Danke für Antworten:
Hier scan 1:
OTL EXTRAS Logfile: Code:
OTL Extras logfile created on: 29.11.2012 20:27:40 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\svenja\Desktop\virenhilfe
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16443)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 0,69 Gb Available Physical Memory | 34,45% Memory free
4,23 Gb Paging File | 2,29 Gb Available in Paging File | 54,04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 145,29 Gb Total Space | 5,31 Gb Free Space | 3,65% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 778,58 Gb Free Space | 83,58% Space Free | Partition Type: NTFS
Drive E: | 27,95 Gb Total Space | 5,33 Gb Free Space | 19,08% Space Free | Partition Type: NTFS
Drive G: | 144,99 Gb Total Space | 140,83 Gb Free Space | 97,13% Space Free | Partition Type: NTFS
Drive M: | 2,92 Gb Total Space | 2,52 Gb Free Space | 86,43% Space Free | Partition Type: FAT32
Drive Z: | 25,03 Gb Total Space | 14,32 Gb Free Space | 57,22% Space Free | Partition Type: NTFS
Computer Name: MARCUS-PC | User Name: svenja | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with FastStone] -- "C:\Program Files\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08536DB8-EFED-45FC-A02D-20D09B949555}" = rport=10243 | protocol=6 | dir=out | app=system |
"{191BB97F-1F56-4302-8D2F-3B367B608119}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{1DCBD641-858F-4603-B93D-A9F5204347F6}" = lport=5353 | protocol=17 | dir=in | name=bonjour |
"{22C35255-67E8-4037-B35D-72F42021A19A}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
"{2390C695-3DD2-4CD6-8D3D-38C9C9ECC31C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{29246363-80F1-4A68-94B8-F6DDD0600C62}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{334ADE6D-0B4B-4CA6-927D-C0875B5DE836}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{384A093F-59C4-453C-968F-E1A4A7BB1C83}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3A9AC520-A1D5-491A-BAE0-F0B88B668AB9}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{3DCD8C5E-C23E-41E3-B567-BBDDBE8E5A91}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3FE8540D-C2F9-48DB-B46B-1690002C5B37}" = lport=10243 | protocol=6 | dir=in | app=system |
"{40E1EC9F-DEA8-4E85-8CEA-892AD04771A3}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{43BC1D76-0FAC-43B8-8A5E-9D985D01339B}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{43E5BB7A-C55F-48AB-97C9-7CD85F07A31C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{46F269EE-0BF1-4644-86A9-D325FCF37A95}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{4B6B3829-8D09-44AF-8B0C-43F89E277111}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
"{4B885776-394B-4A1A-ADDA-96067DEBE98B}" = lport=3702 | protocol=17 | dir=in | app=c:\windows\system32\p2phost.exe |
"{54AA5A65-ADAB-4553-A6F8-536BBBA14D9A}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{565C2363-A69C-4102-A224-7E8BD36682C9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{57945A54-5362-4D98-8181-20A4376D1247}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{5C91E23E-5326-4485-B954-B9C471DED6C6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6285F966-5ED7-4919-982F-9F7A573ED802}" = lport=80 | protocol=6 | dir=in | name=@wsmres.dll,-50 |
"{6528A8A2-4D81-45B9-BDC8-2B72E391ED6F}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{69FC29EA-24F4-48BF-8533-9A014DBD598F}" = rport=3702 | protocol=17 | dir=out | app=c:\windows\system32\p2phost.exe |
"{741955B4-6B1A-463E-B261-DB5E93E8276A}" = lport=443 | protocol=6 | dir=in | app=system |
"{76AC1EB3-724D-4DA0-B360-090ADB3D2F97}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8136E266-2D2D-47D6-A457-F913F520C574}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{81835120-A9BD-461F-B2A9-781FD117E559}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A458A880-10FD-4893-A16F-A7AF9CEB4108}" = lport=5985 | protocol=6 | dir=in | app=system |
"{C3A2E10C-5D20-4B8F-814C-86CC21520AF3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C9B0CF4E-5CEB-49F0-B52D-4F4D42DF64E6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{CBB6088A-8297-4547-8A5E-62557784CF49}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{CFE48CEE-C95B-4DBA-9E2E-01785C15AC96}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D25D804E-FFA0-4920-B789-13861689A469}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E56221CD-17AA-47A8-97AA-40F0EB075EBC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E7359FD8-A8B6-44B5-949D-BCB013CE232F}" = rport=2869 | protocol=6 | dir=out | app=system |
"{E76F592E-28E6-4A07-8658-F2C1E52F32C6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E8897DD6-4D48-4222-97F3-098502F787C2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{F09076C6-CBF9-4908-860E-772FE1B34D12}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F1CD9DB8-B8D0-4C40-B439-18594050264D}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{F3A65183-3796-42B9-9F03-87558B8F86A1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FD6F36EF-1A1C-43AF-9B57-3257F8009D50}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{002D24B5-D761-445A-86AD-CFF9C1577FD8}" = dir=in | app=c:\program files\acer arcade live\acer homemedia connect\acer homemedia connect.exe |
"{03BA453A-8F85-42AF-8113-23B9E2FD1BEF}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{05CEF03D-6CB1-4D47-B1F0-6874FEB9A097}" = protocol=6 | dir=in | app=c:\program files\nero\nero mediahome 4\nmmediaserverservice.exe |
"{07F49A33-EA1F-4424-A7F8-E5B4EB0481C4}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{081E0BEB-BD98-4702-9B9F-93B9EBAA2052}" = protocol=6 | dir=in | app=c:\vom netz\sweetimsetup.exe |
"{10BF542E-1571-4394-9BE1-64929CF01EB9}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxm08.exe |
"{129F1FA4-CE62-4BB9-8833-E11C0E448088}" = protocol=17 | dir=in | app=c:\users\svenja\appdata\roaming\dropbox\bin\dropbox.exe |
"{19C6FEFD-684E-42CC-AFDE-029F9F4B0C21}" = dir=in | app=c:\program files\plex\plex media server\plexscripthost.exe |
"{1C0EB877-E24E-4010-BDF4-B1599AD213D3}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{1F55E9D4-661C-4404-89A0-96008016FE47}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{20375182-38E6-4E1C-A8C4-41E9A7B6F62E}" = protocol=6 | dir=out | app=system |
"{215F590F-5B1C-44DA-AD46-14CE87540024}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{24CFB005-DEE4-46B5-B4EA-03F3FE9C556C}" = protocol=6 | dir=in | app=c:\users\svenja\appdata\local\temp\~osaca.tmp\rlvknlg.exe |
"{2578E8DE-CFA9-4F3E-A060-16538F446660}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{2687DDAD-A6E2-494A-8F21-099AE7264283}" = protocol=6 | dir=in | app=c:\users\svenja\appdata\local\temp\~os385f.tmp\rlvknlg.exe |
"{28494D01-0BE9-4C6F-B7EE-61F2616971F9}" = protocol=17 | dir=in | app=c:\program files\nero\nero mediahome 4\nmmediaserverservice.exe |
"{297E8973-1203-40AC-B77F-6655DE8DC8FC}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{2C90699A-3B6A-4223-A8ED-B64F3A95EB74}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{399E14E9-4A2E-4B68-B4E0-C5DA43E8B0C3}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{3AFE02E1-51D4-426D-A426-DCE103C2ACFF}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{3BC41F96-35EF-48D7-8681-3A7F67D7CD0E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{3D7669BE-0E24-48F3-A1E8-68FE15C11F6E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{448C884D-9C3B-4D1F-B56F-A01ABC6A4934}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{47BBE321-0746-4C60-A168-017F9CA2BDAC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{47C19629-6E36-49A3-B09D-2EF7784C7155}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{492F6C7B-A171-4F4B-8831-349990E6AE1E}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{4ACBDF40-A39E-486B-9B4A-DB81F0837F11}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe |
"{5226AFB9-6699-4D4B-97F9-FC5F59FE1FD3}" = protocol=6 | dir=out | app=c:\windows\system32\p2phost.exe |
"{54EBCB13-0808-4BC1-ADCF-DF1D5A5B46A5}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{5A70F94A-105D-40C2-97DE-85A806218C38}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{5D91FFF9-DB47-4DD0-AACE-E2DFD92F105D}" = dir=in | app=c:\program files\plex\plex media server\plex media server.exe |
"{5DD3E674-A2E7-4906-B5D5-8ED6F33931F4}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{5ED25AF0-5BFE-433B-A303-F847DFE9951A}" = protocol=17 | dir=in | app=c:\users\svenja\desktop\utorrent3.0.25824.exe |
"{5FD03B99-5C2B-48C0-99E5-53289EF351DE}" = dir=in | app=c:\users\svenja\appdata\local\temp\7zs1335\ojprol7x00_full_14\setup\hpznui01.exe |
"{6C189DA3-07B1-4E47-AE3E-267C62FE2082}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqfxt08.exe |
"{729513A1-F720-40D4-A283-547EEBCA323D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{75D77709-406A-4759-AA18-FA7876E8DC8F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{7835158C-35B9-4F64-BCC9-D826A19CCE84}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{7D9C011D-A8A8-47B1-8530-5B6C5393ADD1}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{7E3C3CBF-1760-4AF2-89B5-D46448613695}" = protocol=6 | dir=in | svc=msiscsi | app=c:\windows\system32\svchost.exe |
"{7E82C38B-DFF1-4FA7-A2F2-06BC80F07D01}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{7EBF7B25-1A03-4C75-97DD-2041A3DF2E0C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{83894BCD-1D1F-4659-9E8C-DDD892D2826E}" = protocol=6 | dir=in | app=c:\users\svenja\appdata\local\temp\~osf5f3.tmp\rlvknlg.exe |
"{89BA6C3D-FFFB-4C9F-9855-AB259D4C0900}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{95C11D56-245E-4D5E-B00D-E986C8DCAF98}" = protocol=6 | dir=out | app=system |
"{96BAA83E-5001-4FDD-846A-95CA2488B61E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9BD233D5-0E5F-448D-8B0B-763AE368F591}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe |
"{9D1BB89D-E0CA-44A6-ACD3-BCAA544A5016}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9D56C2EC-B20D-47AF-A9BA-EA5E616973FA}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe |
"{9E275455-F0CE-4B8C-BF56-8D7B5944B7AB}" = protocol=6 | dir=out | app=system |
"{9E4455D6-E512-4864-92DD-C362ADC62AED}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{9E6F4C3F-8D81-43E4-A83E-F376EE5C393C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{A2EE3311-10E7-4BEB-8803-74805BDD7F89}" = protocol=6 | dir=in | app=c:\users\svenja\appdata\roaming\dropbox\bin\dropbox.exe |
"{A4F37CAD-FA8D-4816-A6E7-7073E2ABE428}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{AA5C34BA-43DD-4EA0-A8DA-21055319EF68}" = dir=in | app=c:\program files\airport\apagent.exe |
"{B5341F01-70D9-4527-A104-63251064149F}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{B6F3C0AC-80E2-464A-B2F0-7A4DA41C5D04}" = protocol=6 | dir=in | app=c:\users\svenja\appdata\local\temp\~os32a1.tmp\rlvknlg.exe |
"{B79CED2B-4466-4EA4-A927-C2DBE5FDCD96}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{B994362C-93CC-4823-A85C-269A0ECCCDA5}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{BD1A823F-1118-4A5A-8C4E-54B985E84861}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{BEE84946-E708-4387-AAE5-FBB10A5DE5A4}" = protocol=6 | dir=out | svc=msiscsi | app=c:\windows\system32\svchost.exe |
"{C834180D-9562-4073-A8BB-3002443B98E0}" = protocol=6 | dir=in | app=c:\users\svenja\appdata\local\temp\~os282b.tmp\rlvknlg.exe |
"{CA307F78-2C9A-45B3-AD66-75FC79FEE0BD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CCC29103-CC88-4AB7-B5D4-3E1BC646C809}" = protocol=6 | dir=in | app=c:\users\svenja\desktop\utorrent3.0.25824.exe |
"{D016C6B1-7A70-444B-A599-652AEB61E077}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D2B293E2-6212-4685-AD85-B3EECFC415F8}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{D3CDD78D-61B8-44FB-8B96-ECBC88B50208}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposfx08.exe |
"{D6B22163-F749-47E0-AE1E-172E3CA51CC9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D7EE14DE-CE0F-4D76-8F10-E5465267D7E8}" = dir=in | app=c:\program files\seagate\seagate dashboard\hipservagent\hipservagent.exe |
"{D8BC3EA4-7995-421E-BB93-319CD5EB069C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{D97F3316-AACF-4A99-88D3-ED0297730B7B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DD4E7253-FFE7-4555-8C13-E208E30BC35E}" = protocol=6 | dir=in | app=c:\windows\system32\p2phost.exe |
"{E0005122-201E-434F-938F-666A6E9AE903}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{E35EA6ED-BC30-42EA-864E-79F98B2224E3}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{E5CD996F-3374-4D72-9033-3BD7B031782F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E614E50E-1319-47F9-AC9D-DD517481AA3B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E7BCE766-BB13-45B8-B5A8-D8774285AAC4}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{E8D1A4BF-5849-4828-8681-7B98B29D36FC}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{EF4B5ECA-7D4D-4F7B-A177-D0FD682F2085}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpzwiz01.exe |
"{F7C177A1-C38D-4224-9015-089B73C12D61}" = protocol=17 | dir=in | app=c:\vom netz\sweetimsetup.exe |
"{F853CED2-FB7B-4B50-B6D1-F7901F8508DF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxs08.exe |
"{FF70698A-0B01-4295-B445-36400EB2E276}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{8835CF19-2F44-4A1E-AA7C-E8EB5735BA13}C:\program files\runes of magic\client.exe" = protocol=6 | dir=in | app=c:\program files\runes of magic\client.exe |
"UDP Query User{C3AFAD26-3FCB-4D31-97B0-A574B39C8029}C:\program files\runes of magic\client.exe" = protocol=17 | dir=in | app=c:\program files\runes of magic\client.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{01358C56-44F4-B8B3-8757-06F2A864A863}" = ATI Catalyst Install Manager
"{048DDE77-66D5-4335-8497-903856759B58}" = BPDSoftware
"{04DB9640-A905-456C-96F5-F1EB80FEB5C9}" = ProductContext
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05DC79C6-4213-45D3-BE8A-50B8B7C1F0E1}" = bpd_scan_Carrier
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{097CDB1E-07C9-40F1-9972-F0F9F3A287E4}" = Network
"{0F6F6876-6334-4977-B5DD-CFC12E193420}" = iTunes
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7
"{15fba87b-db4b-4c93-a984-ac188ea4b530}" = Nero MediaHome 4 Essentials
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 3.5
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{24F419C0-0A9A-47A3-9716-97ADDE5A37FA}" = OTClient93
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2E542A61-BE29-5305-219B-08EE4860C238}" = SignageStudio
"{32054443-8E78-423A-8335-D590F40DD5E9}" = Plex Media Server
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{40184457-4514-4B18-84A8-6BB8A3AB6A81}" = AirPort
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{4EF35707-7052-4331-B8FD-549DB3922AD7}" = TMPGEnc DVD Author 3 with DivX Authoring
"{57573545-74EB-46D2-B362-AA05364E4ED8}" = LogMeIn
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60FFB3E0-6D5B-4D73-AE5B-07E58B83AF0C}" = 32 Bit HP CIO Components Installer
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{69fc3b9a-4149-43db-a557-6ed0c8d8ba44}" = Nero MediaHome 4 Help
"{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}" = VoiceOver Kit
"{6D6DC23A-D4EE-4869-94C0-72D9EE288885}" = YouSendIt Desktop App
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7125B6E7-2BC8-4AE6-94FA-30F0C655CBC1}" = OTClient91
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CC68433-5837-4075-B81F-EA7E4F14CE60}" = iCloud
"{8E666407-AC41-46a2-9692-6C7BFCBFDD37}" = Memeo Instant Backup
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}" = MobileMe Control Panel
"{9294F169-72EE-4D74-AE92-CA25F64B4FF8}" = Fax
"{94389919-B0AA-4882-9BE8-9F0B004ECA35}" = Acer Tour
"{9615E45B-7670-4D17-9ED5-28B9E936EEDD}" = 7500_7600_7700_Help1
"{98EA51C9-B0B0-45BC-8641-3E119EA47D7B}" = Sony Ericsson Media Manager 1.2
"{99ef387e-633e-4cfb-bfa3-ab961b685ddf}" = Nero MediaHome 4
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D6C64CC-EA60-47A6-9C97-82C38231EDAE}" = HP OfficeJet L7300/L7500/7600/7700
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-7AD7-1031-7B44-A81200000003}" = Adobe Reader 8.1.2 - Deutsch
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B5A4C902-1636-48DB-8E38-F0DB102DDB59}" = MPM
"{B95B1BA9-F887-4B3C-8D3A-CCD4C4675120}" = Microsoft Default Manager
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter
"{BD312050-9D98-4F71-ADCD-25EC037C05FD}" = StarMoney
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C3A11907-930D-41AC-A135-CC3B12F92011}" = Seagate Dashboard
"{C4CC491B-5E85-4E96-8911-DF425893DF4A}" = L7500
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{CCBAA1F7-E5E1-48B2-9ED9-A79C6A37CE78}" = Cisco Systems VPN Client 5.0.00.0340
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{CE65A9A0-9686-45C6-9098-3C9543A412F0}" = Acer eSettings Management
"{D24DDB61-8868-46CF-BC36-BECC1674F0C1}" = Creative ZEN
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D462BF9E-0C35-4705-BF9B-3DF9F3816643}" = Acer ePerformance Management
"{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}" = Apple Mobile Device Support
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade
"{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}" = HP Update
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E36E864B-BFB6-440A-9A23-2B0BEDE59A92}" = MultiScreen
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{EC899917-C880-1017-8CB7-B932BD009007}" = DNE Update
"{ED3D79A6-B3BB-4482-B226-0B620F97258A}" = BPDSoftware_Ini
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8A9F4D7-4EC8-4E28-9B01-4CF74C812BF2}" = StarMoney
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FC338210-F594-11D3-BA24-00001C3AB4DF}" = cyberJack Base Components
"7-Zip" = 7-Zip 4.65
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AnyDVD" = AnyDVD
"Ashampoo Undeleter_is1" = Ashampoo Undeleter v.1.00
"AudibleManager" = AudibleManager
"AVMFBox" = AVM FRITZ!Box Dokumentation
"AVMFBoxPrinter" = AVM FRITZ!Box Druckeranschluss
"bi_uninstaller" = PDFCreator Uninstaller
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"DD4F47DF-6540-4BDA-BEAD-2B19250B0C48_is1" = FLAC to MP3 Converter 6.1.2
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"DVDx_is1" = DVDx
"E.M. DVD Copy_is1" = E.M. DVD Copy 2.51
"FastStone Image Viewer" = FastStone Image Viewer 4.0
"FileZilla Client" = FileZilla Client 3.2.7.1
"Fotosizer" = Fotosizer 1.29
"FTDICOMM" = SEMC DSS SyncStation Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"HPOCR" = OCR Software by I.R.I.S. 14.0
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"InstallShield_{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7
"iPhoneSMSExport" = iPhoneSMSExport
"MAGIX Filme für unterwegs 2 D" = MAGIX Filme für unterwegs 2 2.0.0.16 (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"medbarri" = Favorit
"Mediencenter Software" = Mediencenter Assistent
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 17.0 (x86 de)" = Mozilla Firefox 17.0 (x86 de)
"Mozilla Thunderbird 16.0.2 (x86 de)" = Mozilla Thunderbird 16.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"N360" = Norton 360
"NBRTWizard" = Norton Bootable Recovery Tool Wizard
"NSS" = Norton Security Scan
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PunkBusterSvc" = PunkBuster Services
"SignageStudio.86EE3EEE54D7DB049D16E358CDC443F088917621.1" = SignageStudio
"SysInfo" = Creative Systeminformationen
"uTorrent" = µTorrent
"VLC media player" = VLC media player 0.9.8a
"WePrint" = WePrint
"XMedia Recode" = XMedia Recode 3.0.6.0
"ZENcast Organizer" = ZENcast Organizer
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1101760962-3014260797-1857789441-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"JoinMe" = join.me
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1101760962-3014260797-1857789441-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ OSession Events ]
Error - 03.02.2011 12:59:07 | Computer Name = Marcus-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1664215
seconds with 3300 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 29.11.2012 13:17:03 | Computer Name = Marcus-PC | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
für die Netzwerkkarte mit der Netzwerkadresse 00064F6562DB zugeteilt werden. Der
folgende Fehler ist aufgetreten: %%121. Es wird weiterhin im Hintergrund versucht,
eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
Error - 29.11.2012 13:23:11 | Computer Name = Marcus-PC | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
für die Netzwerkkarte mit der Netzwerkadresse 00064F6562DB zugeteilt werden. Der
folgende Fehler ist aufgetreten: %%121. Es wird weiterhin im Hintergrund versucht,
eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
Error - 29.11.2012 13:28:46 | Computer Name = Marcus-PC | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
für die Netzwerkkarte mit der Netzwerkadresse 00064F6562DB zugeteilt werden. Der
folgende Fehler ist aufgetreten: %%121. Es wird weiterhin im Hintergrund versucht,
eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
Error - 29.11.2012 13:34:51 | Computer Name = Marcus-PC | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
für die Netzwerkkarte mit der Netzwerkadresse 00064F6562DB zugeteilt werden. Der
folgende Fehler ist aufgetreten: %%121. Es wird weiterhin im Hintergrund versucht,
eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
Error - 29.11.2012 13:41:20 | Computer Name = Marcus-PC | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
für die Netzwerkkarte mit der Netzwerkadresse 00064F6562DB zugeteilt werden. Der
folgende Fehler ist aufgetreten: %%121. Es wird weiterhin im Hintergrund versucht,
eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
Error - 29.11.2012 13:47:21 | Computer Name = Marcus-PC | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
für die Netzwerkkarte mit der Netzwerkadresse 00064F6562DB zugeteilt werden. Der
folgende Fehler ist aufgetreten: %%121. Es wird weiterhin im Hintergrund versucht,
eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
Error - 29.11.2012 13:53:10 | Computer Name = Marcus-PC | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
für die Netzwerkkarte mit der Netzwerkadresse 00064F6562DB zugeteilt werden. Der
folgende Fehler ist aufgetreten: %%121. Es wird weiterhin im Hintergrund versucht,
eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
Error - 29.11.2012 13:58:47 | Computer Name = Marcus-PC | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
für die Netzwerkkarte mit der Netzwerkadresse 00064F6562DB zugeteilt werden. Der
folgende Fehler ist aufgetreten: %%121. Es wird weiterhin im Hintergrund versucht,
eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
Error - 29.11.2012 14:04:57 | Computer Name = Marcus-PC | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
für die Netzwerkkarte mit der Netzwerkadresse 00064F6562DB zugeteilt werden. Der
folgende Fehler ist aufgetreten: %%121. Es wird weiterhin im Hintergrund versucht,
eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
Error - 29.11.2012 14:30:09 | Computer Name = Marcus-PC | Source = netbt | ID = 4321
Description = Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit
IP-Adresse 169.254.245.224 registriert werden. Der Computer mit IP-Adresse 169.254.1.1
hat nicht zugelassen, dass dieser Computer diesen Namen verwendet.
< End of report >
--- --- ---
OLT Text
OTL Logfile: Code:
OTL logfile created on: 29.11.2012 20:27:40 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\svenja\Desktop\virenhilfe
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16443)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 0,69 Gb Available Physical Memory | 34,45% Memory free
4,23 Gb Paging File | 2,29 Gb Available in Paging File | 54,04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 145,29 Gb Total Space | 5,31 Gb Free Space | 3,65% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 778,58 Gb Free Space | 83,58% Space Free | Partition Type: NTFS
Drive E: | 27,95 Gb Total Space | 5,33 Gb Free Space | 19,08% Space Free | Partition Type: NTFS
Drive G: | 144,99 Gb Total Space | 140,83 Gb Free Space | 97,13% Space Free | Partition Type: NTFS
Drive M: | 2,92 Gb Total Space | 2,52 Gb Free Space | 86,43% Space Free | Partition Type: FAT32
Drive Z: | 25,03 Gb Total Space | 14,32 Gb Free Space | 57,22% Space Free | Partition Type: NTFS
Computer Name: MARCUS-PC | User Name: svenja | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\svenja\Desktop\virenhilfe\OTL (1).exe (OldTimer Tools)
PRC - C:\Programme\LogMeIn\x86\ramaint.exe (LogMeIn, Inc.)
PRC - C:\Programme\LogMeIn\x86\LMIGuardianSvc.exe (LogMeIn, Inc.)
PRC - C:\Programme\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
PRC - C:\Programme\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
PRC - C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Programme\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Programme\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
PRC - C:\Programme\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
PRC - C:\Users\svenja\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\OpenTable\Client_10_1\OTClient.exe (OpenTable)
PRC - C:\Programme\WePrint\WePrint Server.exe (EuroSmartz Ltd)
PRC - C:\Programme\Norton 360\Engine\6.4.0.9\ccsvchst.exe (Symantec Corporation)
PRC - C:\Programme\Common Files\Java\Java Update\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\Windows\System32\cjpcsc.exe (REINER SCT)
PRC - C:\Programme\Telekom\Mediencenter\DTAG.Mediencenter.BackgroundService.exe (Deutsche Telekom AG)
PRC - C:\Programme\Seagate\Seagate Dashboard\SeagateDashboardService.exe (Memeo)
PRC - C:\Programme\Memeo\AutoBackup\MemeoUpdater.exe (Memeo Inc.)
PRC - C:\Programme\Memeo\AutoBackup\MemeoBackgroundService.exe (Memeo)
PRC - C:\Programme\Memeo\AutoBackup\InstantBackup.exe ()
PRC - C:\Programme\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.)
PRC - C:\Programme\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - C:\Windows\System32\bgsvcgen.exe (B.H.A Corporation)
PRC - C:\Programme\Nero\Nero MediaHome 4\NMMediaServerService.exe (Nero AG)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
PRC - C:\Programme\MultiScreen\MultiScreen.exe ()
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\iashost.exe (Microsoft Corporation)
PRC - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe ()
PRC - C:\Windows\System32\nvraidservice.exe (NVIDIA Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)
PRC - C:\Acer\Empowering Technology\SysMonitor.exe ()
PRC - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe ()
PRC - C:\Programme\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
========== Modules (No Company Name) ==========
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\d1cdb687ca296d0e95ff3abe946cb3c7\Microsoft.VisualBasic.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\6525d5b1a3b2cbea3301959a47b353c2\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ac05afefb5b28893d44ec451da0e6d4e\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2633dbf77be293b3a8693b6b062fd787\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7f15d0cb7e4f87f86e425d5ffe7e8280\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\741164a3e36f879b9f9e3ff176465127\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\22e554f2c4da53c07e4815a24e2d50e2\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\2c6cd37f29fc76d6c2ed6bbed202d82c\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\ee724aeea5f1b9d8a01fa6047fd2ef99\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b2052acbbbba4f98585196872195e009\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7ad9c44df3b85848590e63f13fc59804\mscorlib.ni.dll ()
MOD - C:\Programme\Mozilla Thunderbird\mozjs.dll ()
MOD - C:\Programme\Mozilla Thunderbird\nsldap32v60.dll ()
MOD - C:\Programme\Mozilla Thunderbird\nsldappr32v60.dll ()
MOD - C:\OpenTable\Client_10_1\ERBS.dll ()
MOD - C:\Windows\Downloaded Program Files\OTSI.ocx ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Programme\Memeo\AutoBackup\de-DE\InstantBackup.resources.dll ()
MOD - C:\Programme\Memeo\AutoBackup\Memeo.Client.UI.dll ()
MOD - C:\Programme\Memeo\AutoBackup\Memeo.Client.DriveDetection.dll ()
MOD - C:\Programme\Memeo\AutoBackup\InstantBackup.exe ()
MOD - C:\Programme\DivX\DivX Plus Web Player\libxml2.dll ()
MOD - C:\Programme\Memeo\AutoBackup\sqlite3.dll ()
MOD - C:\Programme\FileZilla FTP Client\fzshellext.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Programme\MultiScreen\MultiScreen.exe ()
MOD - C:\Programme\MultiScreen\MGResGer.dll ()
MOD - C:\Programme\MultiScreen\MultiMon.dll ()
MOD - C:\Programme\MultiScreen\ServiceHook.dll ()
MOD - C:\Acer\Empowering Technology\SysMonitor.exe ()
========== Services (SafeList) ==========
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (LMIMaint) -- C:\Programme\LogMeIn\x86\ramaint.exe (LogMeIn, Inc.)
SRV - (LMIGuardianSvc) -- C:\Programme\LogMeIn\x86\LMIGuardianSvc.exe (LogMeIn, Inc.)
SRV - (nvUpdatusService) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (N360) -- C:\Program Files\Norton 360\Engine\6.4.0.9\ccSvcHst.exe (Symantec Corporation)
SRV - (cjpcsc) -- C:\Windows\System32\cjpcsc.exe (REINER SCT)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (MCSWASVR) -- C:\Programme\Telekom\Mediencenter\DTAG.Mediencenter.BackgroundService.exe (Deutsche Telekom AG)
SRV - (SeagateDashboardService) -- C:\Programme\Seagate\Seagate Dashboard\SeagateDashboardService.exe (Memeo)
SRV - (MemeoBackgroundService) -- C:\Programme\Memeo\AutoBackup\MemeoBackgroundService.exe (Memeo)
SRV - (LogMeIn) -- C:\Programme\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.)
SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (bgsvcgen) -- C:\Windows\System32\bgsvcgen.exe (B.H.A Corporation)
SRV - (NeroMediaHomeService.4) -- C:\Programme\Nero\Nero MediaHome 4\NMMediaServerService.exe (Nero AG)
SRV - (eDataSecurity Service) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (eSettingsService) -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe ()
SRV - (eRecoveryService) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)
SRV - (AcerMemUsageCheckService) -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe ()
SRV - (CVPND) -- C:\Programme\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
DRV - (rvtnuun) -- C:\Windows\System32\drivers\lydajwmb.sys ()
DRV - (LMIRfsClientNP) -- C:\Windows\System32\LMIRfsClientNP.dll (LogMeIn, Inc.)
DRV - (BHDrvx86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20121106.001\BHDrvx86.sys (Symantec Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20121129.003\NAVEX15.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20121129.003\NAVENG.SYS (Symantec Corporation)
DRV - (IDSVix86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20121128.001\IDSvix86.sys (Symantec Corporation)
DRV - (eeCtrl) -- C:\Programme\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Programme\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (SRTSP) -- C:\Windows\System32\drivers\N360\0604000.009\srtsp.sys (Symantec Corporation)
DRV - (SRTSPX) -- C:\Windows\System32\drivers\N360\0604000.009\srtspx.sys (Symantec Corporation)
DRV - (ccSet_N360) -- C:\Windows\System32\drivers\N360\0604000.009\ccsetx86.sys (Symantec Corporation)
DRV - (SymEFA) -- C:\Windows\System32\drivers\N360\0604000.009\symefa.sys (Symantec Corporation)
DRV - (SymIM) -- C:\Windows\System32\drivers\SymIMV.sys (Symantec Corporation)
DRV - (SYMTDIv) -- C:\Windows\System32\drivers\N360\0604000.009\symtdiv.sys (Symantec Corporation)
DRV - (SymIRON) -- C:\Windows\System32\drivers\N360\0604000.009\ironx86.sys (Symantec Corporation)
DRV - (SymDS) -- C:\Windows\System32\drivers\N360\0604000.009\symds.sys (Symantec Corporation)
DRV - (cjusb) -- C:\Windows\System32\drivers\cjusb.sys (REINER SCT)
DRV - (LMIRfsDriver) -- C:\Windows\System32\drivers\LMIRfsDriver.sys (LogMeIn, Inc.)
DRV - (LMIInfo) -- C:\Programme\LogMeIn\x86\rainfo.sys (LogMeIn, Inc.)
DRV - (RTL85n86) -- C:\Windows\System32\drivers\RTL85n86.sys (Realtek Semiconductor Corporation )
DRV - (cdrbsdrv) -- C:\Windows\System32\drivers\CDRBSDRV.SYS (B.H.A Corporation)
DRV - (AnyDVD) -- C:\Windows\System32\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - (DNE) -- C:\Windows\System32\drivers\dne2000.sys (Deterministic Networks, Inc.)
DRV - (s0016unic) -- C:\Windows\System32\drivers\s0016unic.sys (MCCI Corporation)
DRV - (s0016nd5) -- C:\Windows\System32\drivers\s0016nd5.sys (MCCI Corporation)
DRV - (s0016mdfl) -- C:\Windows\System32\drivers\s0016mdfl.sys (MCCI Corporation)
DRV - (s0016mdm) -- C:\Windows\System32\drivers\s0016mdm.sys (MCCI Corporation)
DRV - (s0016mgmt) -- C:\Windows\System32\drivers\s0016mgmt.sys (MCCI Corporation)
DRV - (s0016obex) -- C:\Windows\System32\drivers\s0016obex.sys (MCCI Corporation)
DRV - (s0016bus) -- C:\Windows\System32\drivers\s0016bus.sys (MCCI Corporation)
DRV - (seehcri) -- C:\Windows\System32\drivers\seehcri.sys (Sony Ericsson Mobile Communications)
DRV - (nvstor32) -- C:\Windows\System32\drivers\nvstor32.sys (NVIDIA Corporation)
DRV - (nvrd32) -- C:\Windows\System32\drivers\nvrd32.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (zntport) -- C:\Windows\System32\drivers\zntport.sys (Zeal SoftStudio)
DRV - (tvicport) -- C:\Windows\System32\drivers\TVicPort.sys (EnTech Taiwan)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation)
DRV - (int15) -- C:\Acer\Empowering Technology\eRecovery\int15.sys (Acer, Inc.)
DRV - (bizVSerial) -- C:\Windows\System32\drivers\bizVSerialNT.sys (franson.biz)
DRV - (CVPNDRVA) -- C:\Windows\System32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.)
DRV - (CVirtA) -- C:\Windows\System32\drivers\CVirtA.sys (Cisco Systems, Inc.)
DRV - (FTSER2K) -- C:\Windows\System32\drivers\ftser2k.sys (FTDI Ltd.)
DRV - (FTLUND) -- C:\Windows\System32\drivers\ftlund.sys (FTDI Ltd.)
DRV - (FTDIBUS) -- C:\Windows\System32\drivers\ftdibus.sys (FTDI Ltd.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.intl.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.intl.acer.yahoo.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1101760962-3014260797-1857789441-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SEARCH PAGE = hxxp://de.rd.yahoo.com/customize/ycomp/defaults/sp/*hxxp://de.yahoo.com
IE - HKU\S-1-5-21-1101760962-3014260797-1857789441-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\S-1-5-21-1101760962-3014260797-1857789441-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-1101760962-3014260797-1857789441-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://otanywhere.opentable.de/login.aspx
IE - HKU\S-1-5-21-1101760962-3014260797-1857789441-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKU\S-1-5-21-1101760962-3014260797-1857789441-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKU\S-1-5-21-1101760962-3014260797-1857789441-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1101760962-3014260797-1857789441-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1101760962-3014260797-1857789441-1000\..\SearchScopes\{194C6A87-273C-4675-AFEC-CEED5412A375}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=302398&p={searchTerms}
IE - HKU\S-1-5-21-1101760962-3014260797-1857789441-1000\..\SearchScopes\{B7529384-941F-4339-A249-A18443C2B985}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKU\S-1-5-21-1101760962-3014260797-1857789441-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1101760962-3014260797-1857789441-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-1101760962-3014260797-1857789441-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SEARCH PAGE = hxxp://de.rd.yahoo.com/customize/ycomp/defaults/sp/*hxxp://de.yahoo.com
IE - HKU\S-1-5-21-1101760962-3014260797-1857789441-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\S-1-5-21-1101760962-3014260797-1857789441-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-1101760962-3014260797-1857789441-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://otanywhere.opentable.de/login.asp?dc=1&otaver=9828
IE - HKU\S-1-5-21-1101760962-3014260797-1857789441-1003\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKU\S-1-5-21-1101760962-3014260797-1857789441-1003\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - No CLSID value found
IE - HKU\S-1-5-21-1101760962-3014260797-1857789441-1003\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKU\S-1-5-21-1101760962-3014260797-1857789441-1003\..\SearchScopes,DefaultScope = {194C6A87-273C-4675-AFEC-CEED5412A375}
IE - HKU\S-1-5-21-1101760962-3014260797-1857789441-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-1101760962-3014260797-1857789441-1003\..\SearchScopes\{194C6A87-273C-4675-AFEC-CEED5412A375}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
IE - HKU\S-1-5-21-1101760962-3014260797-1857789441-1003\..\SearchScopes\{B7529384-941F-4339-A249-A18443C2B985}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKU\S-1-5-21-1101760962-3014260797-1857789441-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1101760962-3014260797-1857789441-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-1101760962-3014260797-1857789441-1004\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1101760962-3014260797-1857789441-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398&ilc=12"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:5.5
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_131.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=0.9.8a: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\svenja\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\svenja\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\IPSFFPlgn\ [2012.08.05 15:48:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\coFFPlgn\ [2012.11.29 16:46:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.12.19 19:35:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011.02.07 13:04:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011.02.07 13:04:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.11.28 10:34:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.11.29 17:09:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.11.19 11:26:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.12.19 19:35:05 | 000,000,000 | ---D | M]
[2008.06.23 20:46:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\svenja\AppData\Roaming\mozilla\Extensions
[2012.11.28 21:16:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\svenja\AppData\Roaming\mozilla\Firefox\Profiles\ty77o4ho.default\extensions
[2010.06.12 19:38:13 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\svenja\AppData\Roaming\mozilla\Firefox\Profiles\ty77o4ho.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.05.15 08:56:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\svenja\AppData\Roaming\mozilla\Firefox\Profiles\ty77o4ho.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}-trash
[2012.11.15 11:08:56 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\svenja\AppData\Roaming\mozilla\Firefox\Profiles\ty77o4ho.default\extensions\de-DE@dictionaries.addons.mozilla.org
[2012.11.28 11:32:51 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\svenja\AppData\Roaming\mozilla\firefox\profiles\ty77o4ho.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.11.15 08:50:57 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.11.28 10:34:20 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.10.24 23:03:12 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.24 23:03:11 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.10.24 23:03:12 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.24 23:03:12 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.24 23:03:12 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.24 23:03:11 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - homepage: hxxp://google.de/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: hxxp://google.de/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\svenja\AppData\Local\Google\Chrome\Application\23.0.1271.91\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\svenja\AppData\Local\Google\Chrome\Application\23.0.1271.91\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\svenja\AppData\Local\Google\Chrome\Application\23.0.1271.91\pdf.dll
CHR - plugin: Perion plugin (Enabled) = C:\Users\svenja\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\Plugins/PerionNewTabChrome-32.dll
CHR - plugin: Norton Confidential (Enabled) = C:\Users\svenja\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.6.10_0\npcoplgn.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - Extension: DivX HiQ = C:\Users\svenja\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.0.900_0\
CHR - Extension: New tab for Chrome\u2122 = C:\Users\svenja\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\
CHR - Extension: Norton Identity Protection = C:\Users\svenja\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.6.10_0\
O1 HOSTS File: ([2012.11.29 16:38:35 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programme\Norton 360\Engine\6.4.0.9\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton 360\Engine\6.4.0.9\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton 360\Engine\6.4.0.9\coieplg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-1101760962-3014260797-1857789441-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKU\S-1-5-21-1101760962-3014260797-1857789441-1003\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKU\S-1-5-21-1101760962-3014260797-1857789441-1003\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton 360\Engine\6.4.0.9\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe ()
O4 - HKLM..\Run: [Acer Tour] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [Memeo Instant Backup] C:\Program Files\Memeo\AutoBackup\MemeoLauncher2.exe (Memeo Inc.)
O4 - HKLM..\Run: [MultiScreen] C:\Programme\MultiScreen\MultiScreen.exe ()
O4 - HKLM..\Run: [NVRaidService] C:\Windows\System32\nvraidservice.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe File not found
O4 - HKU\S-1-5-18..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe File not found
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1101760962-3014260797-1857789441-1000..\Run: [ApplePhotoStreams] C:\Programme\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKU\S-1-5-21-1101760962-3014260797-1857789441-1000..\Run: [iCloudServices] C:\Programme\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKU\S-1-5-21-1101760962-3014260797-1857789441-1000..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe File not found
O4 - HKU\S-1-5-21-1101760962-3014260797-1857789441-1003..\Run: [CTSyncU.exe] C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe ()
O4 - HKU\S-1-5-21-1101760962-3014260797-1857789441-1003..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1101760962-3014260797-1857789441-1003..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1101760962-3014260797-1857789441-1004..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation)
O4 - HKU\S-1-5-21-1101760962-3014260797-1857789441-1003..\RunOnce: [RUN] C:\Windows\Acer_Normal\run_DT.exe ()
O4 - HKU\S-1-5-21-1101760962-3014260797-1857789441-1004..\RunOnce: [RUN] C:\Windows\Acer_Normal\run_DT.exe ()
O4 - Startup: C:\Users\svenja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\svenja\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\svenja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WePrint Server.lnk = C:\Programme\WePrint\WePrint Server.exe (EuroSmartz Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1101760962-3014260797-1857789441-1000\..Trusted Domains: fritz.box ([]* in Local intranet)
O15 - HKU\S-1-5-21-1101760962-3014260797-1857789441-1000\..Trusted Ranges: Range1 ([*] in Local intranet)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {A378EEF8-4E41-4BC4-8CBC-1ACB8686CC1D} https://otanywhere.opentable.de/download/PlugIn/OTSI.CAB (OTSysInfo Object)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{989AD318-57BC-47A0-961F-6C696470C3D7}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\Acer01.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\Acer01.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010.02.15 05:53:50 | 000,000,027 | ---- | M] () - D:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2002.08.14 12:42:53 | 000,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{a43d5708-9b6b-11dd-815e-001d92a603f0}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe BÜRO_1.vbs
O33 - MountPoints2\{ccf0b438-0b87-11e0-91f8-001d92a603f0}\Shell\AutoRun\command - "" = install.exe
O33 - MountPoints2\{ccf0b43f-0b87-11e0-91f8-001d92a603f0}\Shell\AutoRun\command - "" = install.exe
O33 - MountPoints2\{f0dd29ad-70db-11de-b6a2-001d92a603f0}\Shell - "" = AutoRun
O33 - MountPoints2\{f0dd29ad-70db-11de-b6a2-001d92a603f0}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -a
O33 - MountPoints2\{f0dd29cb-70db-11de-b6a2-001d92a603f0}\Shell - "" = AutoRun
O33 - MountPoints2\{f0dd29cb-70db-11de-b6a2-001d92a603f0}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012.11.29 17:14:51 | 000,000,000 | ---D | C] -- C:\Users\svenja\Desktop\virenhilfe
[2012.11.29 16:36:12 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.11.28 20:55:29 | 016,363,448 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe
[2012.11.28 11:16:54 | 000,000,000 | ---D | C] -- C:\Users\svenja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2012.11.28 11:16:52 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2012.11.28 10:56:25 | 000,000,000 | ---D | C] -- C:\Users\svenja\AppData\Roaming\Malwarebytes
[2012.11.28 10:56:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.11.28 10:56:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.11.28 10:56:01 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.11.28 10:56:00 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.11.28 10:44:25 | 000,000,000 | ---D | C] -- C:\Users\svenja\AppData\Local\Macromedia
[2012.11.22 11:08:03 | 000,000,000 | ---D | C] -- C:\Users\svenja\AppData\Roaming\SignageStudio.86EE3EEE54D7DB049D16E358CDC443F088917621.1
[2012.11.22 11:07:50 | 000,000,000 | ---D | C] -- C:\Program Files\SignageStudio
[2012.11.22 11:04:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2012.11.22 10:58:47 | 000,000,000 | ---D | C] -- C:\Users\svenja\AppData\Roaming\TeamViewer
[2012.11.22 08:30:53 | 000,000,000 | ---D | C] -- C:\Users\svenja\AppData\Roaming\OpenOffice.org
[2012.11.21 20:45:39 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1
[2012.11.21 20:43:58 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2012.11.21 11:38:09 | 000,697,272 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.11.19 11:26:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012.11.19 11:23:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
[2012.11.19 11:17:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.11.19 11:16:01 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.11.19 11:15:58 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2012.11.19 11:06:37 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012.11.15 12:29:48 | 000,000,000 | ---D | C] -- C:\Users\svenja\AppData\Local\join.me
[2012.11.15 09:04:48 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.11.15 09:04:47 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.11.15 09:04:46 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.11.15 09:04:46 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.11.15 09:04:46 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.11.15 09:04:44 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.11.15 09:04:44 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.11.15 09:04:42 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.11.15 08:49:07 | 002,047,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.11.15 08:48:29 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
[2012.11.15 08:43:22 | 000,000,000 | ---D | C] -- C:\Users\svenja\AppData\Roaming\pdfforge
[2012.11.09 10:13:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2012.11.09 10:13:32 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMAPI32.OCX
[2012.11.09 10:13:31 | 000,086,528 | ---- | C] (pdfforge GbR) -- C:\Windows\System32\pdfcmon.dll
[2012.11.09 10:13:30 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCMCDE.DLL
[2012.11.09 10:13:30 | 000,125,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VB6DE.DLL
[2012.11.09 10:13:29 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCC2DE.DLL
[2012.11.09 10:13:29 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPIDE.DLL
[2012.11.09 10:13:29 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator
[2012.11.09 10:03:46 | 000,000,000 | ---D | C] -- C:\Users\svenja\Local Settings
[2012.11.09 10:01:51 | 000,000,000 | ---D | C] -- C:\Program Files\Perion
[2012.11.09 10:01:21 | 000,632,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr80.dll
[2012.11.09 10:01:21 | 000,554,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp80.dll
[2012.11.09 10:01:21 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcm80.dll
[2012.11.08 11:18:57 | 000,000,000 | ---D | C] -- C:\Users\svenja\AppData\Roaming\convert
[2012.11.08 10:39:28 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2012.11.05 08:41:34 | 000,000,000 | ---D | C] -- C:\Users\svenja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iPhoneSMSExport
[2012.11.05 08:41:34 | 000,000,000 | ---D | C] -- C:\Program Files\iPhoneSMSExport
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.11.29 20:20:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1101760962-3014260797-1857789441-1000UA.job
[2012.11.29 19:55:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.29 19:53:19 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.11.29 19:20:10 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1101760962-3014260797-1857789441-1000Core.job
[2012.11.29 18:44:26 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.29 18:44:26 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.29 17:18:40 | 000,002,721 | ---- | M] () -- C:\Users\svenja\Desktop\Microsoft Outlook.lnk
[2012.11.29 17:16:29 | 000,000,099 | ---- | M] () -- C:\Users\svenja\Desktop\SignageStudioDebug.bat
[2012.11.29 17:09:08 | 000,054,016 | ---- | M] () -- C:\Windows\System32\drivers\lydajwmb.sys
[2012.11.29 16:51:10 | 000,628,524 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.11.29 16:51:10 | 000,595,818 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.11.29 16:51:10 | 000,103,892 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.11.29 16:51:09 | 000,126,074 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.11.29 16:45:13 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.11.29 16:44:25 | 000,326,744 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.11.29 16:44:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.29 16:43:23 | 2146,652,160 | -HS- | M] () -- C:\hiberfil.sys
[2012.11.29 16:38:35 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2012.11.28 20:55:47 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.11.28 20:55:47 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.11.28 20:55:31 | 016,363,448 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe
[2012.11.28 17:15:09 | 000,000,438 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for svenja.job
[2012.11.28 12:25:05 | 000,002,090 | ---- | M] () -- C:\Users\svenja\Desktop\Google Chrome.lnk
[2012.11.22 11:07:54 | 000,000,849 | ---- | M] () -- C:\Users\Public\Desktop\SignageStudio.lnk
[2012.11.21 20:45:40 | 000,001,037 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
[2012.11.21 19:57:15 | 000,002,623 | ---- | M] () -- C:\Users\svenja\Desktop\Microsoft Word.lnk
[2012.11.19 11:26:25 | 000,001,773 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012.11.19 11:17:59 | 000,001,711 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.11.17 21:55:06 | 000,427,829 | ---- | M] () -- C:\Users\svenja\silvestermailing2012.pdf
[2012.11.15 12:29:52 | 000,000,907 | ---- | M] () -- C:\Users\svenja\Desktop\join.me.lnk
[2012.11.15 08:51:09 | 000,000,893 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.11.09 10:13:39 | 000,001,040 | ---- | M] () -- C:\Users\Public\Desktop\PDFArchitect.lnk
[2012.11.09 08:19:02 | 000,000,737 | ---- | M] () -- C:\Users\Public\Desktop\OTLauncher.lnk
[2012.11.08 10:52:19 | 000,000,021 | ---- | M] () -- C:\Users\svenja\AppData\Local\mc.pixel.data
[2012.11.07 09:47:35 | 000,083,912 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\System32\LMIRfsClientNP.dll
[2012.11.07 09:47:34 | 000,092,072 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\System32\LMIinit.dll
[2012.11.07 09:47:34 | 000,031,144 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\System32\LMIport.dll
[2012.11.05 08:41:45 | 000,000,905 | ---- | M] () -- C:\Users\svenja\Desktop\iPhone SMS Export.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.11.29 17:09:08 | 000,054,016 | ---- | C] () -- C:\Windows\System32\drivers\lydajwmb.sys
[2012.11.22 11:08:06 | 000,000,099 | ---- | C] () -- C:\Users\svenja\Desktop\SignageStudioDebug.bat
[2012.11.22 11:07:54 | 000,000,861 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SignageStudio.lnk
[2012.11.22 11:07:53 | 000,000,849 | ---- | C] () -- C:\Users\Public\Desktop\SignageStudio.lnk
[2012.11.21 20:45:40 | 000,001,037 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
[2012.11.21 11:38:12 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.17 21:55:06 | 000,427,829 | ---- | C] () -- C:\Users\svenja\silvestermailing2012.pdf
[2012.11.15 12:29:52 | 000,000,907 | ---- | C] () -- C:\Users\svenja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\join.me.lnk
[2012.11.15 12:29:50 | 000,000,907 | ---- | C] () -- C:\Users\svenja\Desktop\join.me.lnk
[2012.11.15 08:51:08 | 000,000,905 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.11.15 08:51:08 | 000,000,893 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.11.09 10:13:39 | 000,001,040 | ---- | C] () -- C:\Users\Public\Desktop\PDFArchitect.lnk
[2012.11.09 08:19:02 | 000,000,737 | ---- | C] () -- C:\Users\Public\Desktop\OTLauncher.lnk
[2012.11.05 08:41:44 | 000,000,905 | ---- | C] () -- C:\Users\svenja\Desktop\iPhone SMS Export.lnk
[2012.08.25 10:33:41 | 000,003,730 | ---- | C] () -- C:\Users\svenja\AppData\Roaming\wklnhst.dat
[2011.12.18 15:25:02 | 000,094,564 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2011.12.05 18:21:29 | 000,000,600 | ---- | C] () -- C:\Users\svenja\AppData\Local\PUTTY.RND
[2011.11.06 14:23:06 | 000,273,500 | ---- | C] () -- C:\Windows\hpwins05.dat
[2011.11.06 14:23:06 | 000,003,111 | ---- | C] () -- C:\Windows\hpwmdl05.dat
[2011.10.22 23:09:14 | 000,139,080 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011.10.22 23:09:13 | 000,138,056 | ---- | C] () -- C:\Users\svenja\AppData\Roaming\PnkBstrK.sys
[2011.10.22 23:08:58 | 000,270,240 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2011.10.22 23:08:41 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2011.09.18 08:46:54 | 000,000,396 | ---- | C] () -- C:\Windows\hbcikrnl.ini
[2011.09.18 08:45:16 | 000,167,936 | ---- | C] () -- C:\Windows\System32\SerialXP.dll
[2011.09.18 08:45:16 | 000,027,648 | ---- | C] () -- C:\Windows\System32\win32com.dll
[2011.08.15 07:03:39 | 000,274,115 | ---- | C] () -- C:\Windows\hpwins05.dat.temp
[2011.08.15 06:59:15 | 000,000,725 | ---- | C] () -- C:\Windows\wsnk.ini
[2011.08.08 20:28:49 | 000,000,021 | ---- | C] () -- C:\Users\svenja\AppData\Local\mc.pixel.data
[2011.08.01 09:19:15 | 000,003,111 | ---- | C] () -- C:\Windows\hpwmdl05.dat.temp
[2011.05.04 07:35:40 | 000,000,680 | ---- | C] () -- C:\Users\svenja\AppData\Local\d3d9caps.dat
[2011.04.11 18:32:36 | 000,001,940 | ---- | C] () -- C:\Users\svenja\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011.01.17 09:45:42 | 000,498,666 | ---- | C] () -- C:\Users\svenja\Basil 1.mp3
[2010.12.19 19:19:14 | 000,000,054 | ---- | C] () -- C:\Windows\System32\opentable.ini
[2009.06.25 19:49:47 | 000,000,092 | ---- | C] () -- C:\Users\svenja\AppData\Local\cuyyo.bat
[2009.06.02 09:47:50 | 000,024,206 | ---- | C] () -- C:\Users\svenja\AppData\Roaming\UserTile.png
[2009.01.14 18:55:39 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2008.09.21 12:12:15 | 000,015,872 | ---- | C] () -- C:\Users\svenja\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.07.20 15:57:10 | 000,001,891 | ---- | C] () -- C:\Users\svenja\ZENcast Organizer.lnk
[2008.07.20 15:56:45 | 000,000,124 | ---- | C] () -- C:\Users\svenja\ZEN Media Explorer.lnk
========== ZeroAccess Check ==========
[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report >
--- --- --- |
