\Program Files (x86)\Eye-Fi\Helper\libexif.dll
MOD - [2011.12.21 23:56:16 | 000,209,408 | ---- | M] () -- C:\Program Files (x86)\Eye-Fi\Helper\libopenraw.dll
MOD - [2011.09.27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.09.27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010.11.02 21:33:02 | 000,028,160 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\ressources\plugins\DiscoveryGeneric.plugin
MOD - [2010.11.02 21:33:02 | 000,017,408 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\ressources\plugins\DiscoveryNdis.plugin
MOD - [2010.11.02 21:32:30 | 001,048,064 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\wxmsw28u_core_vc_custom.dll
MOD - [2010.11.02 21:32:30 | 000,759,808 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\UIToolkit.dll
MOD - [2010.11.02 21:32:30 | 000,726,528 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\wxbase28u_vc_custom.dll
MOD - [2010.11.02 21:32:30 | 000,506,368 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\Toolkit.dll
MOD - [2010.11.02 21:32:28 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\pcre3.dll
MOD - [2010.11.02 21:32:28 | 000,138,440 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\NokiaInternetModem_AppStart.exe
MOD - [2010.11.02 21:32:28 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\Preferences.dll
MOD - [2010.11.02 21:32:26 | 000,311,296 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\Device.dll
MOD - [2010.11.02 21:32:26 | 000,246,784 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\DB.dll
MOD - [2010.11.02 21:32:26 | 000,125,952 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\Discovery.dll
MOD - [2010.11.02 21:32:26 | 000,058,880 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\DriveDetector.dll
MOD - [2010.11.02 21:32:24 | 000,088,576 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\ComCore.dll
MOD - [2009.08.11 12:19:48 | 006,798,714 | ---- | M] () -- C:\Program Files (x86)\Datacolor\Spyder3Express\Utility\Spyder3Utility.exe
MOD - [2009.08.11 12:19:48 | 000,897,024 | ---- | M] () -- C:\Program Files (x86)\Datacolor\Spyder3Express\Utility\Spyder3Utility Libs\RBScript.dll
MOD - [2009.08.11 12:19:48 | 000,762,368 | ---- | M] () -- C:\Program Files (x86)\Datacolor\Spyder3Express\Utility\Spyder3Utility Libs\XML.dll
MOD - [2009.08.11 12:19:48 | 000,335,872 | ---- | M] () -- C:\Program Files (x86)\Datacolor\Spyder3Express\Utility\Spyder3Utility Libs\CGamma.dll
MOD - [2009.08.11 12:19:48 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\Datacolor\Spyder3Express\Utility\Spyder3Utility Libs\RegEx.dll
MOD - [2009.08.11 12:19:48 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Datacolor\Spyder3Express\Utility\Spyder3Utility Libs\Appearance Pak.dll
MOD - [2009.08.11 12:19:48 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Datacolor\Spyder3Express\Utility\Spyder3Utility Libs\CSensor.dll
MOD - [2009.08.11 12:19:48 | 000,098,304 | ---- | M] () -- C:\Program Files (x86)\Datacolor\Spyder3Express\Utility\Spyder3Utility Libs\Shell.dll
MOD - [2009.08.11 12:19:48 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Datacolor\Spyder3Express\Utility\Spyder3Utility Libs\MBSRegistrationPlugin16042.dll
MOD - [2009.08.11 12:19:48 | 000,025,600 | ---- | M] () -- C:\Program Files (x86)\Datacolor\Spyder3Express\Utility\Spyder3Utility Libs\MBSPluginVersionPlugin16042.dll
MOD - [2008.08.28 16:54:56 | 000,891,904 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Bridge CS4\FileInfo.dll
MOD - [2008.08.28 16:54:56 | 000,502,272 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Bridge CS4\AdobeXMPFiles.dll
MOD - [2008.08.28 16:54:56 | 000,424,960 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Bridge CS4\AdobeXMP.dll
MOD - [2008.08.28 16:53:58 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Bridge CS4\Symlib.dll
MOD - [2008.08.28 16:47:50 | 002,748,416 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Bridge CS4\LIBMYSQLD.dll
MOD - [2006.06.09 16:48:52 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\Creative\Creative Live! Cam\VideoFX\EyeCatcherEx.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2010.04.10 19:30:35 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013.03.27 17:43:12 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.03.27 17:43:02 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.03.17 20:08:22 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.07.03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.05.29 13:25:58 | 000,080,256 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\ezGOSvc.dll -- (ezGOSvc)
SRV - [2011.01.27 17:51:04 | 002,253,688 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2010.07.27 02:44:03 | 000,137,680 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE -- (IJPLMSVC)
SRV - [2010.04.10 19:30:26 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.12.18 11:58:28 | 000,057,344 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\nlssrv32.exe -- (nlsX86cc)
SRV - [2009.10.27 09:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.03.27 17:43:15 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013.03.27 17:43:15 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013.03.27 17:43:15 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012.12.14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.08.21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.07.15 21:21:32 | 000,828,912 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.09.23 01:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010.04.22 16:07:26 | 000,098,304 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nokia_cs1x_cdc_acm.sys -- (nokia_cs1x_cdc_acm)
DRV:64bit: - [2010.04.22 16:07:26 | 000,097,280 | ---- | M] (Nokia) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nokia_cs1x_dc_enum.sys -- (nokia_cs1x_dc_enum)
DRV:64bit: - [2010.04.22 16:07:26 | 000,053,760 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nokia_cs1x_cdc_ecm.sys -- (nokia_cs1x_cdc_ecm)
DRV:64bit: - [2010.04.22 16:07:26 | 000,013,824 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nokia_cs1x_cpo.sys -- (nokia_cs1x_cpo)
DRV:64bit: - [2010.04.19 20:29:18 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2009.10.22 15:10:30 | 000,069,320 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2009.10.22 15:09:12 | 000,084,808 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2009.10.06 11:56:34 | 000,172,544 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2009.10.06 11:54:18 | 000,008,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64j.sys -- (UsbserFilt)
DRV:64bit: - [2009.10.06 11:53:56 | 000,025,088 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdcx64)
DRV:64bit: - [2009.10.06 11:53:56 | 000,008,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2009.10.06 11:53:54 | 000,018,944 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64)
DRV:64bit: - [2009.09.23 19:23:02 | 006,180,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.02 00:05:32 | 000,187,392 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2008.09.08 18:26:20 | 000,015,360 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Spyder3.sys -- (Spyder3)
DRV:64bit: - [2008.08.28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2008.06.27 07:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV:64bit: - [2006.06.27 05:17:14 | 000,219,328 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\V0250Dev.sys -- (V0250Dev)
DRV:64bit: - [2006.05.05 08:14:04 | 000,010,752 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\V0250Vfx.sys -- (V0250Vfx)
DRV:64bit: - [2005.09.24 00:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.facebook.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://dk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = da
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 73 37 CD EB C8 6E CA 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {9A06E93B-73F6-4FAA-9765-B567D0542B62}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{612A4701-C1F5-45AC-8B86-9C46516883FD}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=8CF3F8FB-5BA0-4A89-B200-3A336220F72E&apn_sauid=90D25B16-8F3F-4013-A8E3-AA320D6BE642
IE - HKCU\..\SearchScopes\{9A06E93B-73F6-4FAA-9765-B567D0542B62}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.facebook.com/|hxxp://www.fotorausch.dk/|hxxp://www.mygall.net/memberaccount.php"
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..browser.startup.homepage: "hxxp://www.hiergehtslos.de"
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/CCBPL: C:\Program Files (x86)\Canon\APU\npCCBPLFirefox.dll (Canon Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_39: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Sven\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Sven\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
 
 
[2010.05.15 22:08:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sven\AppData\Roaming\mozilla\Extensions
[2012.11.05 13:33:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sven\AppData\Roaming\mozilla\Firefox\Profiles\rfki08v6.default\extensions
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: 
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Sven\AppData\Local\Google\Chrome\Application\26.0.1410.43\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Sven\AppData\Local\Google\Chrome\Application\26.0.1410.43\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Sven\AppData\Local\Google\Chrome\Application\26.0.1410.43\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files (x86)\Canon\APU\npCCBPLFirefox.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U32 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.320.5 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - Extension: YouTube = C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google-Suche = C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Search by Image (by Google) = C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm\1.4.2_0\
CHR - Extension: Google Mail = C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2010.02.12 23:24:15 | 000,000,884 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.255.255.255 activate.adobe.com practivate.adobe.com 
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Free Download Manager) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
O2 - BHO: (Reg Error: Value error.) - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files (x86)\PicLensIE\cooliris.dll (Cooliris Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [boincmgr] C:\Program Files\BOINC\boincmgr.exe (Space Sciences Laboratory)
O4:64bit: - HKLM..\Run: [boinctray] C:\Program Files\BOINC\boinctray.exe (Space Sciences Laboratory)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVFX Engine] C:\Program Files (x86)\Creative\Creative Live! Cam\VideoFX\StartFX.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [NokiaInternetModem_AppStart.exe] C:\Program Files (x86)\Nokia\Nokia Internet Modem\NokiaInternetModem_AppStart.exe ()
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [V0250Cfg.exe] C:\Windows\V0250Cfg.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [V0250Mon.exe] C:\Windows\V0250Mon.exe (Creative Technology Ltd.)
O4 - HKCU..\Run: [AdobeBridge] C:\Program Files (x86)\Adobe\Adobe Bridge CS4\Bridge.exe (Adobe Systems, Inc.)
O4 - HKCU..\Run: [Eye-Fi] C:\Program Files (x86)\Eye-Fi\Helper\EyeFiHelper.exe (Eye-Fi, Inc.)
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe File not found
O4 - Startup: C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Sven\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk = C:\Program Files (x86)\WISO\Steuersoftware 2013\mshaktuell.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8:64bit: - Extra context menu item: Download alle med Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8:64bit: - Extra context menu item: Download med Free Download Manager - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8:64bit: - Extra context menu item: Download valgte med Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8:64bit: - Extra context menu item: Download video with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8:64bit: - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8:64bit: - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8:64bit: - Extra context menu item: Search Image on TinEye - C:\Users\Sven\Documents\TinEye IE Plugin\TinEye.js ()
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: Download alle med Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Download med Free Download Manager - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Download valgte med Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Download video with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8 - Extra context menu item: Search Image on TinEye - C:\Users\Sven\Documents\TinEye IE Plugin\TinEye.js ()
O9 - Extra Button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files (x86)\PicLensIE\cooliris.dll (Cooliris Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15:64bit: - ..Trusted Domains: danid.dk ([]http in Trusted sites)
O15:64bit: - ..Trusted Domains: danid.dk ([]https in Trusted sites)
O15 - HKLM\..Trusted Domains: danid.dk ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: danid.dk ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: danid.dk ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: danid.dk ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: danskebank.dk ([]* in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {19D6A3D5-EA50-4C3B-88F0-79627C325570} hxxp://iloapp.fotorausch.dk/gallery/executable/IlosoftMultipleImageUpload.dll (IlosoftMultipleImageCtrl Class)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} hxxp://dkbn.dk/imageuploader/ImageUploader5.cab (Image Uploader Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 1.6.0_39)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} hxxp://lads.myspace.com/upload/MySpaceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {ADACAA8F-3595-47FE-9C31-9C7471B9BEC7} hxxp://217.7.212.168/cab/OCXChecker_8320.cab (OCXDownloadChecker Control)
O16 - DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 1.6.0_39)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 1.6.0_39)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab (e-Safekey)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{45940A75-94BF-43AF-8967-DDA36A417BEF}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BF1AB261-E711-4693-8DA5-3FEF65A44F1E}: DhcpNameServer = 62.44.166.69 62.44.166.197
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DE45C950-FFDD-47DD-9CF8-4B8539479346}: DhcpNameServer = 194.239.134.83 193.162.153.164
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.04.06 01:17:37 | 000,000,000 | ---D | C] -- C:\_OTL
[2013.04.06 00:41:04 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.04.06 00:40:38 | 000,000,000 | ---D | C] -- C:\JRT
[2013.04.04 20:23:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.04.04 20:23:30 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.04.04 20:23:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.04.04 20:08:30 | 000,000,000 | ---D | C] -- C:\Users\Sven\Desktop\rkill
[2013.04.04 20:08:18 | 001,752,992 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\Sven\Desktop\Maus.exe.com
[2013.04.04 19:38:00 | 000,000,000 | ---D | C] -- C:\ProgramData\8CEB0A1989F57C4E00008CEA7D3380C2
[2013.03.27 17:43:39 | 000,130,016 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.03.27 17:43:39 | 000,100,712 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.03.27 17:43:39 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
 
========== Files - Modified Within 30 Days ==========
 
[2013.04.06 01:33:38 | 000,013,632 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.06 01:33:38 | 000,013,632 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.06 01:25:56 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.04.06 01:24:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.06 01:24:15 | 1602,985,984 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.06 01:13:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4227535391-2076138595-3690493484-1000UA.job
[2013.04.06 01:08:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.06 00:48:01 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.04.05 02:11:21 | 000,053,816 | ---- | M] () -- C:\Users\Sven\Desktop\gmer.zip
[2013.04.04 20:32:16 | 000,000,136 | ---- | M] () -- C:\Windows\SIERRA.INI
[2013.04.04 20:23:31 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.04.04 20:14:14 | 000,000,000 | ---- | M] () -- C:\Users\Sven\Desktop\Maus.exe64.com
[2013.04.04 20:08:21 | 001,752,992 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\Sven\Desktop\Maus.exe.com
[2013.04.04 19:35:33 | 000,037,722 | ---- | M] () -- C:\Users\Sven\Desktop\colorbeauty5.jpg
[2013.04.04 13:13:00 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4227535391-2076138595-3690493484-1000Core.job
[2013.04.03 22:02:14 | 001,373,392 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.04.03 22:02:14 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.04.03 22:02:14 | 000,507,212 | ---- | M] () -- C:\Windows\SysNative\perfh006.dat
[2013.04.03 22:02:14 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.04.03 22:02:14 | 000,097,474 | ---- | M] () -- C:\Windows\SysNative\perfc006.dat
[2013.04.01 21:14:13 | 000,002,362 | ---- | M] () -- C:\Users\Sven\Desktop\Google Chrome.lnk
[2013.03.31 22:31:51 | 000,760,437 | ---- | M] () -- C:\Users\Sven\Desktop\Daten-und-Fakten-2_2012.pdf
[2013.03.28 21:32:18 | 000,001,047 | ---- | M] () -- C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013.03.27 17:43:15 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.03.27 17:43:15 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.03.27 17:43:15 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013.03.25 19:00:53 | 000,004,135 | ---- | M] () -- C:\Users\Sven\Desktop\Modelrelease_de Fineartprints.pdf
[2013.03.17 20:08:21 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.03.17 20:08:21 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.03.09 02:26:09 | 000,015,384 | ---- | M] () -- C:\Users\Sven\Documents\kameraaufbau.odt
 
========== Files Created - No Company Name ==========
 
[2013.04.05 02:11:20 | 000,053,816 | ---- | C] () -- C:\Users\Sven\Desktop\gmer.zip
[2013.04.04 20:23:31 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.04.04 20:14:14 | 000,000,000 | ---- | C] () -- C:\Users\Sven\Desktop\Maus.exe64.com
[2013.04.04 19:37:54 | 000,037,722 | ---- | C] () -- C:\Users\Sven\Desktop\colorbeauty5.jpg
[2013.03.31 22:31:51 | 000,760,437 | ---- | C] () -- C:\Users\Sven\Desktop\Daten-und-Fakten-2_2012.pdf
[2013.03.25 19:00:52 | 000,004,135 | ---- | C] () -- C:\Users\Sven\Desktop\Modelrelease_de Fineartprints.pdf
[2013.03.09 02:26:08 | 000,015,384 | ---- | C] () -- C:\Users\Sven\Documents\kameraaufbau.odt
[2013.02.26 13:10:19 | 000,000,638 | ---- | C] () -- C:\Windows\wiso.ini
[2012.12.16 23:30:26 | 000,177,908 | ---- | C] () -- C:\Users\Sven\20121216-_MG_4794.jpg
[2012.12.16 23:29:54 | 000,194,379 | ---- | C] () -- C:\Users\Sven\20121216-_MG_4793.jpg
[2012.12.16 23:29:40 | 000,141,784 | ---- | C] () -- C:\Users\Sven\20121216-_MG_4792.jpg
[2012.09.09 19:16:29 | 000,000,136 | ---- | C] () -- C:\Windows\SIERRA.INI
[2011.09.26 23:06:34 | 000,019,926 | -H-- | C] () -- C:\Users\Sven\ZbThumbnail.info
[2011.07.08 21:36:21 | 000,080,256 | ---- | C] () -- C:\Windows\SysWow64\ezGOSvc.dll
[2011.06.22 21:12:06 | 000,876,278 | ---- | C] () -- C:\Users\Sven\fv.jpg
[2011.06.22 21:12:06 | 000,603,243 | ---- | C] () -- C:\Users\Sven\cxch.jpg
[2011.02.13 18:19:26 | 000,000,268 | ---- | C] () -- C:\Users\Sven\AppData\Roaming\.ptbt0
[2011.02.13 15:56:33 | 000,007,671 | ---- | C] () -- C:\Users\Sven\AppData\Local\Resmon.ResmonCfg
[2010.09.05 10:10:30 | 000,033,134 | ---- | C] () -- C:\Users\Sven\AppData\Roaming\UserTile.png
[2010.04.11 17:32:44 | 000,018,967 | ---- | C] () -- C:\Users\Sven\.recently-used.xbel
[2010.01.29 20:10:50 | 000,012,800 | ---- | C] () -- C:\Users\Sven\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.01.14 20:16:46 | 000,000,000 | ---- | C] () -- C:\Users\Sven\temp.dat
[2009.11.26 22:04:16 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >

Sven Rausch · 06.04.2013, 11:31

Zu Schritt 5

otl.txt

Code:

ATTFilter

OTL logfile created on: 06.04.2013 01:42:14 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Downloads\Software
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Tyskland | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 0,52 Gb Available Physical Memory | 26,17% Memory free
3,98 Gb Paging File | 2,25 Gb Available in Paging File | 56,42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297,99 Gb Total Space | 49,05 Gb Free Space | 16,46% Space Free | Partition Type: NTFS
Drive G: | 29,41 Mb Total Space | 25,35 Mb Free Space | 86,19% Space Free | Partition Type: FAT
Drive H: | 14,90 Gb Total Space | 6,83 Gb Free Space | 45,83% Space Free | Partition Type: FAT32
 
Computer Name: SVEN-PC | User Name: Sven | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.04.04 21:26:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Downloads\Software\OTL.exe
PRC - [2013.03.27 17:43:12 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013.03.27 17:43:11 | 000,083,680 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\program files (x86)\avira\antivir desktop\ipmGui.exe
PRC - [2013.03.27 17:43:02 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.03.27 17:43:02 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.03.17 19:08:22 | 000,706,776 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe
PRC - [2013.03.12 09:05:50 | 029,106,336 | ---- | M] (Dropbox, Inc.) -- C:\Users\Sven\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013.02.13 13:35:34 | 001,393,744 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\mshaktuell.exe
PRC - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.12.14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.11.10 20:35:14 | 000,510,976 | ---- | M] () -- C:\ProgramData\BOINC\projects\www.enigmaathome.net\wrapper_5.32_windows_intelx86.exe
PRC - [2012.11.10 20:35:12 | 000,057,856 | ---- | M] () -- C:\ProgramData\BOINC\slots\1\enigma_0.76.exe
PRC - [2012.11.10 20:35:12 | 000,057,856 | ---- | M] () -- C:\ProgramData\BOINC\slots\0\enigma_0.76.exe
PRC - [2011.12.22 00:11:26 | 003,961,464 | ---- | M] (Eye-Fi, Inc.) -- C:\Program Files (x86)\Eye-Fi\Helper\EyeFiHelper.exe
PRC - [2011.01.27 17:51:04 | 002,253,688 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2010.11.02 21:32:28 | 000,138,440 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\NokiaInternetModem_AppStart.exe
PRC - [2010.09.14 18:09:52 | 001,213,848 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2010.07.27 02:44:03 | 000,137,680 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
PRC - [2009.12.18 11:58:28 | 000,057,344 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\nlssrv32.exe
PRC - [2009.08.11 12:19:48 | 006,798,714 | ---- | M] () -- C:\Program Files (x86)\Datacolor\Spyder3Express\Utility\Spyder3Utility.exe
PRC - [2008.08.28 19:34:14 | 013,145,448 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files (x86)\Adobe\Adobe Bridge CS4\Bridge.exe
PRC - [2006.06.09 01:11:00 | 000,024,576 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files (x86)\Creative\Creative Live! Cam\VideoFX\StartFX.exe
PRC - [2006.06.07 19:00:00 | 000,032,768 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\V0250Mon.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.02.13 13:36:30 | 002,980,944 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wcore13.dll
MOD - [2013.02.13 13:35:44 | 006,758,480 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wkont13.dll
MOD - [2013.02.13 13:35:38 | 001,313,872 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wfabu13.dll
MOD - [2013.02.13 13:35:34 | 001,393,744 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\mshaktuell.exe
MOD - [2013.02.13 13:35:30 | 002,152,528 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wfvie13.dll
MOD - [2013.02.13 13:35:29 | 001,230,848 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wimp13.dll
MOD - [2013.02.13 13:35:28 | 001,467,984 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wmain13.dll
MOD - [2013.02.13 13:35:26 | 000,136,272 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\rsodbc48.dll
MOD - [2013.02.13 13:35:25 | 001,310,800 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wwerb13.dll
MOD - [2013.02.13 13:35:24 | 001,202,768 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\whau213.dll
MOD - [2013.02.13 13:35:24 | 001,150,032 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\whau113.dll
MOD - [2013.02.13 13:35:24 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\rsdcom48.dll
MOD - [2013.02.13 13:35:23 | 004,923,984 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wbae113.dll
MOD - [2013.02.13 13:35:20 | 001,747,024 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wbae313.dll
MOD - [2013.02.13 13:35:20 | 001,556,048 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wbae413.dll
MOD - [2013.02.13 13:35:19 | 001,367,632 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wbae213.dll
MOD - [2013.02.13 13:35:06 | 008,907,856 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wgui13.dll
MOD - [2013.02.13 13:34:43 | 001,716,304 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wreli13.dll
MOD - [2013.02.13 13:34:42 | 001,604,176 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wsteu13.dll
MOD - [2013.02.13 13:34:41 | 000,321,104 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\rsguiwinapi48.dll
MOD - [2013.02.13 13:34:39 | 000,308,816 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\rscorewinapi48.dll
MOD - [2013.02.12 13:25:57 | 004,128,848 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\wauff13.dll
MOD - [2013.02.12 13:03:49 | 001,041,408 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\clucene-core.dll
MOD - [2013.02.12 13:03:49 | 000,251,392 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\clucene-contribs-lib.dll
MOD - [2013.02.12 13:03:49 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\WISO\Steuersoftware 2013\clucene-shared.dll
MOD - [2012.11.10 20:35:14 | 000,510,976 | ---- | M] () -- C:\ProgramData\BOINC\projects\www.enigmaathome.net\wrapper_5.32_windows_intelx86.exe
MOD - [2012.11.10 20:35:12 | 000,057,856 | ---- | M] () -- C:\ProgramData\BOINC\slots\1\enigma_0.76.exe
MOD - [2012.11.10 20:35:12 | 000,057,856 | ---- | M] () -- C:\ProgramData\BOINC\slots\0\enigma_0.76.exe
MOD - [2011.12.22 00:05:12 | 000,014,848 | ---- | M] () -- C:\Program Files (x86)\Eye-Fi\Helper\Locales\de\Helper.dll
MOD - [2011.12.21 23:59:12 | 000,133,120 | ---- | M] () -- C:\Program Files (x86)\Eye-Fi\Helper\libexif.dll
MOD - [2011.12.21 23:56:16 | 000,209,408 | ---- | M] () -- C:\Program Files (x86)\Eye-Fi\Helper\libopenraw.dll
MOD - [2011.09.27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.09.27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010.11.02 21:33:02 | 000,028,160 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\ressources\plugins\DiscoveryGeneric.plugin
MOD - [2010.11.02 21:33:02 | 000,017,408 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\ressources\plugins\DiscoveryNdis.plugin
MOD - [2010.11.02 21:32:30 | 001,048,064 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\wxmsw28u_core_vc_custom.dll
MOD - [2010.11.02 21:32:30 | 000,759,808 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\UIToolkit.dll
MOD - [2010.11.02 21:32:30 | 000,726,528 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\wxbase28u_vc_custom.dll
MOD - [2010.11.02 21:32:30 | 000,506,368 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\Toolkit.dll
MOD - [2010.11.02 21:32:28 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\pcre3.dll
MOD - [2010.11.02 21:32:28 | 000,138,440 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\NokiaInternetModem_AppStart.exe
MOD - [2010.11.02 21:32:28 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\Preferences.dll
MOD - [2010.11.02 21:32:26 | 000,311,296 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\Device.dll
MOD - [2010.11.02 21:32:26 | 000,246,784 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\DB.dll
MOD - [2010.11.02 21:32:26 | 000,125,952 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\Discovery.dll
MOD - [2010.11.02 21:32:26 | 000,058,880 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\DriveDetector.dll
MOD - [2010.11.02 21:32:24 | 000,088,576 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Internet Modem\ComCore.dll
MOD - [2009.08.11 12:19:48 | 006,798,714 | ---- | M] () -- C:\Program Files (x86)\Datacolor\Spyder3Express\Utility\Spyder3Utility.exe
MOD - [2009.08.11 12:19:48 | 000,897,024 | ---- | M] () -- C:\Program Files (x86)\Datacolor\Spyder3Express\Utility\Spyder3Utility Libs\RBScript.dll
MOD - [2009.08.11 12:19:48 | 000,762,368 | ---- | M] () -- C:\Program Files (x86)\Datacolor\Spyder3Express\Utility\Spyder3Utility Libs\XML.dll
MOD - [2009.08.11 12:19:48 | 000,335,872 | ---- | M] () -- C:\Program Files (x86)\Datacolor\Spyder3Express\Utility\Spyder3Utility Libs\CGamma.dll
MOD - [2009.08.11 12:19:48 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\Datacolor\Spyder3Express\Utility\Spyder3Utility Libs\RegEx.dll
MOD - [2009.08.11 12:19:48 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Datacolor\Spyder3Express\Utility\Spyder3Utility Libs\Appearance Pak.dll
MOD - [2009.08.11 12:19:48 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Datacolor\Spyder3Express\Utility\Spyder3Utility Libs\CSensor.dll
MOD - [2009.08.11 12:19:48 | 000,098,304 | ---- | M] () -- C:\Program Files (x86)\Datacolor\Spyder3Express\Utility\Spyder3Utility Libs\Shell.dll
MOD - [2009.08.11 12:19:48 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Datacolor\Spyder3Express\Utility\Spyder3Utility Libs\MBSRegistrationPlugin16042.dll
MOD - [2009.08.11 12:19:48 | 000,025,600 | ---- | M] () -- C:\Program Files (x86)\Datacolor\Spyder3Express\Utility\Spyder3Utility Libs\MBSPluginVersionPlugin16042.dll
MOD - [2008.08.28 16:54:56 | 000,891,904 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Bridge CS4\FileInfo.dll
MOD - [2008.08.28 16:54:56 | 000,502,272 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Bridge CS4\AdobeXMPFiles.dll
MOD - [2008.08.28 16:54:56 | 000,424,960 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Bridge CS4\AdobeXMP.dll
MOD - [2008.08.28 16:53:58 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Bridge CS4\Symlib.dll
MOD - [2008.08.28 16:47:50 | 002,748,416 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Bridge CS4\LIBMYSQLD.dll
MOD - [2006.06.09 16:48:52 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\Creative\Creative Live! Cam\VideoFX\EyeCatcherEx.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2010.04.10 19:30:35 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013.03.27 17:43:12 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.03.27 17:43:02 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.03.17 20:08:22 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.07.03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.05.29 13:25:58 | 000,080,256 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\ezGOSvc.dll -- (ezGOSvc)
SRV - [2011.01.27 17:51:04 | 002,253,688 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2010.07.27 02:44:03 | 000,137,680 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE -- (IJPLMSVC)
SRV - [2010.04.10 19:30:26 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.12.18 11:58:28 | 000,057,344 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\nlssrv32.exe -- (nlsX86cc)
SRV - [2009.10.27 09:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.03.27 17:43:15 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013.03.27 17:43:15 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013.03.27 17:43:15 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012.12.14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.08.21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.07.15 21:21:32 | 000,828,912 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.09.23 01:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010.04.22 16:07:26 | 000,098,304 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nokia_cs1x_cdc_acm.sys -- (nokia_cs1x_cdc_acm)
DRV:64bit: - [2010.04.22 16:07:26 | 000,097,280 | ---- | M] (Nokia) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nokia_cs1x_dc_enum.sys -- (nokia_cs1x_dc_enum)
DRV:64bit: - [2010.04.22 16:07:26 | 000,053,760 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nokia_cs1x_cdc_ecm.sys -- (nokia_cs1x_cdc_ecm)
DRV:64bit: - [2010.04.22 16:07:26 | 000,013,824 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nokia_cs1x_cpo.sys -- (nokia_cs1x_cpo)
DRV:64bit: - [2010.04.19 20:29:18 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2009.10.22 15:10:30 | 000,069,320 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2009.10.22 15:09:12 | 000,084,808 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2009.10.06 11:56:34 | 000,172,544 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2009.10.06 11:54:18 | 000,008,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64j.sys -- (UsbserFilt)
DRV:64bit: - [2009.10.06 11:53:56 | 000,025,088 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdcx64)
DRV:64bit: - [2009.10.06 11:53:56 | 000,008,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2009.10.06 11:53:54 | 000,018,944 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64)
DRV:64bit: - [2009.09.23 19:23:02 | 006,180,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.02 00:05:32 | 000,187,392 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2008.09.08 18:26:20 | 000,015,360 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Spyder3.sys -- (Spyder3)
DRV:64bit: - [2008.08.28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2008.06.27 07:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV:64bit: - [2006.06.27 05:17:14 | 000,219,328 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\V0250Dev.sys -- (V0250Dev)
DRV:64bit: - [2006.05.05 08:14:04 | 000,010,752 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\V0250Vfx.sys -- (V0250Vfx)
DRV:64bit: - [2005.09.24 00:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.facebook.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://dk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = da
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 73 37 CD EB C8 6E CA 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {9A06E93B-73F6-4FAA-9765-B567D0542B62}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{612A4701-C1F5-45AC-8B86-9C46516883FD}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=8CF3F8FB-5BA0-4A89-B200-3A336220F72E&apn_sauid=90D25B16-8F3F-4013-A8E3-AA320D6BE642
IE - HKCU\..\SearchScopes\{9A06E93B-73F6-4FAA-9765-B567D0542B62}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.facebook.com/|hxxp://www.fotorausch.dk/|hxxp://www.mygall.net/memberaccount.php"
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..browser.startup.homepage: "hxxp://www.hiergehtslos.de"
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/CCBPL: C:\Program Files (x86)\Canon\APU\npCCBPLFirefox.dll (Canon Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_39: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Sven\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Sven\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
 
 
[2010.05.15 22:08:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sven\AppData\Roaming\mozilla\Extensions
[2012.11.05 13:33:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sven\AppData\Roaming\mozilla\Firefox\Profiles\rfki08v6.default\extensions
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: 
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Sven\AppData\Local\Google\Chrome\Application\26.0.1410.43\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Sven\AppData\Local\Google\Chrome\Application\26.0.1410.43\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Sven\AppData\Local\Google\Chrome\Application\26.0.1410.43\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files (x86)\Canon\APU\npCCBPLFirefox.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U32 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.320.5 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - Extension: YouTube = C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google-Suche = C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Search by Image (by Google) = C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm\1.4.2_0\
CHR - Extension: Google Mail = C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2010.02.12 23:24:15 | 000,000,884 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.255.255.255 activate.adobe.com practivate.adobe.com 
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Free Download Manager) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
O2 - BHO: (Reg Error: Value error.) - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files (x86)\PicLensIE\cooliris.dll (Cooliris Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [boincmgr] C:\Program Files\BOINC\boincmgr.exe (Space Sciences Laboratory)
O4:64bit: - HKLM..\Run: [boinctray] C:\Program Files\BOINC\boinctray.exe (Space Sciences Laboratory)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVFX Engine] C:\Program Files (x86)\Creative\Creative Live! Cam\VideoFX\StartFX.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [NokiaInternetModem_AppStart.exe] C:\Program Files (x86)\Nokia\Nokia Internet Modem\NokiaInternetModem_AppStart.exe ()
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [V0250Cfg.exe] C:\Windows\V0250Cfg.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [V0250Mon.exe] C:\Windows\V0250Mon.exe (Creative Technology Ltd.)
O4 - HKCU..\Run: [AdobeBridge] C:\Program Files (x86)\Adobe\Adobe Bridge CS4\Bridge.exe (Adobe Systems, Inc.)
O4 - HKCU..\Run: [Eye-Fi] C:\Program Files (x86)\Eye-Fi\Helper\EyeFiHelper.exe (Eye-Fi, Inc.)
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe File not found
O4 - Startup: C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Sven\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk = C:\Program Files (x86)\WISO\Steuersoftware 2013\mshaktuell.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8:64bit: - Extra context menu item: Download alle med Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8:64bit: - Extra context menu item: Download med Free Download Manager - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8:64bit: - Extra context menu item: Download valgte med Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8:64bit: - Extra context menu item: Download video with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8:64bit: - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8:64bit: - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8:64bit: - Extra context menu item: Search Image on TinEye - C:\Users\Sven\Documents\TinEye IE Plugin\TinEye.js ()
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: Download alle med Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Download med Free Download Manager - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Download valgte med Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Download video with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8 - Extra context menu item: Search Image on TinEye - C:\Users\Sven\Documents\TinEye IE Plugin\TinEye.js ()
O9 - Extra Button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files (x86)\PicLensIE\cooliris.dll (Cooliris Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15:64bit: - ..Trusted Domains: danid.dk ([]http in Trusted sites)
O15:64bit: - ..Trusted Domains: danid.dk ([]https in Trusted sites)
O15 - HKLM\..Trusted Domains: danid.dk ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: danid.dk ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: danid.dk ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: danid.dk ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: danskebank.dk ([]* in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {19D6A3D5-EA50-4C3B-88F0-79627C325570} hxxp://iloapp.fotorausch.dk/gallery/executable/IlosoftMultipleImageUpload.dll (IlosoftMultipleImageCtrl Class)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} hxxp://dkbn.dk/imageuploader/ImageUploader5.cab (Image Uploader Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 1.6.0_39)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} hxxp://lads.myspace.com/upload/MySpaceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {ADACAA8F-3595-47FE-9C31-9C7471B9BEC7} hxxp://217.7.212.168/cab/OCXChecker_8320.cab (OCXDownloadChecker Control)
O16 - DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 1.6.0_39)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 1.6.0_39)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab (e-Safekey)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{45940A75-94BF-43AF-8967-DDA36A417BEF}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BF1AB261-E711-4693-8DA5-3FEF65A44F1E}: DhcpNameServer = 62.44.166.69 62.44.166.197
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DE45C950-FFDD-47DD-9CF8-4B8539479346}: DhcpNameServer = 194.239.134.83 193.162.153.164
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.04.06 01:17:37 | 000,000,000 | ---D | C] -- C:\_OTL
[2013.04.06 00:41:04 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.04.06 00:40:38 | 000,000,000 | ---D | C] -- C:\JRT
[2013.04.04 20:23:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.04.04 20:23:30 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.04.04 20:23:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.04.04 20:08:30 | 000,000,000 | ---D | C] -- C:\Users\Sven\Desktop\rkill
[2013.04.04 20:08:18 | 001,752,992 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\Sven\Desktop\Maus.exe.com
[2013.04.04 19:38:00 | 000,000,000 | ---D | C] -- C:\ProgramData\8CEB0A1989F57C4E00008CEA7D3380C2
[2013.03.27 17:43:39 | 000,130,016 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.03.27 17:43:39 | 000,100,712 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.03.27 17:43:39 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
 
========== Files - Modified Within 30 Days ==========
 
[2013.04.06 01:33:38 | 000,013,632 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.06 01:33:38 | 000,013,632 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.06 01:25:56 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.04.06 01:24:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.06 01:24:15 | 1602,985,984 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.06 01:13:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4227535391-2076138595-3690493484-1000UA.job
[2013.04.06 01:08:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.06 00:48:01 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.04.05 02:11:21 | 000,053,816 | ---- | M] () -- C:\Users\Sven\Desktop\gmer.zip
[2013.04.04 20:32:16 | 000,000,136 | ---- | M] () -- C:\Windows\SIERRA.INI
[2013.04.04 20:23:31 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.04.04 20:14:14 | 000,000,000 | ---- | M] () -- C:\Users\Sven\Desktop\Maus.exe64.com
[2013.04.04 20:08:21 | 001,752,992 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\Sven\Desktop\Maus.exe.com
[2013.04.04 19:35:33 | 000,037,722 | ---- | M] () -- C:\Users\Sven\Desktop\colorbeauty5.jpg
[2013.04.04 13:13:00 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4227535391-2076138595-3690493484-1000Core.job
[2013.04.03 22:02:14 | 001,373,392 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.04.03 22:02:14 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.04.03 22:02:14 | 000,507,212 | ---- | M] () -- C:\Windows\SysNative\perfh006.dat
[2013.04.03 22:02:14 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.04.03 22:02:14 | 000,097,474 | ---- | M] () -- C:\Windows\SysNative\perfc006.dat
[2013.04.01 21:14:13 | 000,002,362 | ---- | M] () -- C:\Users\Sven\Desktop\Google Chrome.lnk
[2013.03.31 22:31:51 | 000,760,437 | ---- | M] () -- C:\Users\Sven\Desktop\Daten-und-Fakten-2_2012.pdf
[2013.03.28 21:32:18 | 000,001,047 | ---- | M] () -- C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013.03.27 17:43:15 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.03.27 17:43:15 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.03.27 17:43:15 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013.03.25 19:00:53 | 000,004,135 | ---- | M] () -- C:\Users\Sven\Desktop\Modelrelease_de Fineartprints.pdf
[2013.03.17 20:08:21 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.03.17 20:08:21 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.03.09 02:26:09 | 000,015,384 | ---- | M] () -- C:\Users\Sven\Documents\kameraaufbau.odt
 
========== Files Created - No Company Name ==========
 
[2013.04.05 02:11:20 | 000,053,816 | ---- | C] () -- C:\Users\Sven\Desktop\gmer.zip
[2013.04.04 20:23:31 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.04.04 20:14:14 | 000,000,000 | ---- | C] () -- C:\Users\Sven\Desktop\Maus.exe64.com
[2013.04.04 19:37:54 | 000,037,722 | ---- | C] () -- C:\Users\Sven\Desktop\colorbeauty5.jpg
[2013.03.31 22:31:51 | 000,760,437 | ---- | C] () -- C:\Users\Sven\Desktop\Daten-und-Fakten-2_2012.pdf
[2013.03.25 19:00:52 | 000,004,135 | ---- | C] () -- C:\Users\Sven\Desktop\Modelrelease_de Fineartprints.pdf
[2013.03.09 02:26:08 | 000,015,384 | ---- | C] () -- C:\Users\Sven\Documents\kameraaufbau.odt
[2013.02.26 13:10:19 | 000,000,638 | ---- | C] () -- C:\Windows\wiso.ini
[2012.12.16 23:30:26 | 000,177,908 | ---- | C] () -- C:\Users\Sven\20121216-_MG_4794.jpg
[2012.12.16 23:29:54 | 000,194,379 | ---- | C] () -- C:\Users\Sven\20121216-_MG_4793.jpg
[2012.12.16 23:29:40 | 000,141,784 | ---- | C] () -- C:\Users\Sven\20121216-_MG_4792.jpg
[2012.09.09 19:16:29 | 000,000,136 | ---- | C] () -- C:\Windows\SIERRA.INI
[2011.09.26 23:06:34 | 000,019,926 | -H-- | C] () -- C:\Users\Sven\ZbThumbnail.info
[2011.07.08 21:36:21 | 000,080,256 | ---- | C] () -- C:\Windows\SysWow64\ezGOSvc.dll
[2011.06.22 21:12:06 | 000,876,278 | ---- | C] () -- C:\Users\Sven\fv.jpg
[2011.06.22 21:12:06 | 000,603,243 | ---- | C] () -- C:\Users\Sven\cxch.jpg
[2011.02.13 18:19:26 | 000,000,268 | ---- | C] () -- C:\Users\Sven\AppData\Roaming\.ptbt0
[2011.02.13 15:56:33 | 000,007,671 | ---- | C] () -- C:\Users\Sven\AppData\Local\Resmon.ResmonCfg
[2010.09.05 10:10:30 | 000,033,134 | ---- | C] () -- C:\Users\Sven\AppData\Roaming\UserTile.png
[2010.04.11 17:32:44 | 000,018,967 | ---- | C] () -- C:\Users\Sven\.recently-used.xbel
[2010.01.29 20:10:50 | 000,012,800 | ---- | C] () -- C:\Users\Sven\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.01.14 20:16:46 | 000,000,000 | ---- | C] () -- C:\Users\Sven\temp.dat
[2009.11.26 22:04:16 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >

extras.txt

Code:

ATTFilter

OTL Extras logfile created on: 06.04.2013 01:42:14 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Downloads\Software
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Tyskland | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 0,52 Gb Available Physical Memory | 26,17% Memory free
3,98 Gb Paging File | 2,25 Gb Available in Paging File | 56,42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297,99 Gb Total Space | 49,05 Gb Free Space | 16,46% Space Free | Partition Type: NTFS
Drive G: | 29,41 Mb Total Space | 25,35 Mb Free Space | 86,19% Space Free | Partition Type: FAT
Drive H: | 14,90 Gb Total Space | 6,83 Gb Free Space | 45,83% Space Free | Partition Type: FAT32
 
Computer Name: SVEN-PC | User Name: Sven | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{080F3DAE-99CD-4CED-BC31-40FE5DA7D4EC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{0D7763AD-4E25-4A9B-A3D4-C634E945841A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{0E49E8BF-D880-4B5A-AD19-FDC76AEE4A6D}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{18B29922-6464-40F7-8830-384ADC32E891}" = rport=139 | protocol=6 | dir=out | app=system | 
"{2C421F34-3AAD-4FC7-88E6-A8A0AC2273CE}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | 
"{2E06D69A-9AA7-4808-B2B2-071809ECDF3F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{32976D50-E56A-4B8A-9A5D-17E637981C52}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{34C6492F-68B4-4665-AA80-291CB6B2C41D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{46FB5134-365E-4C87-A5F3-B4198472E143}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{5BA62470-F620-42B5-B753-E09B3D451F7B}" = rport=137 | protocol=17 | dir=out | app=system | 
"{5D7DCAC2-597A-4622-8769-7A26B5BA142E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{631EEE9C-C675-483B-B6F5-F534AA89957E}" = lport=139 | protocol=6 | dir=in | app=system | 
"{6840137C-1513-43CE-BB1B-9B41A83800D2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{6F1E3BB0-CE91-435A-ACE4-C4A08E0450BA}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{72C8463D-FA32-425E-9B79-BFE86BD41870}" = lport=445 | protocol=6 | dir=in | app=system | 
"{7B646A5C-3671-40D1-9379-1D1ED15513C8}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 | 
"{7BFCCF27-2A66-4D9D-9AB1-C1BFF4384C42}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{80495C4D-8827-45D4-8A50-050527910A5F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{84F0AFF0-0BF2-47F0-B568-B66D0C6B0678}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{9F8AF6CA-AE02-4EC6-BF35-91F7AC12FB74}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{A6062DC1-DE39-4935-B43C-5F4CB0828D6B}" = lport=137 | protocol=17 | dir=in | app=system | 
"{ACDE4067-357F-42ED-B5EA-29605F6D9210}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{AD79C4A7-72FE-4F20-9B65-606DC2B72872}" = rport=445 | protocol=6 | dir=out | app=system | 
"{B92EACAD-169D-4974-84C7-E23A7B958FD4}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{CD7F4369-0DC6-41E9-B49A-844723D0D726}" = lport=138 | protocol=17 | dir=in | app=system | 
"{E36C72B1-7AD1-4542-A677-321DFC65B87F}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{FD18EF3F-79DB-4CC7-93BF-54FB080C2C83}" = rport=138 | protocol=17 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00C79B09-7E6D-47D6-950A-3D6F6B0D7B45}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\rm.exe | 
"{05090626-A542-47A0-9E50-0C48FECEED23}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{0A9048B9-2C77-4DE6-AED2-88B7975E378B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{10286EF1-5FC8-4254-BBFF-4FAE441FE923}" = protocol=6 | dir=in | app=c:\users\sven\appdata\roaming\dropbox\bin\dropbox.exe | 
"{17CFCC9A-E6A5-4549-B3E4-529ECD8319ED}" = protocol=6 | dir=out | app=system | 
"{1E2B3CBC-5659-4D71-B035-F31A662E5274}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{27B1886D-8A5A-4946-9059-DE217C4F1BEE}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe | 
"{3193D79E-260C-4DDC-9701-1E8C80C5C7C5}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\studio.exe | 
"{33C51BF9-EC5B-4713-B0D3-34EA03CD1897}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{3F678836-B07C-4785-B51B-FBEEFB4B9052}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe | 
"{41411783-86CA-4F12-8A7D-C7D1DA45484B}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe | 
"{43204A2B-CC1E-46D3-B0F7-10B8DBF80702}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{525BA90F-9BAD-4A45-A546-0C2E90CF3318}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{56F942B6-C3EE-4EA7-B2F7-733B5C0E58F3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{5D6287A9-E1E1-4300-86A5-6F3D517FE800}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{61729FCD-34CB-499A-822A-A8EF6EC4848B}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version5\teamviewer.exe | 
"{6453FD17-D551-48D1-8946-2CF1F28C64F8}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{67CADADB-86E9-40F0-8A31-EC82D967BFEC}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\umi.exe | 
"{6A6FD1D4-A4CF-45DF-BC3C-57DF4949CF35}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{6F40AAC0-30B0-49EA-9830-9BD71CD0BD52}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{70C7E918-E6E6-4983-A726-4D64C6C58C34}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\umi.exe | 
"{7B9350ED-C215-4518-BD59-D3A07FEFB8B3}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{7EC22303-389E-4A57-AA07-6F9D008B037B}" = protocol=17 | dir=in | app=c:\users\sven\appdata\roaming\dropbox\bin\dropbox.exe | 
"{8BAF8A59-474A-4A37-BEC4-15D32D4DF43A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{92380B61-77F7-46B6-8027-A1CEB8C90355}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{9661686E-9233-4570-84EC-CB12FCC5ABFA}" = protocol=6 | dir=in | app=c:\ubisoft\silent hunter 5\sh5.exe | 
"{968D8035-5E87-42D8-BF1B-50F970118447}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{9A799DBA-C1BA-4BAF-B3F8-ABD7CB1B6C50}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe | 
"{A442D292-86D3-4193-B2A3-BD0FC958949D}" = protocol=17 | dir=in | app=c:\ubisoft\silent hunter 5\sh5.exe | 
"{A73C277D-6258-432B-933B-2342815A0045}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{AD18E185-0D7C-4142-812B-2D7EB2EF9021}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{B0FA2B43-EB72-4FAC-8F6E-5ED7716F7277}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{B39508FD-38BD-4DA4-95B3-24BE353480DD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{B5F48EC2-34A6-4A61-92E5-AB3055D22693}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{B90EF88C-1CC4-4545-A6DE-4C3B46C93B0B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{BC58FBE2-FBC3-4369-BA98-2AF24889E05D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{C37C6EA7-3AA5-434F-B3CE-C80588CBE0B8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{CD2F3662-E6B0-461B-904B-C2BC1972399B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{D1EF402A-9CBB-4009-8162-EC6527515B97}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{D6111495-32C5-4B81-B51C-F47128751042}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version5\teamviewer.exe | 
"{D7B2FFCA-052D-4BDC-AFE7-F6CFE2A16245}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\rm.exe | 
"{DD4E8701-D547-45FD-8CE5-96BCFAE888AC}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{E0E20085-D7B1-4179-AB77-80EF1C900B49}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{F87D10A7-9944-4FD8-93F2-C2B38CF70550}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe | 
"{F9A33EDD-4AA0-4D17-AEC6-1A5CC1EB0595}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe | 
"{FF2BCAC8-6E78-4A39-9BE9-BECFF2310E2B}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\studio.exe | 
"TCP Query User{BFC62941-92D5-496F-AA75-72BAADCED752}C:\program files (x86)\eye-fi\helper\eyefihelper.exe" = protocol=6 | dir=in | app=c:\program files (x86)\eye-fi\helper\eyefihelper.exe | 
"TCP Query User{C79F50E3-9A34-4C2D-967B-B31BF9069CF5}C:\program files (x86)\eye-fi\helper\eyefihelper.exe" = protocol=6 | dir=in | app=c:\program files (x86)\eye-fi\helper\eyefihelper.exe | 
"TCP Query User{CABEDEA9-B307-4A71-BFAA-8580022B8933}C:\users\sven\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\sven\appdata\roaming\dropbox\bin\dropbox.exe | 
"UDP Query User{9DE4242D-FA99-4B42-85DF-397D72F5A1E8}C:\users\sven\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\sven\appdata\roaming\dropbox\bin\dropbox.exe | 
"UDP Query User{DB8D545C-8EDE-4E40-A177-BCB5DC0D7D44}C:\program files (x86)\eye-fi\helper\eyefihelper.exe" = protocol=17 | dir=in | app=c:\program files (x86)\eye-fi\helper\eyefihelper.exe | 
"UDP Query User{EC0A3E1E-61AF-4AFC-AFC7-8ECA7D02C46E}C:\program files (x86)\eye-fi\helper\eyefihelper.exe" = protocol=17 | dir=in | app=c:\program files (x86)\eye-fi\helper\eyefihelper.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{034106B5-54B7-467F-B477-5B7DBB492624}" = Microsoft Sync Framework Services v1.0 SP1 (x64)
"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4600_series" = Canon iP4600 series Printer Driver
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX880_series" = Canon MX880 series MP Drivers
"{1AB7EDC5-D891-34C5-9FF1-BE6A85ACC44B}" = Microsoft Team Foundation Server 2010 Object Model - ENU
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{22D8AE6F-3C6B-47E8-8F04-629F23DBE978}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F86416021FF}" = Java(TM) 6 Update 21 (64-bit)
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4A8CE6D7-4D52-43B9-970B-03FC75FAD667}" = Microsoft SQL Server System CLR Types (x64)
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5EB90C06-964F-4195-B83E-BD7E55C88415}" = Pinnacle Video Treiber
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{662014D2-0450-37ED-ABAE-157C88127BEB}" = Visual Studio 2010 Prerequisites - English
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}" = MobileMe Control Panel
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8438EC02-B8A9-462D-AC72-1B521349C001}" = Microsoft Sync Framework Runtime v1.0 SP1 (x64)
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{8BADD53C-3A6D-4D22-B8C5-56ACD699C17D}" = Digital Signatur
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{AA72DFB8-BA38-49C9-B5A4-A95FD62641F8}" = BOINC
"{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}" = Microsoft SQL Server 2008 Native Client
"{C3600AE6-93A0-3DB7-B7AA-45BD58F133B5}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D0CB24F4-084F-40DE-B6B9-A03626E682F0}" = iCloud
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{D4F66BBA-D79E-4F11-9B06-70C3D75A2958}" = Adobe Photoshop Lightroom 3.6 64-bit
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{D93AC9C8-B6CF-391E-BD2F-48AF4727476C}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30411
"{DA67488A-2689-4F10-B90F-D2F6977509D6}" = Microsoft SQL Server 2008 R2 Management Objects (x64)
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5079164-1DB9-3BDA-853B-F78AF67CE071}" = Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F83E9BF0-B8D8-3D68-9E07-7505290C2202}" = Microsoft .NET Framework 4 Client Profile DAN Language Pack
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"AutopanoGiga2.5" = Kolor Autopano Giga 2.5
"Creative VF0250" = Creative Live! Cam Notebook Pro Driver (1.02.06.0627)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-driverpakke - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DAN Language Pack" = Microsoft .NET Framework 4 Client Profile DAN sprogpakke
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Team Foundation Server 2010 Object Model - ENU" = Microsoft Team Foundation Server 2010 Object Model - ENU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0DDCEC37-369C-484B-B16D-B4413FD42FB9}" = Microsoft SQL Server 2008 R2 Data-Tier Application Framework
"{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}" = Microsoft Sync Framework SDK v1.0 SP1
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java(TM) 6 Update 39
"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
"{2F3082BF-4A3B-45CA-805F-52DBBFD3C645}" = Windows Live Essentials
"{2FAA2415-618E-4EC0-8253-3CDA076C84D6}" = AquaSoft DiaShow 7 Ultimate
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3DC9BFC1-AF45-47F6-B696-28C8BEC3D12B}_is1" = Bildschutz Pro 3.01
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{49DC7D87-B9F9-4782-9386-B7F13BC75E48}" = Adobe Creative Suite 5 Design Standard
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{52FEFA2C-F1E7-44D3-8C31-BFADB45E9FC8}" = Nokia Internet Modem
"{592ED299-14EF-4C0E-93B4-B687CD5A2EBE}_is1" = posterXXL.de Bestellsoftware 4.80
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319
"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D80B6D8-C7FC-C635-B3D2-1DFE9BEE890D}" = TiltShiftGenerator: artandmobile.com
"{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution
"{6FAB7C8A-F677-41D9-8841-62D92B8002DA}" = Extensis Suitcase Fusion 3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{729A3000-BC8A-3B74-BA5D-5068FE12D70C}" = Microsoft Visual F# 2.0 Runtime
"{7764F7B0-7225-4145-82B6-2AB4540D33A6}" = Eye-Fi Center 3.4
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78C3657E-742C-40B1-9F53-E5A921D40F17}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8A8C4EAC-9AB7-45FA-9480-5716FD261030}" = Nero 7 Essentials
"{8BADD53C-3A6D-4D22-B8C5-56ACD699C17D}" = Digital Signatur
"{90170409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{91D18A92-69C2-9A7B-6662-159D8E6CBEF1}" = Project ROME
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94B8F069-F223-4F48-BC88-7104CBA77F30}" = Windows Live Messenger
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96BF7ECE-A88D-0ECF-089D-7307A160C095}" = Photo Gallery Builder
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DFDD0C5-5AC1-484B-ACF8-0F3E1041750B}_is1" = AquaSoft "DiaShow 7 für YouTube"
"{9F9BE2A8-2FA2-438E-934B-6F237B641167}" = Cooliris for Internet Explorer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB63F0FF-B184-48B4-8365-1C7C938E1177}" = KingBill 2011
"{AC61C594-5F86-4BE9-ABAF-763C6A8E2302}" = Silent Hunter 5
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.4 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{AD1C7ACE-30DC-4107-B6A7-9495D12DC846}" = TinEye Internet Explorer plugin 1.2
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BFD09E5B-6D40-4CAD-A349-103BFEF1C574}" = Windows Live Mail
"{C50EF365-2898-489A-B6C7-30DAA466E9A2}" = Nokia Connectivity Cable Driver
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{CC23FF9A-989C-4DEB-8970-50E6E4862315}" = EOSInfo
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E5AE9031-79A5-4627-9641-BEFA82819B08}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
"{E5E54037-31CD-4EBD-9211-4C384F4E7E79}" = e-Safekey
"{E7EADF4C-C40F-467E-96E3-7E62C9CDC079}" = AquaSoft DiaShow 6 for YouTube
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F82C6574-AD88-4B40-A432-970BC77F1BD2}" = DesignPro 5
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F9CD0190-4A88-49B4-88C5-CFF9CD2723F0}" = OpenOffice.org 3.1
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"8461-7759-5462-8226" = Vuze
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Advanced Video FX Engine" = Advanced Video FX Engine
"APU" = CANON iMAGE GATEWAY Album Plugin Utility
"AquaSoft DiaShow 6 for YouTube" = AquaSoft DiaShow 6 for YouTube
"AquaSoft DiaShow 7 Ultimate" = AquaSoft DiaShow 7 Ultimate
"Avira AntiVir Desktop" = Avira Free Antivirus
"Benutzerhandbuch für Creative Live! Cam Notebook Pro German" = Benutzerhandbuch für Creative Live! Cam Notebook Pro (Deutsch)
"BookSmart® 3.2.5 3.2.5" = BookSmart® 3.2.5 3.2.5
"CameraWindowDC" = Canon Utilities CameraWindow DC
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon iP4600 series Brugerregistrering" = Canon iP4600 series Brugerregistrering
"Canon MX880 series Brugerregistrering" = Canon MX880 series Brugerregistrering
"Canon RAW Codec" = Canon RAW Codec
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CanonSolutionMenuEX" = Canon Solution Menu EX
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Color Efex Pro 3.0 Complete" = Color Efex Pro 3.0 Complete
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.newhope.NHProject.prod.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1" = Project ROME
"com.flashgallerycom.photoGalleryBuilder.BE456FDD426FDC61C9F8B47A33E5FBCFF9D5695C.1" = Photo Gallery Builder
"Creative Live! Cam Center" = Creative Live! Cam Center
"Creative Live! Cam Manager" = Creative Live! Cam Manager
"Dfine 2.0" = Dfine 2.0
"Digital Photo Professional" = Canon Utilities Digital Photo Professional 3.11
"Digital Signatur" = Digital Signatur
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"EOS Utility" = Canon Utilities EOS Utility
"FileZilla Client" = FileZilla Client 3.5.3
"Free Download Manager_is1" = Free Download Manager 3.9.2
"Free MP4 Video Converter_is1" = Free MP4 Video Converter version 5.0.15.706
"Hugin" = Hugin 2010.4.0
"InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}" = DesignPro 5
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MP Navigator EX 4.1" = Canon MP Navigator EX 4.1
"My Pictures Editor_is1" = Photo! 3D Album and Photo! 3D ScreenSaver 1.2
"MyCamera" = Canon Utilities MyCamera
"MyCameraDC" = Canon Utilities MyCamera DC
"Panoweaver700_std_is1" = Panoweaver Standard Edition
"Photo! Web Album_is1" = Photo! Web Album 1.2
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RemoteCaptureDC" = Canon Utilities RemoteCapture DC
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"Sharpener Pro 3.0" = Sharpener Pro 3.0
"Sierra Utilities" = Sierra Utilities
"SightSpeed" = SightSpeed (remove only)
"Silver Efex Pro" = Silver Efex Pro
"Speed Dial Utility" = Canon Tastopkaldsfunktion
"Spyder3Express" = Spyder3Express
"SysInfo" = Creative-Systeminformationen
"TeamViewer 6" = TeamViewer 6
"TiltShift.E66C440A17F1D70FFD66FDB4568328647297CFDC.1" = TiltShiftGenerator: artandmobile.com
"Viveza 2" = Viveza 2
"VLC media player" = VLC media player 1.1.9
"WFTK" = Canon Utilities WFT-E1/E2/E3 Utility
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"ZonerPhotoStudio11_DE_is1" = Zoner Photo Studio 11
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}" = WISO Steuer-Sparbuch 2013
"Dropbox" = Dropbox
"Game Organizer" = EasyBits GO
"Google Chrome" = Google Chrome
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 05.04.2013 19:01:03 | Computer Name = Sven-Pc | Source = SideBySide | ID = 16842827
Description = Aktiveringskontekstgenereringen mislykkedes for "C:\Program Files 
(x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe". Der er en fejl 
i manifestet eller politikfilen "C:\Program Files (x86)\Skype\Toolbars\Internet 
Explorer\SkypeIEPluginBroker.exe" i linje 2.  Flere requestedPrivileges-elementer 
er ikke tilladt i manifest.
 
[ System Events ]
Error - 05.04.2013 19:24:32 | Computer Name = Sven-Pc | Source = Service Control Manager | ID = 7001
Description = Tjenesten Gruppering af peer-netværk afhænger af tjenesten PNRP (Peer
 Name Resolution Protocol), der ikke kunne starte pga. følgende fejl:   %%-2140993535
 
Error - 05.04.2013 19:26:59 | Computer Name = Sven-Pc | Source = PNRPSvc | ID = 102
Description = 
 
Error - 05.04.2013 19:27:00 | Computer Name = Sven-Pc | Source = Service Control Manager | ID = 7001
Description = Tjenesten Gruppering af peer-netværk afhænger af tjenesten PNRP (Peer
 Name Resolution Protocol), der ikke kunne starte pga. følgende fejl:   %%-2140993535
 
Error - 05.04.2013 19:27:00 | Computer Name = Sven-Pc | Source = Service Control Manager | ID = 7023
Description = Tjenesten PNRP (Peer Name Resolution Protocol) blev afbrudt med følgende
 fejl:   %%-2140993535
 
Error - 05.04.2013 19:27:12 | Computer Name = Sven-Pc | Source = PNRPSvc | ID = 102
Description = 
 
Error - 05.04.2013 19:27:12 | Computer Name = Sven-Pc | Source = PNRPSvc | ID = 102
Description = 
 
Error - 05.04.2013 19:27:12 | Computer Name = Sven-Pc | Source = Service Control Manager | ID = 7023
Description = Tjenesten PNRP (Peer Name Resolution Protocol) blev afbrudt med følgende
 fejl:   %%-2140993535
 
Error - 05.04.2013 19:27:12 | Computer Name = Sven-Pc | Source = Service Control Manager | ID = 7001
Description = Tjenesten Gruppering af peer-netværk afhænger af tjenesten PNRP (Peer
 Name Resolution Protocol), der ikke kunne starte pga. følgende fejl:   %%-2140993535
 
Error - 05.04.2013 19:27:12 | Computer Name = Sven-Pc | Source = Service Control Manager | ID = 7023
Description = Tjenesten PNRP (Peer Name Resolution Protocol) blev afbrudt med følgende
 fejl:   %%-2140993535
 
Error - 05.04.2013 19:27:12 | Computer Name = Sven-Pc | Source = Service Control Manager | ID = 7001
Description = Tjenesten Gruppering af peer-netværk afhænger af tjenesten PNRP (Peer
 Name Resolution Protocol), der ikke kunne starte pga. følgende fejl:   %%-2140993535
 
 
< End of report >

DerJazzer · 06.04.2013, 12:59

Ok, ein letzter Fix und dann kontrollieren wir alles nochmal:

Schritt 1

Fixen mit OTL

Starte bitte die OTL.exe.
Kopiere nun den Inhalt aus der Codebox in die Textbox.

Code:

ATTFilter

:OTL
FF - prefs.js..browser.startup.homepage: "http://www.hiergehtslos.de"
[2013.04.04 19:38:00 | 000,000,000 | ---D | C] -- C:\ProgramData\8CEB0A1989F57C4E00008CEA7D3380C2

Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
Schließe bitte nun alle Programme.
Klicke nun bitte auf den Fix Button.
OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
Kopiere nun den Inhalt hier in Deinen Thread

Schritt 2

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 4

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

Bitte poste in deiner nächsten Antwort

OTL-Fixlog
Malwarebytes-Log
Eset-Log
SecurityCheck-Log

Sven Rausch · 06.04.2013, 13:03

Code:

ATTFilter

========== OTL ==========
Prefs.js: "hxxp://www.hiergehtslos.de" removed from browser.startup.homepage
Folder C:\ProgramData\8CEB0A1989F57C4E00008CEA7D3380C2\ not found.
 
OTL by OldTimer - Version 3.2.69.0 log created on 04062013_140204

DerJazzer · 06.04.2013, 14:43

Ok, weiter gehts mit den anderen Programmen

Sven Rausch · 06.04.2013, 17:46

Code:

ATTFilter

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.04.04.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Sven :: SVEN-PC [Administrator]

06.04.2013 14:05:07
mbam-log-2013-04-06 (14-05-07).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 592600
Laufzeit: 2 Stunde(n), 16 Minute(n), 12 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

04.04.2013, 21:35	#4
DerJazzer /// Malwareteam	AVASoft Virenscanner Problem.... Bitte probiere GMER im Abgesicherten Modus __________________ Keep Jazzing! DerJazzer Imperare sibi maximum imperium est. ©Seneca Wenn du uns unterstützen möchtest \| http://www.anaesthesist-werden.de/

05.04.2013, 23:08	#9
DerJazzer /// Malwareteam	AVASoft Virenscanner Problem.... Ok, danke für die Info. Habe gerade editiert, nimm bitte das OTL-Skript, das jetzt oben angezeigt wird __________________ Keep Jazzing! DerJazzer Imperare sibi maximum imperium est. ©Seneca Wenn du uns unterstützen möchtest \| http://www.anaesthesist-werden.de/

06.04.2013, 14:43	#14
DerJazzer /// Malwareteam	AVASoft Virenscanner Problem.... Ok, weiter gehts mit den anderen Programmen __________________ Keep Jazzing! DerJazzer Imperare sibi maximum imperium est. ©Seneca Wenn du uns unterstützen möchtest \| http://www.anaesthesist-werden.de/

AVASoft Virenscanner Problem....

Plagegeister aller Art und deren Bekämpfung: AVASoft Virenscanner Problem....