Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: GVU Trojaner WIN 7

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 26.01.2013, 14:40   #1
Honkyy
 
GVU Trojaner WIN 7 - Standard

GVU Trojaner WIN 7



Hallo!

Leider hat mich heute der GVU Trojaner erwischt. Für Eure Hilfe bin ich dankbar!

Ich habe Antivir durchlaufen lassen. Hier das Ergebnis:


Avira Free Antivirus
Erstellungsdatum der Reportdatei: 26 Januar 2013 11:16


Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer : Avira Free Antivirus
Seriennummer : 0000149996-ADJIE-0000001
Plattform : Windows 7 Home Premium
Windowsversion : (Service Pack 1) [6.1.7601]

Versionsinformationen:
BUILD.DAT : 13.0.0.2890 48567 Bytes 05/12/2012 17:11:00
AVSCAN.EXE : 13.6.0.402 639264 Bytes 11/12/2012 14:43:26
AVSCANRC.DLL : 13.4.0.360 64800 Bytes 11/12/2012 14:43:26
LUKE.DLL : 13.6.0.400 67360 Bytes 11/12/2012 14:44:04
AVSCPLR.DLL : 13.6.0.402 93984 Bytes 10/12/2012 15:11:36
AVREG.DLL : 13.6.0.406 248096 Bytes 10/12/2012 15:11:36
avlode.dll : 13.6.1.402 428832 Bytes 10/12/2012 15:11:36
avlode.rdf : 13.0.0.26 7958 Bytes 10/12/2012 15:11:36
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 14:50:29
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14/12/2010 14:50:31
VBASE002.VDF : 7.11.19.170 14374912 Bytes 20/12/2011 14:50:34
VBASE003.VDF : 7.11.21.238 4472832 Bytes 01/02/2012 14:50:36
VBASE004.VDF : 7.11.26.44 4329472 Bytes 28/03/2012 14:50:37
VBASE005.VDF : 7.11.34.116 4034048 Bytes 29/06/2012 14:42:40
VBASE006.VDF : 7.11.41.250 4902400 Bytes 06/09/2012 14:42:40
VBASE007.VDF : 7.11.50.230 3904512 Bytes 22/11/2012 12:25:59
VBASE008.VDF : 7.11.55.142 2214912 Bytes 03/01/2013 13:14:29
VBASE009.VDF : 7.11.55.143 2048 Bytes 03/01/2013 13:14:29
VBASE010.VDF : 7.11.55.144 2048 Bytes 03/01/2013 13:14:29
VBASE011.VDF : 7.11.55.145 2048 Bytes 03/01/2013 13:14:29
VBASE012.VDF : 7.11.55.146 2048 Bytes 03/01/2013 13:14:30
VBASE013.VDF : 7.11.55.196 260096 Bytes 04/01/2013 15:04:05
VBASE014.VDF : 7.11.56.23 206848 Bytes 07/01/2013 21:08:40
VBASE015.VDF : 7.11.56.83 186880 Bytes 08/01/2013 22:58:37
VBASE016.VDF : 7.11.56.145 135168 Bytes 09/01/2013 22:03:08
VBASE017.VDF : 7.11.56.211 139776 Bytes 11/01/2013 19:39:44
VBASE018.VDF : 7.11.57.11 153088 Bytes 13/01/2013 20:37:18
VBASE019.VDF : 7.11.57.75 165888 Bytes 15/01/2013 13:38:34
VBASE020.VDF : 7.11.57.163 190976 Bytes 17/01/2013 16:23:23
VBASE021.VDF : 7.11.57.219 119808 Bytes 18/01/2013 04:21:37
VBASE022.VDF : 7.11.58.7 167936 Bytes 21/01/2013 15:47:11
VBASE023.VDF : 7.11.58.49 140288 Bytes 22/01/2013 20:22:19
VBASE024.VDF : 7.11.58.119 137728 Bytes 24/01/2013 09:42:47
VBASE025.VDF : 7.11.58.175 132608 Bytes 25/01/2013 22:25:22
VBASE026.VDF : 7.11.58.176 2048 Bytes 25/01/2013 22:25:22
VBASE027.VDF : 7.11.58.177 2048 Bytes 25/01/2013 22:25:22
VBASE028.VDF : 7.11.58.178 2048 Bytes 25/01/2013 22:25:22
VBASE029.VDF : 7.11.58.179 2048 Bytes 25/01/2013 22:25:22
VBASE030.VDF : 7.11.58.180 2048 Bytes 25/01/2013 22:25:22
VBASE031.VDF : 7.11.58.194 4608 Bytes 26/01/2013 09:23:01
Engineversion : 8.2.10.238
AEVDF.DLL : 8.1.2.10 102772 Bytes 19/09/2012 14:42:55
AESCRIPT.DLL : 8.1.4.84 467322 Bytes 24/01/2013 15:42:41
AESCN.DLL : 8.1.10.0 131445 Bytes 13/12/2012 17:50:26
AESBX.DLL : 8.2.5.12 606578 Bytes 28/08/2012 16:58:06
AERDL.DLL : 8.2.0.88 643444 Bytes 10/01/2013 13:23:36
AEPACK.DLL : 8.3.1.2 819574 Bytes 23/12/2012 12:41:56
AEOFFICE.DLL : 8.1.2.50 201084 Bytes 05/11/2012 22:14:33
AEHEUR.DLL : 8.1.4.182 5706104 Bytes 24/01/2013 15:42:41
AEHELP.DLL : 8.1.25.2 258423 Bytes 12/10/2012 15:52:32
AEGEN.DLL : 8.1.6.16 434549 Bytes 24/01/2013 15:42:39
AEEXP.DLL : 8.3.0.14 188788 Bytes 24/01/2013 15:42:41
AEEMU.DLL : 8.1.3.2 393587 Bytes 19/09/2012 14:42:55
AECORE.DLL : 8.1.30.0 201079 Bytes 13/12/2012 17:50:25
AEBB.DLL : 8.1.1.4 53619 Bytes 05/11/2012 22:14:30
AVWINLL.DLL : 13.4.0.163 25888 Bytes 19/09/2012 18:09:30
AVPREF.DLL : 13.4.0.360 50464 Bytes 11/12/2012 14:43:22
AVREP.DLL : 13.4.0.360 177952 Bytes 10/12/2012 15:11:36
AVARKT.DLL : 13.6.0.402 260384 Bytes 11/12/2012 14:43:16
AVEVTLOG.DLL : 13.6.0.400 167200 Bytes 11/12/2012 14:43:20
SQLITE3.DLL : 3.7.0.1 397088 Bytes 19/09/2012 18:17:40
AVSMTP.DLL : 13.4.0.163 62240 Bytes 19/09/2012 18:08:54
NETNT.DLL : 13.4.0.360 15648 Bytes 11/12/2012 14:44:04
RCIMAGE.DLL : 13.4.0.360 4780832 Bytes 11/12/2012 14:43:13
RCTEXT.DLL : 13.4.0.360 68384 Bytes 11/12/2012 14:43:13



Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '3226' Dateien ).


Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\' <Acer>
[0] Archivtyp: RSRC
--> C:\Program Files (x86)\Sony\Sony PC Companion\Drivers\AllSigned\x86x64\amd64\WUDFUpdate_01007.dll
[1] Archivtyp: RSRC
--> C:\Program Files (x86)\Sony\Sony PC Companion\Drivers\AllSigned\x86x64\i386\WUDFUpdate_01007.dll
[2] Archivtyp: RSRC
--> C:\Program Files (x86)\Sony\Sony PC Companion\Drivers\{2CCFFEA6-8825-42c7-A2A5-94678EFB925F}\amd64\WUDFUpdate_01007.dll
[3] Archivtyp: RSRC
--> C:\Program Files (x86)\Sony\Sony PC Companion\Drivers\{2CCFFEA6-8825-42c7-A2A5-94678EFB925F}\i386\WUDFUpdate_01007.dll
[4] Archivtyp: RSRC
--> C:\Program Files (x86)\Sony\Sony PC Companion\Drivers\{2CD1390C-A74E-434A-B652-73D3683B3BEF}\amd64\winusbcoinstaller2.dll
[5] Archivtyp: RSRC
--> C:\Program Files (x86)\Sony\Sony PC Companion\Drivers\{2CD1390C-A74E-434A-B652-73D3683B3BEF}\amd64\WUDFUpdate_01009.dll
[6] Archivtyp: RSRC
--> C:\Program Files (x86)\Sony\Sony PC Companion\Drivers\{2CD1390C-A74E-434A-B652-73D3683B3BEF}\i386\winusbcoinstaller2.dll
[7] Archivtyp: RSRC
--> C:\Program Files (x86)\Sony\Sony PC Companion\Drivers\{2CD1390C-A74E-434A-B652-73D3683B3BEF}\i386\WUDFUpdate_01009.dll
[8] Archivtyp: RSRC
--> C:\Program Files (x86)\Sony\Sony PC Companion\Drivers\{2FC12C0B-6D73-4F66-8D2D-64E907627969}\amd64\winusbcoinstaller2.dll
[9] Archivtyp: RSRC
--> C:\Program Files (x86)\Sony\Sony PC Companion\Drivers\{2FC12C0B-6D73-4F66-8D2D-64E907627969}\amd64\WUDFUpdate_01009.dll
[10] Archivtyp: RSRC
--> C:\Program Files (x86)\Sony\Sony PC Companion\Drivers\{2FC12C0B-6D73-4F66-8D2D-64E907627969}\i386\winusbcoinstaller2.dll
[11] Archivtyp: RSRC
--> C:\Program Files (x86)\Sony\Sony PC Companion\Drivers\{2FC12C0B-6D73-4F66-8D2D-64E907627969}\i386\WUDFUpdate_01009.dll
[12] Archivtyp: RSRC
--> C:\Program Files (x86)\Sony\Sony PC Companion\Drivers\{4804CEA3-DDE0-46A0-8430-54DFDE2C5EC0}\amd64\winusbcoinstaller2.dll
[13] Archivtyp: RSRC
--> C:\Program Files (x86)\Sony\Sony PC Companion\Drivers\{4804CEA3-DDE0-46A0-8430-54DFDE2C5EC0}\amd64\WUDFUpdate_01009.dll
[14] Archivtyp: RSRC
--> C:\Program Files (x86)\Sony\Sony PC Companion\Drivers\{4804CEA3-DDE0-46A0-8430-54DFDE2C5EC0}\i386\winusbcoinstaller2.dll
[15] Archivtyp: RSRC
--> C:\Program Files (x86)\Sony\Sony PC Companion\Drivers\{4804CEA3-DDE0-46A0-8430-54DFDE2C5EC0}\i386\WUDFUpdate_01009.dll
[16] Archivtyp: RSRC
--> C:\Program Files (x86)\Sony\Sony PC Companion\Drivers\{4B11437A-A1BD-4786-A0A2-916CB6DE3153}\amd64\winusbcoinstaller2.dll
[17] Archivtyp: RSRC
--> C:\Program Files (x86)\Sony\Sony PC Companion\Drivers\{4B11437A-A1BD-4786-A0A2-916CB6DE3153}\amd64\WUDFUpdate_01009.dll
[18] Archivtyp: RSRC
--> C:\Program Files (x86)\Sony\Sony PC Companion\Drivers\{4B11437A-A1BD-4786-A0A2-916CB6DE3153}\i386\winusbcoinstaller2.dll
[19] Archivtyp: RSRC
--> C:\Program Files (x86)\Sony\Sony PC Companion\Drivers\{4B11437A-A1BD-4786-A0A2-916CB6DE3153}\i386\WUDFUpdate_01009.dll
[20] Archivtyp: RSRC
--> C:\Program Files (x86)\Sony\Sony PC Companion\Drivers\{5A2F2D1B-F67A-4754-88D7-6E6F20C68D85}\amd64\winusbcoinstaller2.dll
[21] Archivtyp: RSRC
--> C:\Program Files (x86)\Sony\Sony PC Companion\Drivers\{5A2F2D1B-F67A-4754-88D7-6E6F20C68D85}\amd64\WUDFUpdate_01009.dll
[22] Archivtyp: RSRC
--> C:\Program Files (x86)\Sony\Sony PC Companion\Drivers\{5A2F2D1B-F67A-4754-88D7-6E6F20C68D85}\i386\winusbcoinstaller2.dll
[23] Archivtyp: RSRC
--> C:\Program Files (x86)\Sony\Sony PC Companion\Drivers\{5A2F2D1B-F67A-4754-88D7-6E6F20C68D85}\i386\WUDFUpdate_01009.dll
[24] Archivtyp: RSRC
--> C:\Program Files (x86)\Sony\Sony PC Companion\Drivers\{884EF9E6-97FC-41A1-9CD3-636DAAEA6035}\amd64\winusbcoinstaller2.dll
[25] Archivtyp: RSRC
--> C:\Program Files (x86)\Sony\Sony PC Companion\Drivers\{884EF9E6-97FC-41A1-9CD3-636DAAEA6035}\amd64\WUDFUpdate_01009.dll
[26] Archivtyp: RSRC
--> C:\Program Files (x86)\Sony\Sony PC Companion\Drivers\{884EF9E6-97FC-41A1-9CD3-636DAAEA6035}\i386\winusbcoinstaller2.dll
[27] Archivtyp: RSRC
--> C:\Program Files (x86)\Sony\Sony PC Companion\Drivers\{884EF9E6-97FC-41A1-9CD3-636DAAEA6035}\i386\WUDFUpdate_01009.dll
[28] Archivtyp: RSRC
--> C:\Program Files (x86)\Sony\Sony PC Companion\Drivers\{EE975EE3-08EC-4949-9C38-3A637996A670}\amd64\winusbcoinstaller2.dll
[29] Archivtyp: RSRC
--> C:\Program Files (x86)\Sony\Sony PC Companion\Drivers\{EE975EE3-08EC-4949-9C38-3A637996A670}\amd64\WUDFUpdate_01009.dll
[30] Archivtyp: RSRC
--> C:\Program Files (x86)\Sony\Sony PC Companion\Drivers\{EE975EE3-08EC-4949-9C38-3A637996A670}\i386\winusbcoinstaller2.dll
[31] Archivtyp: RSRC
--> C:\Program Files (x86)\Sony\Sony PC Companion\Drivers\{EE975EE3-08EC-4949-9C38-3A637996A670}\i386\WUDFUpdate_01009.dll
[32] Archivtyp: RSRC
--> C:\Users\Fränz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\01ZFUGOR\ed6.0_RioGrande_Signed_All_1.00.003[1].cab
[33] Archivtyp: CAB (Microsoft)
--> amd64\winusbcoinstaller2.dll
[34] Archivtyp: RSRC
--> amd64\WUDFUpdate_01009.dll
[35] Archivtyp: RSRC
--> i386\winusbcoinstaller2.dll
[36] Archivtyp: RSRC
--> C:\Users\Fränz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\01ZFUGOR\X10_GB_Signed_All_1.00.002[1].cab
[37] Archivtyp: CAB (Microsoft)
--> amd64\WUDFUpdate_01007.dll
[38] Archivtyp: RSRC
--> C:\Users\Fränz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\05U4M9KL\Blue1.0_Signed_All_1.00.001[1].cab
[39] Archivtyp: CAB (Microsoft)
--> amd64\winusbcoinstaller2.dll
[40] Archivtyp: RSRC
--> amd64\WUDFUpdate_01009.dll
[41] Archivtyp: RSRC
--> i386\winusbcoinstaller2.dll
[42] Archivtyp: RSRC
--> C:\Users\Fränz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\05U4M9KL\ed6.0_Signed_All_1.00.002[1].cab
[43] Archivtyp: CAB (Microsoft)
--> amd64\winusbcoinstaller2.dll
[44] Archivtyp: RSRC
--> amd64\WUDFUpdate_01009.dll
[45] Archivtyp: RSRC
--> i386\winusbcoinstaller2.dll
[46] Archivtyp: RSRC
--> C:\Users\Fränz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0CNUBLYW\ed4.0.1_Signed_All_1.00.002[1].cab
[47] Archivtyp: CAB (Microsoft)
--> amd64\winusbcoinstaller2.dll
[48] Archivtyp: RSRC
--> amd64\WUDFUpdate_01009.dll
[49] Archivtyp: RSRC
--> i386\winusbcoinstaller2.dll
[50] Archivtyp: RSRC
--> C:\Users\Fränz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0CNUBLYW\Lagan_Signed_All_1.00.001[1].cab
[51] Archivtyp: CAB (Microsoft)
--> amd64\winusbcoinstaller2.dll
[52] Archivtyp: RSRC
--> amd64\WUDFUpdate_01009.dll
[53] Archivtyp: RSRC
--> i386\winusbcoinstaller2.dll
[54] Archivtyp: RSRC
--> C:\Users\Fränz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HM40HWEB\Blue3.0_Signed_All_1.00.001[1].cab
[55] Archivtyp: CAB (Microsoft)
--> amd64\winusbcoinstaller2.dll
[56] Archivtyp: RSRC
--> amd64\WUDFUpdate_01009.dll
[57] Archivtyp: RSRC
--> i386\winusbcoinstaller2.dll
[58] Archivtyp: RSRC
--> C:\Users\Fränz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HM40HWEB\JDM_Signed_All_1.00.001[1].cab
[59] Archivtyp: CAB (Microsoft)
--> amd64\winusbcoinstaller2.dll
[60] Archivtyp: RSRC
--> amd64\WUDFUpdate_01009.dll
[61] Archivtyp: RSRC
--> i386\winusbcoinstaller2.dll
[62] Archivtyp: RSRC
--> C:\Users\Fränz\AppData\Roaming\Dropbox\bin\Dropbox.exe
[63] Archivtyp: RSRC
--> C:\Users\Fränz\Downloads\jxpiinstall.exe
[64] Archivtyp: Runtime Packed
--> C:\Users\Fränz\Dropbox\Flozip\ST4 64bit.zip
[65] Archivtyp: ZIP
--> ST4 64bit/SolidEdgeV104GERMAN_64Bit.exe
[WARNUNG] Die Datei konnte nicht gelesen werden!
C:\Users\Fränz\Dropbox\Flozip\ST4 64bit.zip
[WARNUNG] Die Datei konnte nicht gelesen werden!
--> C:\Users\Henner\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\23c04fd9-5d6f3ad6
[65] Archivtyp: ZIP
--> MYLzX.class
[FUND] Enthält Erkennungsmuster des Exploits EXP/2012-1723.GG
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
--> YeIUXV.class
[FUND] Enthält Erkennungsmuster des Exploits EXP/2012-1723.HV
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
C:\Users\Henner\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\23c04fd9-5d6f3ad6
[FUND] Enthält Erkennungsmuster des Exploits EXP/2012-1723.HV
Beginne mit der Suche in 'D:\' <DATA>

Beginne mit der Desinfektion:
C:\Users\Henner\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\23c04fd9-5d6f3ad6
[FUND] Enthält Erkennungsmuster des Exploits EXP/2012-1723.HV
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '40197a59.qua' verschoben!


Typ: Datei
Quelle: C:\Users\Henner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ZHQZNRKV\Background.Football[1].htm
Status: Infiziert
Quarantäne-Objekt: 41ce1202.qua
Wiederhergestellt: NEIN
Zu Avira hochgeladen: NEIN
Betriebssystem: Windows XP/VISTA Workstation/Windows 7
Suchengine: 8.02.10.238
Virendefinitionsdatei: 7.11.58.194
Meldung: EXP/CVE-2011-3402.C
Datum/Uhrzeit: 26/01/2013, 10:30

Typ: Datei
Quelle: C:\Users\Henner\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\23c04fd9-5d6f3ad6
Status: Infiziert
Quarantäne-Objekt: 40197a59.qua
Wiederhergestellt: NEIN
Zu Avira hochgeladen: JA
Betriebssystem: Windows XP/VISTA Workstation/Windows 7
Suchengine: 8.02.10.238
Virendefinitionsdatei: 7.11.58.194
Meldung: EXP/2012-1723.HV
Datum/Uhrzeit: 26/01/2013, 14:30

OTLOTL Logfile:
Code:
ATTFilter
OTL logfile created on: 26/01/2013 14:54:13 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Fränz\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd/MM/yyyy
 
3,86 Gb Total Physical Memory | 1,39 Gb Available Physical Memory | 36,10% Memory free
7,71 Gb Paging File | 4,27 Gb Available in Paging File | 55,38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 339,23 Gb Total Space | 240,27 Gb Free Space | 70,83% Space Free | Partition Type: NTFS
Drive D: | 339,77 Gb Total Space | 249,24 Gb Free Space | 73,36% Space Free | Partition Type: NTFS
Drive E: | 6,38 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive G: | 1,88 Gb Total Space | 0,18 Gb Free Space | 9,73% Space Free | Partition Type: FAT
 
Computer Name: FRÄNZ-LAPTOP | User Name: Fränz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013/01/26 14:53:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Fränz\Desktop\OTL.exe
PRC - [2013/01/19 05:30:35 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/12/20 18:44:32 | 000,844,296 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012/12/20 18:44:28 | 000,310,280 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2012/12/20 18:44:26 | 001,476,104 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
PRC - [2012/12/18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/12/11 15:44:04 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012/12/11 15:43:26 | 000,639,264 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
PRC - [2012/12/11 15:43:21 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/12/11 15:43:20 | 000,384,800 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/12/11 15:43:18 | 000,387,360 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
PRC - [2012/11/30 03:06:58 | 001,263,512 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2012/09/12 11:17:12 | 000,445,624 | ---- | M] (Sony) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
PRC - [2012/07/17 15:14:08 | 000,132,056 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe
PRC - [2012/06/11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
PRC - [2012/04/30 10:57:42 | 000,067,072 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
PRC - [2012/02/27 04:52:20 | 000,038,248 | ---- | M] (Mindjet) -- C:\Program Files (x86)\Mindjet\MindManager 10\MmReminderService.exe
PRC - [2011/07/01 03:51:13 | 000,418,896 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe
PRC - [2011/07/01 03:51:12 | 000,343,632 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2011/07/01 03:51:11 | 000,353,360 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2011/07/01 03:51:10 | 001,103,440 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2011/05/30 03:54:14 | 000,036,456 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
PRC - [2011/05/20 09:10:26 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/05/12 06:04:12 | 000,723,560 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
PRC - [2011/04/24 02:29:20 | 000,256,832 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
PRC - [2011/04/24 02:28:38 | 000,297,280 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
PRC - [2011/04/22 17:44:14 | 000,244,624 | ---- | M] (Acer Incorporated) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe
PRC - [2011/02/01 22:41:24 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011/02/01 22:41:20 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010/12/27 09:30:22 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
PRC - [2010/11/17 02:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010/05/20 15:26:26 | 000,119,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
PRC - [2010/01/30 00:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013/01/20 13:42:30 | 000,122,880 | ---- | M] () -- C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox\components\CitaviPickerCommunication.dll
MOD - [2013/01/19 05:30:35 | 003,022,232 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/11/30 03:07:48 | 000,100,248 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2012/11/30 03:06:58 | 001,263,512 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2012/11/07 16:25:36 | 000,204,288 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
MOD - [2012/09/19 19:17:40 | 000,397,088 | ---- | M] () -- C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2012/04/30 10:57:42 | 000,067,072 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
MOD - [2012/04/30 10:57:42 | 000,039,936 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
MOD - [2012/02/27 04:51:34 | 000,151,376 | ---- | M] () -- C:\Program Files (x86)\Mindjet\MindManager 10\zlib.dll
MOD - [2011/04/24 02:29:56 | 000,465,640 | ---- | M] () -- C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2011/03/13 19:45:12 | 000,158,832 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2011/03/13 19:37:06 | 000,197,960 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2011/01/28 02:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2010/12/17 00:18:08 | 000,198,784 | ---- | M] (Conexant Systems Inc.) [Auto | Running] -- C:\Windows\SysNative\CxAudMsg64.exe -- (CxAudMsg)
SRV - [2013/01/19 05:30:35 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/01/09 00:47:31 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/12/11 15:44:04 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/12/11 15:43:21 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/11/09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/09/27 07:45:14 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/07/17 15:14:08 | 000,132,056 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe -- (Norton PC Checkup Application Launcher)
SRV - [2012/06/11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe -- (BBUpdate)
SRV - [2012/06/11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe -- (BBSvc)
SRV - [2012/01/18 13:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2011/07/01 03:51:11 | 000,353,360 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2011/06/21 20:55:04 | 000,173,424 | ---- | M] (Egis Technology Inc. ) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service)
SRV - [2011/05/30 03:54:14 | 000,036,456 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2011/05/20 09:10:26 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011/05/02 13:27:50 | 001,517,328 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2011/05/02 13:13:54 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV - [2011/05/02 13:10:26 | 000,844,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2011/04/24 02:29:20 | 000,256,832 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2011/04/22 17:44:14 | 000,244,624 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service)
SRV - [2011/03/29 05:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2011/03/28 08:41:00 | 000,799,848 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer PowerSmart Manager\ePowerSvc.exe -- (ePowerSvc)
SRV - [2011/02/01 22:41:24 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/02/01 22:41:20 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/12/27 09:30:22 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2010/11/29 14:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Programme\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV - [2010/10/22 13:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/10/12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/09/23 02:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010/06/01 23:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010/05/20 15:26:28 | 000,199,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010/01/30 00:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2010/01/09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012/12/11 15:44:07 | 000,129,216 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012/12/11 15:44:07 | 000,099,912 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012/11/29 20:55:33 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/09/24 09:58:11 | 000,027,800 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012/09/20 05:35:36 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012/09/20 05:35:36 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/04/11 12:20:15 | 000,062,776 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2012/04/11 12:20:15 | 000,022,648 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2012/04/11 12:20:15 | 000,020,520 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/09/20 11:02:55 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2011/09/20 11:02:55 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2011/07/14 06:35:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/07/14 06:35:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/06/24 04:22:04 | 001,591,936 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2011/06/21 14:19:14 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2011/06/21 14:19:12 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2011/06/10 19:16:08 | 012,230,912 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/05/20 08:53:44 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/05/01 07:33:06 | 008,593,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011/04/05 12:26:26 | 000,142,632 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2011/03/13 19:20:10 | 000,639,216 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2011/03/13 19:20:10 | 000,481,376 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2011/03/13 19:20:10 | 000,281,928 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2011/03/13 19:20:10 | 000,156,792 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2011/03/13 19:20:10 | 000,098,728 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2011/02/21 08:30:54 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011/02/10 07:52:34 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011/02/10 07:52:34 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2011/01/12 09:10:44 | 000,333,928 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2010/11/29 14:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010/11/21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/08 05:44:40 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010/10/20 01:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/10/15 09:28:17 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/01/29 01:04:38 | 000,036,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nx6000.sys -- (MSHUSBVideo)
DRV:64bit: - [2009/08/13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/09 03:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "www.Zeit.de"
FF - prefs.js..extensions.enabledAddons: DivXWebPlayer%40divx.com:2.0.2.039
FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.145
FF - prefs.js..extensions.enabledAddons: %7B01A8CA0A-4C96-465b-A49B-65C46FAD54F9%7D:6.0
FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.4.3
FF - prefs.js..extensions.enabledAddons: firefox%40unfriendfinder.com:41.997
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.6
FF - prefs.js..extensions.enabledAddons: %7B8AA36F4F-6DC7-4c06-77AF-5035170634FE%7D:2012.09.13
FF - prefs.js..extensions.enabledAddons: %7Ba95d8332-e4b4-6e7f-98ac-20b733364387%7D:0.6.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - prefs.js..extensions.enabledItems: {4ED1F68A-5463-4931-9384-8FFF5ED91D92}:3.5.0
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012/11/05 22:35:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/11/09 22:12:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/11/16 21:40:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2012/11/29 21:38:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}: C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2012/12/12 14:50:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/01/19 05:30:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/01/19 05:30:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013/01/09 11:01:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/11/16 21:40:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/01/19 05:30:35 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/01/19 05:30:33 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013/01/09 11:01:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
 
[2012/11/07 13:54:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fränz\AppData\Roaming\mozilla\Extensions
[2013/01/23 12:31:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fränz\AppData\Roaming\mozilla\Firefox\Profiles\7qmn0jed.default\extensions
[2012/12/30 19:49:38 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Fränz\AppData\Roaming\mozilla\Firefox\Profiles\7qmn0jed.default\extensions\ich@maltegoetz.de
[2012/11/09 22:09:21 | 000,550,833 | ---- | M] () (No name found) -- C:\Users\Fränz\AppData\Roaming\mozilla\firefox\profiles\7qmn0jed.default\extensions\DivXWebPlayer@divx.com.xpi
[2012/12/31 13:59:06 | 000,351,151 | ---- | M] () (No name found) -- C:\Users\Fränz\AppData\Roaming\mozilla\firefox\profiles\7qmn0jed.default\extensions\firefox@unfriendfinder.com.xpi
[2013/01/23 12:31:17 | 000,056,640 | ---- | M] () (No name found) -- C:\Users\Fränz\AppData\Roaming\mozilla\firefox\profiles\7qmn0jed.default\extensions\{a95d8332-e4b4-6e7f-98ac-20b733364387}.xpi
[2012/11/23 15:14:25 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\Fränz\AppData\Roaming\mozilla\firefox\profiles\7qmn0jed.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/01/16 20:34:39 | 000,266,840 | ---- | M] () (No name found) -- C:\Users\Fränz\AppData\Roaming\mozilla\firefox\profiles\7qmn0jed.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2013/01/19 05:30:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012/11/29 21:38:24 | 000,000,000 | ---D | M] (Adobe Contribute Toolbar) -- C:\PROGRAM FILES (X86)\ADOBE CONTRIBUTE CS5\PLUGINS\FIREFOXPLUGIN\{01A8CA0A-4C96-465B-A49B-65C46FAD54F9}
[2012/11/09 22:12:04 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2012/12/12 14:50:37 | 000,000,000 | ---D | M] (Citavi Picker) -- C:\PROGRAMDATA\SWISS ACADEMIC SOFTWARE\CITAVI PICKER\FIREFOX
File not found (No name found) -- C:\USERS\FRäNZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7QMN0JED.DEFAULT\EXTENSIONS\{A95D8332-E4B4-6E7F-98AC-20B733364387}.XPI
File not found (No name found) -- C:\USERS\FRäNZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7QMN0JED.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}.XPI
File not found (No name found) -- C:\USERS\FRäNZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7QMN0JED.DEFAULT\EXTENSIONS\DIVXWEBPLAYER@DIVX.COM.XPI
File not found (No name found) -- C:\USERS\FRäNZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7QMN0JED.DEFAULT\EXTENSIONS\FIREFOX@UNFRIENDFINDER.COM.XPI
File not found (No name found) -- C:\USERS\FRäNZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7QMN0JED.DEFAULT\EXTENSIONS\ICH@MALTEGOETZ.DE
[2013/01/19 05:30:35 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/10/24 23:03:12 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/10/24 23:03:11 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/10/24 23:03:12 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012/10/24 23:03:12 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/10/24 23:03:12 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/10/24 23:03:11 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2012/11/29 21:11:33 | 000,001,364 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1				activate.adobe.com
O1 - Hosts: 127.0.0.1				practivate.adobe.com
O1 - Hosts: 127.0.0.1				192.168.112.2O7.net
O1 - Hosts: 127.0.0.1				ereg.adobe.com
O1 - Hosts: 127.0.0.1				activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1				3dns-3.adobe.com
O1 - Hosts: 127.0.0.1				3dns-2.adobe.com
O1 - Hosts: 127.0.0.1				adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1				adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1				ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1				adobeereg.com
O1 - Hosts: 127.0.0.1				Registration
O1 - Hosts: 127.0.0.1				activate-sea.adobe.com
O1 - Hosts: 127.0.0.1				activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1				wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1				192.150.18.108
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (no name) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - No CLSID value found.
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (CmjBrowserHelperObject Object) - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - No CLSID value found.
O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [OOTag] C:\Program Files (x86)\Acer\OOBEOffer\ootag.exe (Microsoft)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Power Management] C:\Programme\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Dolby Home Theater v4] C:\Dolby PCEE4\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [MMReminderService] C:\Program Files (x86)\Mindjet\MindManager 10\MMReminderService.exe (Mindjet)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [OOTag] C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe (Microsoft)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [DAEMON Tools Lite] "J:\Festplatte\Programme\DAEMON Tools Lite\DTLite.exe" -autorun File not found
O4 - HKCU..\Run: [Sony PC Companion] C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (Sony)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Send Image To MindManager - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O8:64bit: - Extra context menu item: Send Link To MindManager - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O8:64bit: - Extra context menu item: Send Page To MindManager - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O8:64bit: - Extra context menu item: Send Text To MindManager - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Send Image To MindManager - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O8 - Extra context menu item: Send Link To MindManager - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O8 - Extra context menu item: Send Page To MindManager - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O8 - Extra context menu item: Send Text To MindManager - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to Mindjet MindManager - {2F72393D-2472-4F82-B600-ED77F354B7FF} - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E9326996-06D4-4DB3-A26D-9C1A403B10D1}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/03/06 19:00:54 | 000,131,720 | R--- | M] (InstallShield Software Corporation) - E:\autorun.exe -- [ UDF ]
O32 - AutoRun File - [2008/02/22 16:08:27 | 000,058,601 | R--- | M] () - E:\autorun.ico -- [ UDF ]
O32 - AutoRun File - [2008/02/22 16:08:27 | 000,000,047 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2008/02/22 16:08:44 | 000,000,382 | R--- | M] () - E:\autorun.ini -- [ UDF ]
O32 - Unable to obtain root file information for disk G:\
O33 - MountPoints2\{4f7e4448-086e-11e2-a508-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{4f7e4448-086e-11e2-a508-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe -- [2008/03/06 19:00:54 | 000,131,720 | R--- | M] (InstallShield Software Corporation)
O33 - MountPoints2\{95cba820-3a54-11e2-a4d9-dc0ea12e6964}\Shell - "" = AutoRun
O33 - MountPoints2\{95cba820-3a54-11e2-a4d9-dc0ea12e6964}\Shell\AutoRun\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{95cba820-3a54-11e2-a4d9-dc0ea12e6964}\Shell\configure\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{95cba820-3a54-11e2-a4d9-dc0ea12e6964}\Shell\install\command - "" = F:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/01/26 14:53:28 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Fränz\Desktop\OTL.exe
[2013/01/26 00:38:40 | 000,000,000 | ---D | C] -- C:\Users\Fränz\Desktop\Wirtschaftsprivatrecht
[2013/01/25 02:03:41 | 000,000,000 | ---D | C] -- C:\Users\Fränz\Desktop\CByeByeMaxiUnofficaltrYmewarez
[2013/01/24 15:33:52 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2013/01/20 15:59:37 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\NativeFus_Log
[2013/01/20 15:58:57 | 000,203,104 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudmdm.sys
[2013/01/20 15:58:57 | 000,102,368 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudbus.sys
[2013/01/20 15:58:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
[2013/01/20 15:57:57 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\SysWow64\Redemption.dll
[2013/01/20 15:57:44 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\Windows\SysWow64\dgderapi.dll
[2013/01/20 15:57:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung
[2013/01/20 15:57:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2013/01/20 15:50:13 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/01/20 13:29:31 | 000,000,000 | ---D | C] -- C:\Users\Fränz\Desktop\Konstruktion I
[2013/01/20 13:13:58 | 000,000,000 | ---D | C] -- C:\Users\Fränz\Desktop\Hausaufgabe 2
[2013/01/20 11:31:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton PC Checkup 3.0
[2013/01/20 11:30:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton PC Checkup 3.0
[2013/01/20 11:30:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2013/01/19 20:31:37 | 000,000,000 | ---D | C] -- C:\Users\Fränz\AppData\Local\{A87D4020-576E-44AB-8D0B-8D61C9A7DD2F}
[2013/01/19 20:31:37 | 000,000,000 | ---D | C] -- C:\Users\Fränz\AppData\Local\{532F5448-BD2D-4F05-A88B-C4F7FAAD96DC}
[2013/01/19 05:30:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/01/16 12:32:47 | 000,000,000 | ---D | C] -- C:\Users\Fränz\Desktop\Keine Panik vor Thermodynamik
[2013/01/16 11:16:33 | 000,000,000 | ---D | C] -- C:\Users\Fränz\Desktop\Fotos New York
[2013/01/14 17:02:06 | 000,000,000 | ---D | C] -- C:\Users\Fränz\Desktop\Fotostrecke Flip-Charts
[2013/01/11 22:17:51 | 000,000,000 | ---D | C] -- C:\Users\Fränz\AppData\Roaming\dvdcss
[2013/01/09 14:25:18 | 000,000,000 | ---D | C] -- C:\Users\Fränz\Desktop\Grundlagenseminare
[2013/01/09 11:01:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2013/01/09 09:54:51 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013/01/09 09:54:51 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013/01/09 09:54:41 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2013/01/09 09:54:41 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013/01/09 09:54:38 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2013/01/09 09:54:38 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2013/01/09 09:54:38 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2013/01/09 09:54:38 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2013/01/09 09:54:38 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2013/01/09 09:54:38 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2013/01/09 09:54:38 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2013/01/09 09:54:38 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2013/01/09 09:54:38 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2013/01/09 09:54:38 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2013/01/09 09:54:38 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2013/01/09 09:54:38 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2013/01/09 09:54:38 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2013/01/09 09:54:38 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2013/01/09 09:54:37 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2013/01/09 09:54:37 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2013/01/09 09:54:37 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2013/01/09 09:54:37 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2013/01/09 09:54:37 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2013/01/09 09:54:37 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2013/01/09 09:54:37 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2013/01/09 09:54:37 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2013/01/09 09:54:37 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2013/01/09 09:54:37 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2013/01/09 09:54:37 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2013/01/09 09:54:37 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2013/01/09 09:54:37 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2013/01/09 09:54:37 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2013/01/09 09:54:37 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2013/01/09 09:54:37 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2013/01/09 09:54:37 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2013/01/09 09:54:37 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2013/01/09 09:54:14 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013/01/09 09:54:14 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013/01/09 09:54:14 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013/01/09 09:54:14 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013/01/09 09:54:14 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013/01/09 09:54:14 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013/01/09 09:54:14 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013/01/09 09:54:14 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013/01/09 09:54:14 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013/01/09 09:54:14 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013/01/09 09:54:14 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013/01/09 09:54:14 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013/01/09 09:54:14 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013/01/09 09:54:14 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013/01/09 09:54:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/01/09 09:54:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/01/09 09:54:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013/01/09 09:54:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013/01/09 09:54:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013/01/09 09:54:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013/01/09 09:54:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/01/09 09:54:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013/01/09 09:54:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013/01/09 09:54:13 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013/01/09 09:54:13 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013/01/09 09:54:13 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013/01/09 09:54:13 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013/01/09 09:54:13 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013/01/09 09:54:13 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013/01/09 09:54:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013/01/09 09:54:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013/01/09 09:54:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013/01/09 09:54:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013/01/09 09:54:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013/01/09 09:54:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013/01/09 09:54:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013/01/09 09:53:56 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2013/01/07 23:06:17 | 000,000,000 | ---D | C] -- C:\Users\Fränz\AppData\Roaming\InstallShield
[2013/01/07 15:22:29 | 000,000,000 | ---D | C] -- C:\Users\Fränz\Desktop\VL Projektmanagement WS 2012-13
[2013/01/07 14:58:37 | 000,000,000 | ---D | C] -- C:\Users\Fränz\AppData\Roaming\Ubisoft
[2013/01/07 14:56:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft
[2013/01/07 14:54:19 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2013/01/07 14:54:19 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2013/01/07 14:54:18 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2013/01/07 14:54:18 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2013/01/07 14:54:18 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2013/01/07 14:54:18 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2013/01/07 14:54:18 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2013/01/07 14:54:18 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2013/01/07 14:54:17 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2013/01/07 14:54:17 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2013/01/07 14:54:16 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2013/01/07 14:54:16 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2013/01/07 14:54:16 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2013/01/07 14:54:16 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2013/01/07 14:54:16 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2013/01/07 14:54:16 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2013/01/07 14:54:16 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2013/01/07 14:54:16 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2013/01/07 14:54:16 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2013/01/07 14:54:16 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2013/01/07 14:54:15 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2013/01/07 14:54:15 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2013/01/07 14:54:15 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2013/01/07 14:54:15 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2013/01/07 14:54:15 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2013/01/07 14:54:15 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2013/01/06 18:49:02 | 000,000,000 | ---D | C] -- C:\Users\Fränz\Desktop\material für walter
[2013/01/06 18:49:02 | 000,000,000 | ---D | C] -- C:\Users\Fränz\Desktop\material für die tn vom gls i
[2013/01/06 18:43:50 | 000,000,000 | ---D | C] -- C:\Users\Fränz\Desktop\Weiteres
[2013/01/06 18:38:21 | 000,000,000 | ---D | C] -- C:\Users\Fränz\Desktop\Selbstwert und Selbstwirksamkeit
[2013/01/06 09:25:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
[2013/01/06 09:25:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony
[2013/01/06 09:25:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
[2013/01/05 16:18:59 | 000,000,000 | ---D | C] -- C:\Users\Fränz\Desktop\WPR
[2013/01/03 20:27:45 | 000,000,000 | ---D | C] -- C:\Users\Fränz\Documents\ToDos
[2013/01/03 16:57:16 | 000,000,000 | ---D | C] -- C:\Users\Fränz\Application Data
[2013/01/03 15:09:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2012/12/29 12:29:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avanquest update
[2012/12/29 12:29:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Avanquest
 
========== Files - Modified Within 30 Days ==========
 
[2013/01/26 14:58:47 | 095,023,320 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2013/01/26 14:53:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Fränz\Desktop\OTL.exe
[2013/01/26 14:47:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/26 10:29:42 | 000,002,915 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.js
[2013/01/26 10:29:42 | 000,000,159 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.reg
[2013/01/26 10:29:42 | 000,000,067 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.bat
[2013/01/26 10:29:17 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/26 10:29:17 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/26 10:27:04 | 001,612,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/01/26 10:27:04 | 000,696,870 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013/01/26 10:27:04 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/01/26 10:27:04 | 000,148,134 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013/01/26 10:27:04 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/01/26 10:21:55 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2013/01/26 10:21:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/26 10:21:10 | 3104,722,944 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/26 02:03:56 | 001,405,658 | ---- | M] () -- C:\Users\Fränz\Desktop\tafeln-sbf-see.pdf
[2013/01/26 02:03:49 | 000,212,374 | ---- | M] () -- C:\Users\Fränz\Desktop\praktische-pruefung-sportbootfuehrerschein-see-ab-mai-2012.pdf
[2013/01/26 02:00:01 | 000,917,201 | ---- | M] () -- C:\Users\Fränz\Desktop\Fragenkatalog-See-Mai-2012.pdf
[2013/01/26 01:13:10 | 000,156,160 | ---- | M] () -- C:\Users\Fränz\Desktop\Schallsignale_Schulung.pps
[2013/01/26 01:13:07 | 000,316,416 | ---- | M] () -- C:\Users\Fränz\Desktop\Verkehrszeichen_Schulung.pps
[2013/01/26 01:13:03 | 001,041,920 | ---- | M] () -- C:\Users\Fränz\Desktop\Praxis_des_Segelns_Schulung.pps
[2013/01/26 01:12:44 | 001,432,064 | ---- | M] () -- C:\Users\Fränz\Desktop\Wegerecht_Schulung.pps
[2013/01/26 00:14:50 | 006,819,143 | ---- | M] () -- C:\Users\Fränz\Desktop\VID-20130125-00012.3GP
[2013/01/26 00:04:35 | 008,267,054 | ---- | M] () -- C:\Users\Fränz\Desktop\VID-20130125-00009.3GP
[2013/01/25 20:32:12 | 000,044,635 | ---- | M] () -- C:\Users\Fränz\Desktop\BVG.de - Fahrplanauskunft.pdf
[2013/01/25 04:58:55 | 000,000,173 | ---- | M] () -- C:\Users\Fränz\AppData\Local\msmathematics.qat.Fränz
[2013/01/25 01:58:34 | 031,165,163 | ---- | M] () -- C:\Users\Fränz\Desktop\CByeByeMaxiUnofficaltrYmewarez.zip
[2013/01/24 22:58:59 | 002,959,867 | ---- | M] () -- C:\Users\Fränz\Desktop\Vorlesung_LO_WS12_13_16102012_Kompatibilitaetsmodus_.pdf
[2013/01/21 23:08:30 | 000,039,496 | ---- | M] () -- C:\Users\Fränz\Desktop\550052_522660267766295_205696153_n.jpg
[2013/01/21 22:56:50 | 000,011,789 | ---- | M] () -- C:\Users\Fränz\Desktop\399405_10151093813300676_1861637810_n.jpg
[2013/01/20 23:50:26 | 000,030,278 | ---- | M] () -- C:\Users\Fränz\Desktop\1Termine-Nielsen.pdf
[2013/01/20 15:54:46 | 001,590,378 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/01/20 15:40:52 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/01/20 13:42:31 | 000,002,120 | ---- | M] () -- C:\Users\Public\Desktop\Citavi 3.lnk
[2013/01/20 11:31:06 | 000,001,189 | ---- | M] () -- C:\Users\Public\Desktop\Norton PC Checkup 3.0.lnk
[2013/01/18 19:53:49 | 273,720,374 | R--- | M] () -- C:\Users\Fränz\Desktop\tk_hv_2013_01_18.mp4
[2013/01/18 11:09:28 | 002,481,271 | ---- | M] () -- C:\Users\Fränz\Desktop\Get-Together WS 2012-2013.pdf
[2013/01/17 21:12:13 | 000,365,847 | ---- | M] () -- C:\Users\Fränz\Desktop\Toolbox.pdf
[2013/01/17 21:02:19 | 001,777,815 | ---- | M] () -- C:\Users\Fränz\Desktop\Master_Leitfaden_121010.pdf
[2013/01/17 20:13:17 | 000,151,977 | ---- | M] () -- C:\Users\Fränz\Desktop\244047_10151351294554486_1227174146_o.jpg
[2013/01/17 09:03:56 | 000,300,409 | ---- | M] () -- C:\Users\Fränz\Desktop\2013-01-17.pdf
[2013/01/16 11:38:45 | 000,009,280 | ---- | M] () -- C:\Users\Fränz\Desktop\632_240x240_Front_Color-White.jpg
[2013/01/16 11:38:35 | 000,408,389 | ---- | M] () -- C:\Users\Fränz\Desktop\MG_6081.jpg
[2013/01/16 11:38:26 | 000,018,308 | ---- | M] () -- C:\Users\Fränz\Desktop\wanderlust-definition-dico.png
[2013/01/16 11:20:35 | 000,178,579 | ---- | M] () -- C:\Users\Fränz\Desktop\Fernweh-a18283518.jpg
[2013/01/15 19:59:21 | 000,060,443 | ---- | M] () -- C:\Users\Fränz\Desktop\Organization TK old.pdf
[2013/01/15 19:57:33 | 000,871,395 | ---- | M] () -- C:\Users\Fränz\Desktop\Organization TK new.pdf
[2013/01/15 19:55:25 | 000,882,851 | ---- | M] () -- C:\Users\Fränz\Desktop\Bild1.jpg
[2013/01/15 17:37:04 | 000,032,336 | ---- | M] () -- C:\Users\Fränz\Desktop\321041_467821476614565_1565470527_n.jpg
[2013/01/14 22:33:28 | 000,096,749 | ---- | M] () -- C:\Users\Fränz\Desktop\426786_542925929051829_1542651037_n.jpg
[2013/01/14 17:10:36 | 001,355,015 | ---- | M] () -- C:\Users\Fränz\Desktop\Fotostrecke Flip-Chart.pdf
[2013/01/14 11:09:37 | 000,114,487 | ---- | M] () -- C:\Users\Fränz\Desktop\Infoblätter für Coaches.pdf
[2013/01/14 10:59:07 | 023,759,309 | ---- | M] () -- C:\Users\Fränz\Desktop\Fotostrecke Flip-Charts.rar
[2013/01/13 12:06:16 | 106,203,887 | ---- | M] () -- C:\Users\Fränz\Desktop\Mic Do - Plenty Of L (Ama Edi) (2012).rar
[2013/01/13 10:14:24 | 350,315,347 | ---- | M] () -- C:\Users\Fränz\Desktop\5141414108.Rmmstn-GrtstHts.zip
[2013/01/11 22:04:25 | 046,114,786 | ---- | M] () -- C:\Users\Fränz\Desktop\Make It Count.avi
[2013/01/10 19:03:59 | 000,043,938 | ---- | M] () -- C:\Users\Fränz\Desktop\734986_477331422304164_1239645383_n.jpg
[2013/01/10 12:46:02 | 000,021,111 | ---- | M] () -- C:\Users\Fränz\Desktop\768_10200367504657345_1269863194_n.jpg
[2013/01/09 23:08:40 | 000,006,104 | ---- | M] () -- C:\Users\Fränz\Desktop\218088_10200296573763848_1901334179_n.jpg
[2013/01/09 23:07:49 | 000,023,882 | ---- | M] () -- C:\Users\Fränz\Desktop\148919_10151331107452332_40365430_n.jpg
[2013/01/09 23:03:49 | 000,042,541 | ---- | M] () -- C:\Users\Fränz\Desktop\400075_411994568878146_957912623_n.jpg
[2013/01/09 22:57:43 | 005,015,664 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/01/09 00:47:28 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/01/09 00:47:28 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/01/08 15:06:37 | 000,052,623 | ---- | M] () -- C:\Users\Fränz\Desktop\Bestaetigung.pdf
[2013/01/08 14:35:08 | 000,816,817 | ---- | M] () -- C:\Users\Fränz\Desktop\Protokoll_Vorstandsstrategie.pdf
[2013/01/06 18:34:14 | 000,000,492 | ---- | M] () -- C:\Windows\wininit.ini
[2013/01/06 09:25:16 | 000,002,102 | ---- | M] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
[2013/01/03 22:40:56 | 003,139,304 | ---- | M] () -- C:\Users\Fränz\Desktop\MS_Project_Tutorial.pdf
[2013/01/03 21:56:01 | 000,044,006 | ---- | M] () -- C:\Users\Fränz\Desktop\Finanzreport_Nr.12_vom_31.12.2012740148.pdf
[2013/01/03 21:19:22 | 000,025,306 | ---- | M] () -- C:\Users\Fränz\Desktop\ToDo for you.dotm
[2013/01/03 17:04:18 | 000,025,285 | ---- | M] () -- C:\Users\Fränz\Documents\ToDo for you.dotm
[2013/01/03 16:48:22 | 000,025,348 | ---- | M] () -- C:\Users\Fränz\Documents\ToDo for you.dotx
[2013/01/02 23:22:39 | 000,025,525 | ---- | M] () -- C:\Users\Fränz\Desktop\418606_485733534811724_1437033175_n.jpg
[2013/01/02 11:50:28 | 000,110,298 | ---- | M] () -- C:\Users\Fränz\Desktop\736011_504370986264197_1610935081_o.jpg
[2012/12/31 17:43:55 | 000,029,964 | ---- | M] () -- C:\Users\Fränz\Desktop\b2-l_p_457378_2_frittenbudebildermitkatzevideoaudiolithbratze.jpg
[2012/12/31 15:33:02 | 000,144,059 | ---- | M] () -- C:\Users\Fränz\Desktop\399286_510607585646210_1644454261_n.jpg
[2012/12/30 23:15:58 | 000,038,450 | ---- | M] () -- C:\Users\Fränz\Desktop\534685_478544048856585_1245799438_n.jpg
[2012/12/30 21:25:46 | 000,157,436 | ---- | M] () -- C:\Users\Fränz\Desktop\736363_526210054064014_461172559_o.jpg
[2012/12/30 13:20:29 | 014,585,520 | ---- | M] () -- C:\Users\Fränz\Desktop\Jung von MattLimmat Pro Infirmis Kommen Sie näher.avi
[2012/12/30 13:16:40 | 031,314,882 | ---- | M] () -- C:\Users\Fränz\Desktop\What if money was no object.avi
[2012/12/29 20:48:21 | 000,029,156 | ---- | M] () -- C:\Users\Fränz\Desktop\531232_574480222569243_2097776549_n.jpg
 
========== Files Created - No Company Name ==========
 
[2013/01/26 10:29:42 | 000,002,915 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.js
[2013/01/26 10:29:42 | 000,000,159 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.reg
[2013/01/26 10:29:42 | 000,000,067 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.bat
[2013/01/26 10:29:41 | 095,023,320 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2013/01/26 02:03:56 | 001,405,658 | ---- | C] () -- C:\Users\Fränz\Desktop\tafeln-sbf-see.pdf
[2013/01/26 02:03:49 | 000,212,374 | ---- | C] () -- C:\Users\Fränz\Desktop\praktische-pruefung-sportbootfuehrerschein-see-ab-mai-2012.pdf
[2013/01/26 02:00:00 | 000,917,201 | ---- | C] () -- C:\Users\Fränz\Desktop\Fragenkatalog-See-Mai-2012.pdf
[2013/01/26 01:13:10 | 000,156,160 | ---- | C] () -- C:\Users\Fränz\Desktop\Schallsignale_Schulung.pps
[2013/01/26 01:13:07 | 000,316,416 | ---- | C] () -- C:\Users\Fränz\Desktop\Verkehrszeichen_Schulung.pps
[2013/01/26 01:13:03 | 001,041,920 | ---- | C] () -- C:\Users\Fränz\Desktop\Praxis_des_Segelns_Schulung.pps
[2013/01/26 01:12:44 | 001,432,064 | ---- | C] () -- C:\Users\Fränz\Desktop\Wegerecht_Schulung.pps
[2013/01/26 00:14:49 | 006,819,143 | ---- | C] () -- C:\Users\Fränz\Desktop\VID-20130125-00012.3GP
[2013/01/26 00:04:33 | 008,267,054 | ---- | C] () -- C:\Users\Fränz\Desktop\VID-20130125-00009.3GP
[2013/01/25 20:32:09 | 000,044,635 | ---- | C] () -- C:\Users\Fränz\Desktop\BVG.de - Fahrplanauskunft.pdf
[2013/01/25 01:51:25 | 031,165,163 | ---- | C] () -- C:\Users\Fränz\Desktop\CByeByeMaxiUnofficaltrYmewarez.zip
[2013/01/24 22:58:56 | 002,959,867 | ---- | C] () -- C:\Users\Fränz\Desktop\Vorlesung_LO_WS12_13_16102012_Kompatibilitaetsmodus_.pdf
[2013/01/21 23:08:29 | 000,039,496 | ---- | C] () -- C:\Users\Fränz\Desktop\550052_522660267766295_205696153_n.jpg
[2013/01/21 22:56:48 | 000,011,789 | ---- | C] () -- C:\Users\Fränz\Desktop\399405_10151093813300676_1861637810_n.jpg
[2013/01/20 23:50:25 | 000,030,278 | ---- | C] () -- C:\Users\Fränz\Desktop\1Termine-Nielsen.pdf
[2013/01/20 15:40:52 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/01/20 13:42:31 | 000,002,120 | ---- | C] () -- C:\Users\Public\Desktop\Citavi 3.lnk
[2013/01/20 11:31:06 | 000,001,189 | ---- | C] () -- C:\Users\Public\Desktop\Norton PC Checkup 3.0.lnk
[2013/01/18 19:56:52 | 273,720,374 | R--- | C] () -- C:\Users\Fränz\Desktop\tk_hv_2013_01_18.mp4
[2013/01/18 11:08:44 | 002,481,271 | ---- | C] () -- C:\Users\Fränz\Desktop\Get-Together WS 2012-2013.pdf
[2013/01/17 21:12:13 | 000,365,847 | ---- | C] () -- C:\Users\Fränz\Desktop\Toolbox.pdf
[2013/01/17 21:02:18 | 001,777,815 | ---- | C] () -- C:\Users\Fränz\Desktop\Master_Leitfaden_121010.pdf
[2013/01/17 20:13:16 | 000,151,977 | ---- | C] () -- C:\Users\Fränz\Desktop\244047_10151351294554486_1227174146_o.jpg
[2013/01/17 09:03:52 | 000,300,409 | ---- | C] () -- C:\Users\Fränz\Desktop\2013-01-17.pdf
[2013/01/16 11:38:45 | 000,009,280 | ---- | C] () -- C:\Users\Fränz\Desktop\632_240x240_Front_Color-White.jpg
[2013/01/16 11:38:34 | 000,408,389 | ---- | C] () -- C:\Users\Fränz\Desktop\MG_6081.jpg
[2013/01/16 11:38:25 | 000,018,308 | ---- | C] () -- C:\Users\Fränz\Desktop\wanderlust-definition-dico.png
[2013/01/16 11:20:35 | 000,178,579 | ---- | C] () -- C:\Users\Fränz\Desktop\Fernweh-a18283518.jpg
[2013/01/15 19:59:18 | 000,060,443 | ---- | C] () -- C:\Users\Fränz\Desktop\Organization TK old.pdf
[2013/01/15 19:57:31 | 000,871,395 | ---- | C] () -- C:\Users\Fränz\Desktop\Organization TK new.pdf
[2013/01/15 19:54:50 | 000,882,851 | ---- | C] () -- C:\Users\Fränz\Desktop\Bild1.jpg
[2013/01/15 17:37:03 | 000,032,336 | ---- | C] () -- C:\Users\Fränz\Desktop\321041_467821476614565_1565470527_n.jpg
[2013/01/14 22:33:28 | 000,096,749 | ---- | C] () -- C:\Users\Fränz\Desktop\426786_542925929051829_1542651037_n.jpg
[2013/01/14 17:10:32 | 001,355,015 | ---- | C] () -- C:\Users\Fränz\Desktop\Fotostrecke Flip-Chart.pdf
[2013/01/14 11:10:44 | 023,759,309 | ---- | C] () -- C:\Users\Fränz\Desktop\Fotostrecke Flip-Charts.rar
[2013/01/14 11:09:36 | 000,114,487 | ---- | C] () -- C:\Users\Fränz\Desktop\Infoblätter für Coaches.pdf
[2013/01/13 11:39:30 | 106,203,887 | ---- | C] () -- C:\Users\Fränz\Desktop\Mic Do - Plenty Of L (Ama Edi) (2012).rar
[2013/01/13 10:09:46 | 350,315,347 | ---- | C] () -- C:\Users\Fränz\Desktop\5141414108.Rmmstn-GrtstHts.zip
[2013/01/11 22:03:50 | 046,114,786 | ---- | C] () -- C:\Users\Fränz\Desktop\Make It Count.avi
[2013/01/10 19:03:57 | 000,043,938 | ---- | C] () -- C:\Users\Fränz\Desktop\734986_477331422304164_1239645383_n.jpg
[2013/01/10 12:46:01 | 000,021,111 | ---- | C] () -- C:\Users\Fränz\Desktop\768_10200367504657345_1269863194_n.jpg
[2013/01/09 23:08:39 | 000,006,104 | ---- | C] () -- C:\Users\Fränz\Desktop\218088_10200296573763848_1901334179_n.jpg
[2013/01/09 23:07:49 | 000,023,882 | ---- | C] () -- C:\Users\Fränz\Desktop\148919_10151331107452332_40365430_n.jpg
[2013/01/09 23:03:45 | 000,042,541 | ---- | C] () -- C:\Users\Fränz\Desktop\400075_411994568878146_957912623_n.jpg
[2013/01/09 12:11:35 | 000,065,536 | ---- | C] () -- C:\Windows\SysNative\Ikeext.etl
[2013/01/08 15:06:33 | 000,052,623 | ---- | C] () -- C:\Users\Fränz\Desktop\Bestaetigung.pdf
[2013/01/08 14:35:01 | 000,816,817 | ---- | C] () -- C:\Users\Fränz\Desktop\Protokoll_Vorstandsstrategie.pdf
[2013/01/06 09:25:16 | 000,002,102 | ---- | C] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
[2013/01/03 22:40:55 | 003,139,304 | ---- | C] () -- C:\Users\Fränz\Desktop\MS_Project_Tutorial.pdf
[2013/01/03 21:56:00 | 000,044,006 | ---- | C] () -- C:\Users\Fränz\Desktop\Finanzreport_Nr.12_vom_31.12.2012740148.pdf
[2013/01/03 18:53:14 | 000,025,306 | ---- | C] () -- C:\Users\Fränz\Desktop\ToDo for you.dotm
[2013/01/03 16:51:04 | 000,025,285 | ---- | C] () -- C:\Users\Fränz\Documents\ToDo for you.dotm
[2013/01/03 16:48:22 | 000,025,348 | ---- | C] () -- C:\Users\Fränz\Documents\ToDo for you.dotx
[2013/01/02 23:22:38 | 000,025,525 | ---- | C] () -- C:\Users\Fränz\Desktop\418606_485733534811724_1437033175_n.jpg
[2013/01/02 11:50:27 | 000,110,298 | ---- | C] () -- C:\Users\Fränz\Desktop\736011_504370986264197_1610935081_o.jpg
[2012/12/31 17:57:26 | 001,494,054 | ---- | C] () -- C:\Users\Fränz\Desktop\Desktop-Hintergrund.bmp
[2012/12/31 17:43:54 | 000,029,964 | ---- | C] () -- C:\Users\Fränz\Desktop\b2-l_p_457378_2_frittenbudebildermitkatzevideoaudiolithbratze.jpg
[2012/12/31 15:33:01 | 000,144,059 | ---- | C] () -- C:\Users\Fränz\Desktop\399286_510607585646210_1644454261_n.jpg
[2012/12/30 23:15:57 | 000,038,450 | ---- | C] () -- C:\Users\Fränz\Desktop\534685_478544048856585_1245799438_n.jpg
[2012/12/30 21:25:45 | 000,157,436 | ---- | C] () -- C:\Users\Fränz\Desktop\736363_526210054064014_461172559_o.jpg
[2012/12/30 13:20:18 | 014,585,520 | ---- | C] () -- C:\Users\Fränz\Desktop\Jung von MattLimmat Pro Infirmis Kommen Sie näher.avi
[2012/12/30 13:16:12 | 031,314,882 | ---- | C] () -- C:\Users\Fränz\Desktop\What if money was no object.avi
[2012/12/29 20:48:20 | 000,029,156 | ---- | C] () -- C:\Users\Fränz\Desktop\531232_574480222569243_2097776549_n.jpg
[2012/12/18 10:06:10 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012/12/18 10:06:06 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012/12/18 10:06:06 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012/12/18 10:06:06 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012/12/18 10:06:06 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012/12/08 22:15:00 | 000,000,173 | ---- | C] () -- C:\Users\Fränz\AppData\Local\msmathematics.qat.Fränz
[2012/11/29 21:23:09 | 000,007,605 | ---- | C] () -- C:\Users\Fränz\AppData\Local\Resmon.ResmonCfg
[2012/11/25 15:46:48 | 000,000,076 | ---- | C] () -- C:\Users\Fränz\AppData\Roaming\AVSDVDPlayer.m3u
[2012/11/25 13:27:02 | 000,524,288 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012/11/25 13:27:02 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012/11/16 21:33:41 | 000,233,464 | ---- | C] () -- C:\Windows\hpoins47.dat
[2012/11/10 13:41:38 | 000,000,492 | ---- | C] () -- C:\Windows\wininit.ini
[2012/11/06 23:29:02 | 001,590,378 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/04/11 12:16:39 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012/04/11 12:16:38 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012/04/11 12:16:38 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/04/11 12:16:37 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2012/04/11 12:16:36 | 013,906,944 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
 
========== ZeroAccess Check ==========
 
[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
         
--- --- ---

Geändert von Honkyy (26.01.2013 um 14:52 Uhr)

Alt 26.01.2013, 15:09   #2
Honkyy
 
GVU Trojaner WIN 7 - Standard

GVU Trojaner WIN 7



txtOTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 26/01/2013 14:54:13 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Fränz\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd/MM/yyyy
 
3,86 Gb Total Physical Memory | 1,39 Gb Available Physical Memory | 36,10% Memory free
7,71 Gb Paging File | 4,27 Gb Available in Paging File | 55,38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 339,23 Gb Total Space | 240,27 Gb Free Space | 70,83% Space Free | Partition Type: NTFS
Drive D: | 339,77 Gb Total Space | 249,24 Gb Free Space | 73,36% Space Free | Partition Type: NTFS
Drive E: | 6,38 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive G: | 1,88 Gb Total Space | 0,18 Gb Free Space | 9,73% Space Free | Partition Type: FAT
 
Computer Name: FRÄNZ-LAPTOP | User Name: Fränz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{038E3ABD-04E4-41C4-8891-93E24CED32F1}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{13F62AA0-F121-46F7-B9D6-5966215DC42C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{40FF34B9-17A2-4371-8AB7-9AC0C6AADF0C}" = rport=139 | protocol=6 | dir=out | app=system | 
"{41D527B9-7A8E-4CFD-9DA4-75C78FD51C92}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{6151A846-CBD7-4CF8-BE0C-63E38544136F}" = lport=137 | protocol=17 | dir=in | app=system | 
"{6A89703C-A4F3-48B3-A788-906EE0F8D5A0}" = lport=139 | protocol=6 | dir=in | app=system | 
"{6AB7029D-6083-46AD-B974-99FD680100D9}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{6FD2DDCE-75A7-4DA8-ABED-224C5D3D0483}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{71CE10FB-64BA-478B-B0E4-AD16BD02674F}" = lport=445 | protocol=6 | dir=in | app=system | 
"{7D0B483F-6605-4F55-889D-7A1394A251FE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{7E8DB3FD-FF9B-4D46-8A12-88D58D6958CB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{8BAECC72-3A48-4335-ACBD-CEAA37782DBA}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe | 
"{91D165CE-598B-4496-8CEB-4BC5855CAD59}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | 
"{9CF4288E-56FF-4C5D-BDCE-0DCC758D68BC}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{9D828DF8-A07F-43DE-9D99-7E2BD9EE0753}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{A3ED6A6B-307F-4F2A-87B3-A817E2B753DF}" = rport=138 | protocol=17 | dir=out | app=system | 
"{B44191DB-CD32-469C-B73E-C95BAABBF867}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{CD2CE992-097A-42FB-B086-11C56121BAD1}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{CE1CA6BB-EA43-4443-B4E0-6EF98FCEFC95}" = rport=137 | protocol=17 | dir=out | app=system | 
"{D06C8218-9EBB-43C3-A564-B8AB37D2964D}" = rport=445 | protocol=6 | dir=out | app=system | 
"{D35A0D73-4BD3-435E-A965-46253CE5DE43}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{E73D2B85-A333-470D-B7B5-55D2E444BCEE}" = lport=138 | protocol=17 | dir=in | app=system | 
"{E9713DBA-C11D-4853-8793-B178837D6E4A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{F03B0FFF-EE6D-4C66-A607-C5DEAF5DD724}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{F4D645D5-4052-43EB-80DD-CFBDFD60CE9C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02EEDB99-8F9C-4973-832B-31D359257C69}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{048C5CFE-0A72-4E17-BB3F-F29908A8D04C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | 
"{08A21B9D-DCC9-4AC7-A994-98360FADD8AD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{08A8DA8C-0332-4C65-A46E-F51C5E115653}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{10256B99-2A98-40EC-B0B3-01E990F3FFC1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe | 
"{10C403E4-DBB1-42D1-BCE2-0C284A0D3457}" = protocol=17 | dir=in | app=j:\alte externe\backup\d\spiele\assassin's creed\assassinscreed_launcher.exe | 
"{114551EB-3860-4FC5-A077-64BDFB1D87B7}" = dir=in | app=c:\program files (x86)\acer\acer vcm\rs_service.exe | 
"{15184FB8-2410-45A5-BAE2-FE70D424FEC5}" = protocol=6 | dir=in | app=j:\alte externe\backup\d\spiele\battlefield\bf2.exe | 
"{172F302F-6BB5-4F80-8B75-ABE8ED5F5EBE}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{1B0BA120-018C-4EC5-9B9D-D38BD6596C5D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{1C27FE63-F7ED-4A73-A51C-C96A77B6FB09}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe | 
"{1CD52509-18C0-473D-AC43-15C66C822161}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{204C0950-4FD6-4B67-9F6A-04AFFC8A1E5D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{2252BA1D-931A-40CC-B703-32AA8D72C579}" = protocol=17 | dir=in | app=j:\alte externe\backup\d\spiele\battlefield\bf2.exe | 
"{262C477B-700A-4560-B189-7340C606BBD7}" = protocol=6 | dir=in | app=j:\alte externe\backup\d\spiele\assassin's creed\assassinscreed_dx9.exe | 
"{2B69B3B3-D93C-44FD-BE20-703791EC6A9D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe | 
"{2BC8283E-E0E0-438C-92F0-5DBCEE1DE189}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe | 
"{2ECB7AED-B9F3-4EC0-BB5F-4BA6CDCC046B}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe | 
"{316A2AAA-D8AA-48FA-8869-B66BD5B5D8E8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{33C84FA5-1DF1-4C45-91B6-DB153011B51C}" = protocol=6 | dir=in | app=j:\alte externe\backup\d\spiele\assassinscreed_launcher.exe | 
"{36A1229F-7AB2-4114-8C54-731F915CD595}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe | 
"{3734A46C-7A17-4A8E-92F9-FEF032932C79}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{38B4EDCA-8F64-4B4E-A1D9-6233C6F164A4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{443E1B1E-7779-40AA-BDEA-E0A18B632CBA}" = protocol=17 | dir=in | app=j:\alte externe\backup\d\spiele\assassin's creed\assassinscreed_dx10.exe | 
"{4692CDFE-E7E2-45B9-9B8F-1535D0963674}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe | 
"{4FB1F1C9-B7D3-4232-BF59-C9CB96FEA490}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe | 
"{55BF2FD3-9BE7-4EB7-876B-33A7F27EA605}" = protocol=6 | dir=in | app=j:\alte externe\backup\d\spiele\assassin's creed\assassinscreed_launcher.exe | 
"{578DDDE9-F283-4C04-9E95-A6EDEBE29E2E}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{5A3E9783-3759-4327-B369-10B44849A84A}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{5B3247F9-E43F-4155-A5EA-08A2CE687E76}" = protocol=17 | dir=in | app=j:\alte externe\backup\d\spiele\assassinscreed_dx9.exe | 
"{5EA0913D-B86F-447D-A3F3-4E445307EC17}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe | 
"{600F1A0B-B20E-4833-8962-CC902F9C7805}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{626363CA-3E4F-40B1-A1EA-637CE69C5358}" = protocol=17 | dir=in | app=j:\alte externe\backup\d\spiele\assassin's creed\assassinscreed_dx9.exe | 
"{6700F979-C2FF-486B-BC7B-19B26ADE10B3}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{7244534D-8114-49B7-B60D-839DA91B63E5}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe | 
"{77997B08-95B2-4702-ACDC-E87662B764C8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe | 
"{782B2B49-5AED-4EFA-9DD4-8963AAE6BA71}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{78FE9F1F-8865-46A7-96E1-67D062AED54C}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{7911A222-B875-4FE1-8EDF-FC1B92E6A86E}" = protocol=17 | dir=in | app=c:\users\fränz\appdata\roaming\dropbox\bin\dropbox.exe | 
"{7E13F391-C30B-45B8-AC9B-5400F3385350}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe | 
"{810043D6-F4C2-41AE-8991-8C8C2F63325F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe | 
"{832796E6-238F-4463-87F1-53CB57F7A7CF}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{836455FB-71AA-4B22-AB15-742322B29A5D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe | 
"{8C038B51-87A2-4CF8-8BF2-D5F6CC595594}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{8C4344AB-25EC-4E19-AEE1-01B7EAEAC746}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe | 
"{8C543BBA-0458-44C9-BB5A-CEF3C6D99BD8}" = protocol=17 | dir=in | app=j:\alte externe\backup\d\spiele\assassinscreed_dx10.exe | 
"{8E3D5808-3825-4476-BED3-C72801F94911}" = dir=in | app=c:\program files (x86)\acer\acer vcm\vc.exe | 
"{8F80434B-6F95-447A-B5AF-D33AD4E6D406}" = protocol=6 | dir=in | app=j:\alte externe\backup\d\spiele\assassinscreed_dx10.exe | 
"{8FD39319-DC3A-4E45-9C7B-854F9D7730B9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{9113FD05-4CDB-4F83-A271-62F9C338AC3B}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe | 
"{96A38791-8110-4437-A8A1-A0D061DC1425}" = protocol=6 | dir=in | app=j:\alte externe\backup\d\spiele\assassinscreed_dx9.exe | 
"{99AE3D97-B0A1-4846-903A-AF6B81DB9137}" = dir=in | app=e:\setup\hpznui40.exe | 
"{9FF3218E-D1D5-405D-898C-B9DDAF11741D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe | 
"{ABCF36A5-B940-4166-BF57-4700D9D18EDD}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe | 
"{AFF59CBC-8DC5-40D1-AF08-CC9708941762}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{B576AD29-840B-471C-B5A0-B827ED37284A}" = protocol=6 | dir=in | app=j:\alte externe\backup\d\spiele\assassin's creed\assassinscreed_dx10.exe | 
"{B8E495D7-BB85-4273-BB10-82EB1DE1B469}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{B915740D-9C13-47EA-98A0-22C54C1F3A41}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe | 
"{BF0DDC03-EE8C-44A1-8E51-802B8229C4B9}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe | 
"{BF16F7D2-A786-459C-B80F-944FD3A9A76C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe | 
"{C46718BC-14A7-4E56-BE52-E0415001D03B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{C6998F8B-2B61-4FC3-83D8-0E23DE28FF0C}" = protocol=17 | dir=in | app=j:\alte externe\backup\d\spiele\assassinscreed_launcher.exe | 
"{C7676565-64C4-4438-BD6F-BE3ED46C7DFB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{C9FB95FB-E1E7-460C-BB7F-970F3927398C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe | 
"{CB99FA27-6F0F-477C-8C38-2490D5C9FA91}" = protocol=6 | dir=in | app=c:\users\fränz\appdata\roaming\dropbox\bin\dropbox.exe | 
"{D21C95C0-99A0-49C2-BE5E-E2592D00D3FD}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe | 
"{D7231363-F63A-43F1-8595-514113DF308B}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | 
"{E0307D0B-A39F-4184-9E6D-CEF5DA9F0DA7}" = protocol=6 | dir=out | app=system | 
"{E0EBEBB6-1AF5-4FBB-81FC-37D17BDDE045}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{F71A3D1C-B9B7-4108-9176-E00D26635AED}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{FCC96082-50E9-4A2D-8C1F-37990580179B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"TCP Query User{36922FEC-F06C-4333-AFD9-A62C7A9A6D2E}C:\users\fränz\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\fränz\appdata\roaming\dropbox\bin\dropbox.exe | 
"TCP Query User{6BF97A51-48D7-48CE-849E-53761C57BE93}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"TCP Query User{85B7FD52-234F-40FC-B45D-1DEF901D4D20}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"UDP Query User{A9B70AD4-847B-4A1D-9EB7-242C24DE8F28}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"UDP Query User{C4B9D940-ADE7-435A-95BB-F1BB644BB62C}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"UDP Query User{F0C7B370-2AAB-4CED-B51B-C46D7CAFDF03}C:\users\fränz\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\fränz\appdata\roaming\dropbox\bin\dropbox.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0919C44F-F18A-4E3B-A737-03685272CE72}" = Windows Live Remote Service Resources
"{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}" = MyWinLocker
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1553D712-B35F-4A82-BC72-D6B11A94BE3E}" = Windows Live Remote Service Resources
"{1685AE50-97ED-485B-80F6-145071EE14B0}" = Windows Live Remote Service Resources
"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display
"{2C1A6191-9804-4FDC-AB01-6F9183C91A13}" = Windows Live Remote Client Resources
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{350FD0E7-175A-4F86-84EF-05B77FCD7161}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{3C41721F-AF0F-4086-AA1C-4C7F29076228}" = Intel(R) PROSet/Wireless WiFi-Software
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{48C0866E-57EB-444C-8371-8E4321066BC3}" = Network64
"{4C2E49C0-9276-4324-841D-774CCCE5DB48}" = Windows Live Remote Client Resources
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}" = Windows Live Remote Service Resources
"{59C83C08-63F4-4AEC-81D6-392C5E23B843}" = HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCD6EFE-C2E7-4D77-8212-4BA223D8DF8E}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6965A8D2-465D-4F98-9FAA-0E9E2348F329}" = Microsoft LifeCam
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{702A632F-99CE-4E2D-B8F2-BF980E9CF62F}" = Windows Live Remote Client Resources
"{7AEC844D-448A-455E-A34E-E1032196BBCD}" = Windows Live Remote Service Resources
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97A295A7-8840-4B35-BB61-27A8F4512CA3}" = Windows Live Remote Service Resources
"{9C5A08BF-BB99-4998-81BD-F6CC32483B34}" = Microsoft Corporation
"{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources
"{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}" = Windows Live Remote Client Resources
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{A508D5A2-3AC1-4594-A718-A663D6D3CF11}" = Windows Live Remote Service Resources
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}" = Windows Live Remote Client Resources
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 267.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 267.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}" = Microsoft Xbox 360 Accessories 1.2
"{B680A663-1A15-47A5-A07C-7DF9A97558B7}" = Windows Live Remote Client Resources
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Überwachungstool für die Intel® Turbo-Boost-Technik 2.0
"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{CFF3C688-2198-4BC3-A399-598226949C39}" = Windows Live Remote Client Resources
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources
"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DE02B016-E096-437F-8D96-853BB36011D5}" = Solid Edge ST4
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}" = Microsoft Mathematics (64-bit)
"{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources
"{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources
"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources
"{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"CNXT_AUDIO_HDA" = Conexant HD Audio
"doPDF 6  printer_is1" = doPDF 6.1  printer
"Elantech" = ETDWare PS/2-X64 8.0.6.3_WHQL
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"PDF-XChange 3_is1" = PDF-XChange 3
"ProInst" = Intel PROSet Wireless
"Shop for HP Supplies" = Shop for HP Supplies
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Acer Crystal Eye Webcam
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh
"{03D57353-071B-4D21-982A-CC35C962A7C4}" = Mindjet MindManager 2012
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM)
"{0557BBDA-69D3-4FA4-A93C-A5300F7034B4}" = Windows Live Writer
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{062E4D94-8306-46D5-81B6-45E6AD09C799}" = Windows Live Messenger
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{06B05153-97E4-427E-B1A8-E098F6C5E52F}" = Windows Live Essentials
"{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Backup Manager V3
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}" = Windows Liven sähköposti
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail
"{110668B7-54C6-47C9-BAC4-1CE77F156AF5}" = Windows Live Mesh
"{11417707-1F72-4279-95A3-01E0B898BBF5}" = Windows Live Mesh
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar
"{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack
"{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima
"{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer
"{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}" = Bing Bar
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}" = Adobe Creative Suite 5 Master Collection
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack
"{249EE21B-8EDD-4F36-8A23-E580E9DBE80A}" = Windows Live Mail
"{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack
"{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer
"{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack
"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh
"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh
"{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2F54E453-8C93-4B3B-936A-233C909E6CAC}" = Windows Live Messenger
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources
"{32A3A4F4-B792-11D6-A78A-00B0D0170090}" = Java SE Development Kit 7 Update 9
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39F15B50-A977-4CA6-B1C3-6A8724CDA025}" = MyWinLocker 4
"{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}" = Windows Live Mesh
"{3B72C1E0-26A1-40F6-8516-D50C651DFB3C}" = Windows Live Essentials
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer PowerSmart Manager
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{43AAE145-83CF-4C96-9A5E-756CEFCE879F}" = clear.fi Client
"{43B43577-2514-4CE0-B14A-7E85C17C0453}" = Windows Live Essentials
"{443B561F-DE1B-4DEF-ADD9-484B684653C7}" = Windows Live Messenger
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources
"{4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5}" = Windows Live Writer Resources
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{4736B0ED-F6A1-48EC-A1B7-C053027648F1}" = Galeria fotogràfica del Windows Live
"{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{48F597DD-D397-4CFA-91A0-4C033A0113BD}" = Windows Live Mail
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4B744C85-DBB1-4038-B989-4721EB22C582}" = Windows Live Messenger
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{542DA303-FB91-4731-9F37-6E518368D3B9}" = Windows Live Messenger
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{5495E9A4-501A-4D4C-87C9-E80916CA9478}" = Windows Live UX Platform Language Pack
"{565E7B0E-B76B-4EAD-9753-F1E72A5CF12E}" = HPAppStudio
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status
"{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources
"{5DA7D148-D2D2-4C67-8444-2F0F9BD88A06}" = Windows Live Writer
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}" = newsXpresso
"{625D45F0-5DCB-48BF-8770-C240A84DAAEB}" = Windows Live Mesh
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail
"{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{644063FA-ABA3-42AC-A8AC-3EDC0706018B}" = Windows Live Mesh
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69C9C672-400A-43A0-B2DE-9DB38C371282}" = Windows Live Writer
"{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6A67578E-095B-4661-88F7-0B199CEC3371}" = Windows Live Messenger
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger
"{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer" = WildTangent Games App (Acer Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71527C7C-5289-4CB2-88C9-23344C0FF6C1}" = Windows Live Movie Maker
"{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer
"{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7327080F-6673-421F-BBD9-B618F357EEB3}" = Windows Live UX Platform Language Pack
"{734104DE-C2BF-412F-BB97-FCCE1EC94229}" = Windows Live Writer Resources
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{781A93CD-1608-427D-B7F0-D05C07795B25}" = Intel(R) WiDi
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{78DBE8CE-61F6-4D6C-806C-A0FFF65F5E1D}" = Windows Live Messenger
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7C2A3479-A5A0-412B-B0E6-6D64CBB9B251}" = Windows Live Photo Common
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7D926AD2-16D6-42C2-8CA1-AB09E96040BA}" = Windows Live Writer Resources
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources
"{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{820D0BA3-ACD7-4FB9-A3A7-0ADF0C66A4BE}" = Windows Live Messenger
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials
"{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{861B1145-7762-4794-B40C-3FF0A389DFE6}" = Windows Live Photo Gallery
"{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery
"{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF3891F-01B5-4A71-BFCD-20761890471C}" = Windows Live Messenger
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00B4-0407-0000-0000000FF1CE}" = Microsoft Office Project MUI (German) 2010
"{90140000-00B4-0407-0000-0000000FF1CE}_Office14.PRJPROR_{86D01646-1942-4253-B11F-68F5ED259B17}" = Microsoft Project 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{91140000-003B-0000-0000-0000000FF1CE}" = Microsoft Office Project Professional 2010
"{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{8A8F117F-8EDB-440D-B679-F08909D729F7}" = Microsoft Project 2010 Service Pack 1 (SP1)
"{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}" = Windows Live Mesh
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DA3F03B-2CEE-4344-838E-117861E61FAF}" = Windows Live Mail
"{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker
"{9F9A2D22-7E30-4546-B817-10644FFB9935}" = B110
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}" = Windows Live Movie Maker
"{A3389C72-1782-4BB4-BBAA-33345DE52E3F}" = Windows Live Messenger
"{A407FC22-36BF-4C82-A516-59D94BC505A9}" = System Requirements Lab Detection
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A7056D45-C63A-4FE4-A69D-FB54EF9B21BB}" = Windows Live Messenger
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA57D6F1-6360-4397-B2D9-B21C69863D97}" = Secure Download Manager
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB0B2113-5B96-4B95-8AD1-44613384911F}" = Windows Live Mesh
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials
"{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}" = Windows Live Mail
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.01) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common
"{B2E90616-C50D-4B89-A40D-92377AC669E5}" = Windows Live Messenger
"{B33B61FE-701F-425F-98AB-2B85725CBF68}" = Windows Live Photo Common
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B3BE54A4-8DFE-4593-8E66-56AB7133B812}" = Windows Live Writer
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live
"{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}" = Windows Live Writer Resources
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BAEE89D5-6E87-4F89-9603-A1C100479181}" = Windows Live Messenger
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter
"{BD0C3887-64E6-41D8-9A38-BC6F34369352}" = Windows Live Messenger
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{BFC47A0B-D487-4DF0-889E-D6D392DF31E0}" = Windows Live Messenger
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials
"{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C95A5A77-622F-45CA-9540-84468FCB18B1}" = Windows Live Messenger
"{C9E1343D-E21E-4508-A1BE-04A089EC137D}" = Windows Live Messenger
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CBFD061C-4B27-4A89-ADD8-210316EEFA11}" = Windows Live Messenger
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker
"{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common
"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer
"{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack
"{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"{D3E5A972-9A15-427D-AE78-8181A5FD943C}" = eBay Worldwide
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6CBB3B2-F510-483D-AE0D-1CF3F43CF1EE}" = Windows Live Writer Resources
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA29F644-2420-4448-8128-1331BE588999}" = Windows Live Writer
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail
"{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer
"{DDC1E1BD-7615-4186-89E1-F5F43F9B6491}" = Windows Live Movie Maker
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{DF71ABBB-B834-41C0-BB58-80B0545D754C}" = Windows Live UX Platform Language Pack
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E12C6653-1FF0-4686-ADB8-589C13AE761F}" = Citavi
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer
"{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{E9AD2143-26D5-4201-BED1-19DCC03B407D}" = Windows Live Messenger
"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources
"{EA777812-4905-4C08-8F6E-13BDCC734609}" = Windows Live UX Platform Language Pack
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心
"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.115
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F0F5D89A-197C-495B-827E-3E98B811CD2E}" = Windows Live Photo Common
"{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials
"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger
"{F35DC85A-E96B-496B-ABE7-F04192824856}" = Windows Live Messenger
"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack
"{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources
"{F783464C-C7C6-4E9B-AC40-BC90E5414BAF}" = Windows Live Messenger
"{F7A46527-DF1F-4B0F-9637-98547E189442}" = Windows Live Galeria de Fotos
"{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F88E2E04-7EF5-488C-8E38-C94EB808458E}" = PS_AIO_07_B110_SW_Min
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker
"{FFFA0584-8E3D-4195-8283-CCA3AD73C746}" = Windows Live Messenger
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"AVS DVD Player_is1" = AVS DVD Player version 2.4
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.2
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DAEMON Tools Lite" = DAEMON Tools Lite
"DivX Setup" = DivX-Setup
"Identity Card" = Identity Card
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Acer Crystal Eye Webcam
"InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Acer Backup Manager
"InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}" = newsXpresso
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"LManager" = Launch Manager
"MozBackup" = MozBackup 1.5.1
"Mozilla Firefox 18.0.1 (x86 de)" = Mozilla Firefox 18.0.1 (x86 de)
"Mozilla Thunderbird 17.0.2 (x86 de)" = Mozilla Thunderbird 17.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSC" = McAfee Internet Security Suite
"Norton PC Checkup_is1" = Norton PC Checkup
"Notepad++" = Notepad++
"Office14.PRJPROR" = Microsoft Project Professional 2010
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"ProInst" = Intel PROSet Wireless
"VLC media player" = VLC media player 2.0.5
"WildTangent acer Master Uninstall" = Acer Games
"WinLiveSuite" = Windows Live Essentials
"WTA-0fdd1138-7e2a-41a4-b90e-94eb020aadf6" = Penguins!
"WTA-1a326fbf-ffb9-4194-b92a-5eb7fa3caa60" = Torchlight
"WTA-1f0f75a9-2a53-4b4f-a4d0-c137b189a0e0" = Agatha Christie - Death on the Nile
"WTA-201d21d1-5f5f-4955-8f02-143cfce66264" = John Deere Drive Green
"WTA-2e9266c5-7296-4c32-8dbe-214bd571507e" = FATE
"WTA-308ef768-e410-416a-a2c6-4d163244fb1c" = Chuzzle Deluxe
"WTA-38776054-e606-4678-99ca-3c94831be8f4" = Zuma Deluxe
"WTA-49d98cec-f35b-4b90-bc16-f6eeff002174" = Wedding Dash
"WTA-514547fc-9f9b-4b14-a402-ef016e3e2c05" = Mystery of Mortlake Mansion
"WTA-53cdc961-da93-413f-b227-c4dbe0f65118" = Insaniquarium Deluxe
"WTA-806430f0-d969-4df0-af2d-0f07582c70ba" = Polar Bowler
"WTA-8f348e0c-d05c-4354-af2d-e99fd84f4b18" = Jewel Quest Solitaire
"WTA-c154bbb8-50f6-4c89-a41e-27812f4b7af3" = Slingo Deluxe
"WTA-cf19a6f3-d50d-4e77-b6ce-4cc8bbcc329e" = Jewel Match 3
"WTA-d7fcd67b-9988-4527-afd1-84f9920e6651" = Plants vs. Zombies - Game of the Year
"WTA-d80b99dd-75ad-4caf-9ecf-18b48cbc820d" = Final Drive: Nitro
"WTA-dfc737f7-6efa-4b46-8355-6ab43a8d1bbd" = Bejeweled 2 Deluxe
"WTA-f6e0301a-7416-45ae-9668-c967660733ab" = Crazy Chicken Kart 2
"WTA-ff0a2bff-545d-4420-bd45-37f3e469d0a9" = Virtual Villagers 4 - The Tree of Life
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 13/11/2012 14:14:31 | Computer Name = Fränz-Laptop | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 14/11/2012 03:11:40 | Computer Name = Fränz-Laptop | Source = McLogEvent | ID = 5004
Description = 
 
Error - 14/11/2012 03:11:43 | Computer Name = Fränz-Laptop | Source = WinMgmt | ID = 10
Description = 
 
Error - 14/11/2012 06:44:14 | Computer Name = Fränz-Laptop | Source = McLogEvent | ID = 5004
Description = 
 
Error - 14/11/2012 06:44:15 | Computer Name = Fränz-Laptop | Source = WinMgmt | ID = 10
Description = 
 
Error - 14/11/2012 09:35:31 | Computer Name = Fränz-Laptop | Source = McLogEvent | ID = 5004
Description = 
 
Error - 14/11/2012 09:35:33 | Computer Name = Fränz-Laptop | Source = WinMgmt | ID = 10
Description = 
 
Error - 14/11/2012 09:49:27 | Computer Name = Fränz-Laptop | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 14/11/2012 16:24:25 | Computer Name = Fränz-Laptop | Source = WinMgmt | ID = 10
Description = 
 
Error - 14/11/2012 16:35:58 | Computer Name = Fränz-Laptop | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 21/01/2013 06:00:50 | Computer Name = Fränz-Laptop | Source = WMPNetworkSvc | ID = 866333
Description = 
 
Error - 21/01/2013 06:46:30 | Computer Name = Fränz-Laptop | Source = WMPNetworkSvc | ID = 866333
Description = 
 
Error - 21/01/2013 06:55:02 | Computer Name = Fränz-Laptop | Source = WMPNetworkSvc | ID = 866333
Description = 
 
Error - 21/01/2013 08:56:58 | Computer Name = Fränz-Laptop | Source = WMPNetworkSvc | ID = 866333
Description = 
 
Error - 21/01/2013 11:48:35 | Computer Name = Fränz-Laptop | Source = WMPNetworkSvc | ID = 866333
Description = 
 
Error - 21/01/2013 15:04:22 | Computer Name = Fränz-Laptop | Source = WMPNetworkSvc | ID = 866333
Description = 
 
Error - 21/01/2013 15:04:22 | Computer Name = Fränz-Laptop | Source = WMPNetworkSvc | ID = 866333
Description = 
 
Error - 22/01/2013 04:21:09 | Computer Name = Fränz-Laptop | Source = Service Control Manager | ID = 7003
Description = Der Dienst "McAfee Personal Firewall Service" ist von folgendem Dienst
 abhängig: MfeFire. Dieser Dienst ist eventuell nicht installiert.
 
Error - 22/01/2013 05:10:32 | Computer Name = Fränz-Laptop | Source = Service Control Manager | ID = 7003
Description = Der Dienst "McAfee Personal Firewall Service" ist von folgendem Dienst
 abhängig: MfeFire. Dieser Dienst ist eventuell nicht installiert.
 
Error - 22/01/2013 09:38:39 | Computer Name = Fränz-Laptop | Source = Service Control Manager | ID = 7003
Description = Der Dienst "McAfee Personal Firewall Service" ist von folgendem Dienst
 abhängig: MfeFire. Dieser Dienst ist eventuell nicht installiert.
 
 
< End of report >
         
--- --- ---
__________________


Alt 28.01.2013, 13:43   #3
t'john
/// Helfer-Team
 
GVU Trojaner WIN 7 - Standard

GVU Trojaner WIN 7





Die Bereinigung besteht aus mehreren Schritten, die ausgefuehrt werden muessen.
Diese Nacheinander abarbeiten und die 3 Logs, die dabei erstellt werden bitte in deine naechste Antwort einfuegen.

Sollte der OTL-FIX nicht richig durchgelaufen sein. Fahre nicht fort, sondern melde dies bitte.

1. Schritt

Fixen mit OTL

Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).

  • Deaktiviere etwaige Virenscanner wie Avira, Kaspersky etc.
  • Starte die OTL.exe.
    Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
  • Kopiere folgendes Skript in das Textfeld unterhalb von Benuterdefinierte Scans/Fixes:
  • Der Fix fängt mit :OTL an. Vergewissere dich, dass du ihn richtig kopiert hast.


Code:
ATTFilter
:OTL

O4 - HKLM..\Run: [] File not found 
[2013/01/26 14:58:47 | 095,023,320 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.pad 
[2013/01/26 10:29:42 | 000,002,915 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.js 
[2013/01/26 10:29:42 | 000,000,159 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.reg 
[2013/01/26 10:29:42 | 000,000,067 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.bat 

:Files 
C:\ProgramData\*.exe
C:\ProgramData\*.dll
C:\ProgramData\*.tmp
C:\ProgramData\TEMP
C:\Users\Fränz\*.tmp
C:\Users\Fränz\AppData\Local\Temp\*.exe
C:\Users\Fränz\AppData\LocalLow\Sun\Java\Deployment\cache
%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup unctf.lnk
ipconfig /flushdns /c
:Commands
[emptytemp]
         
  • Schließe alle Programme.
  • Klicke auf den Fix Button.
  • Wenn OTL einen Neustart verlangt, bitte zulassen.
  • Kopiere den Inhalt des Logfiles hier in Code-Tags in Deinen Thread.
    Nachträglich kannst Du das Logfile hier einsehen => C:\_OTL\MovedFiles\<datum_nummer.log>

Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!



2. Schritt
Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Malwarebytes Anti-Malware
- Anwendbar auf Windows 2000, XP, Vista und 7.
- Installiere das Programm in den vorgegebenen Pfad.
- Aktualisiere die Datenbank!
- Aktiviere "Komplett Scan durchführen" => Scan.
- Wähle alle verfügbaren Laufwerke (ausser CD/DVD) aus und starte den Scan.
- Funde bitte löschen lassen oder in Quarantäne.
- Wenn der Scan beendet ist, klicke auf "Zeige Resultate".
danach:

3. Schritt
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).
__________________
__________________

Alt 26.03.2013, 04:40   #4
t'john
/// Helfer-Team
 
GVU Trojaner WIN 7 - Standard

GVU Trojaner WIN 7



Fehlende Rückmeldung

Gibt es Probleme beim Abarbeiten obiger Anleitung?

Um Kapazitäten für andere Hilfesuchende freizumachen, lösche ich dieses Thema aus meinen Benachrichtigungen.

Solltest Du weitermachen wollen, schreibe mir eine PN oder eröffne ein neues Thema.
http://www.trojaner-board.de/69886-a...-beachten.html


Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner sauber ist.
__________________
Mfg, t'john
Das TB unterstützen

Antwort

Themen zu GVU Trojaner WIN 7
acer, amd, antivir, appdata, bingbar, blue, bytes, datei, dateien, ergebnis, free, home, infizierte, internet, java, microsoft, msn deutschland, namen, nvpciflt.sys, plug-in, programm, registry, roaming, suche, trojaner, warnung, wildtangent games, win, windows, wscript.exe



Zum Thema GVU Trojaner WIN 7 - Hallo! Leider hat mich heute der GVU Trojaner erwischt. Für Eure Hilfe bin ich dankbar! Ich habe Antivir durchlaufen lassen. Hier das Ergebnis: Avira Free Antivirus Erstellungsdatum der Reportdatei: 26 - GVU Trojaner WIN 7...
Archiv
Du betrachtest: GVU Trojaner WIN 7 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.