Trojaner-Board - Rogue.ControlCenter und ADWARE/Adware.Gen nach Installation von PDFCreator

Okay. Ich habe die Liste abgearbeitet. Hier sind die Ergebnisse.

MBAM:

Code:

Malwarebytes Anti-Malware 1.61.0.1400

www.malwarebytes.org
 

Datenbank Version: v2012.04.26.04
 

Windows 7 Service Pack 1 x86 NTFS

Internet Explorer 9.0.8112.16421

Nele :: SCHACK_JR [Administrator]
 

26.04.2012 21:47:23

mbam-log-2012-04-26 (21-47-23).txt
 

Art des Suchlaufs: Vollständiger Suchlauf

Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM

Deaktivierte Suchlaufeinstellungen: P2P

Durchsuchte Objekte: 381130

Laufzeit: 1 Stunde(n), 30 Minute(n), 14 Sekunde(n)
 

Infizierte Speicherprozesse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungswerte: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateiobjekte der Registrierung: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien: 0

(Keine bösartigen Objekte gefunden)
 

(Ende)

OTL

Code:

OTL logfile created on: 26.04.2012 23:37:29 - Run 1

OTL by OldTimer - Version 3.2.42.1     Folder = C:\Users\Nele\Desktop\Anti

 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,87 Gb Total Physical Memory | 1,60 Gb Available Physical Memory | 55,95% Memory free

5,73 Gb Paging File | 4,33 Gb Available in Paging File | 75,61% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 266,99 Gb Total Space | 23,17 Gb Free Space | 8,68% Space Free | Partition Type: NTFS

Drive D: | 30,00 Gb Total Space | 19,06 Gb Free Space | 63,53% Space Free | Partition Type: NTFS

 

Computer Name: SCHACK_JR | User Name: Nele | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - C:\Users\Nele\Desktop\Anti\OTL.exe (OldTimer Tools)

PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)

PRC - C:\Users\Nele\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)

PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)

PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)

PRC - C:\Windows\explorer.exe (Microsoft Corporation)

PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)

PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)

PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)

PRC - C:\Programme\Realtek\Audio\HDA\RtHDVBg.exe (Realtek Semiconductor)

PRC - C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)

PRC - C:\Programme\Launch Manager\WButton.exe (Wistron Corp.)

PRC - C:\Programme\Launch Manager\HotkeyApp.exe (Wistron)

PRC - C:\Programme\Launch Manager\OSD.exe (Wistron Corp.)

PRC - C:\Programme\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)

PRC - C:\Programme\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)

PRC - C:\Programme\Common Files\X10\Common\X10nets.exe (X10)

PRC - C:\Programme\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)

PRC - C:\Programme\Launch Manager\WisLMSvc.exe (Wistron Corp.)

PRC - C:\Programme\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)

PRC - c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)

 

 
 ========== Modules (No Company Name) ==========

 

MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_2_202_233.dll ()

MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()

MOD - C:\Programme\CyberLink\Power2Go\CLMLSvcPS.dll ()

MOD - C:\Programme\CyberLink\Power2Go\CLMediaLibrary.dll ()

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)

SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)

SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)

SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)

SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)

SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)

SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)

SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)

SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)

SRV - (UNS) Intel(R) -- C:\Programme\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)

SRV - (LMS) Intel(R) -- C:\Programme\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)

SRV - (x10nets) -- C:\Programme\Common Files\X10\Common\X10nets.exe (X10)

SRV - (WisLMSvc) -- C:\Programme\Launch Manager\WisLMSvc.exe (Wistron Corp.)

SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)

SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)

SRV - (Fabs) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)

SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)

SRV - (PSI_SVC_2) -- c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)

DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)

DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)

DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)

DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)

DRV - (StkCMini) -- C:\Windows\System32\drivers\StkCMini.sys (Syntek)

DRV - (rtl8192se) -- C:\Windows\System32\drivers\rtl8192se.sys (Realtek Semiconductor Corporation                           )

DRV - (RSUSBSTOR) -- C:\Windows\System32\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)

DRV - (L1C) -- C:\Windows\System32\drivers\L1C62x86.sys (Atheros Communications, Inc.)

DRV - (Impcd) -- C:\Windows\System32\drivers\Impcd.sys (Intel Corporation)

DRV - (NxpCap) -- C:\Windows\System32\drivers\NxpCap.sys (NXP Semiconductors Germany GmbH)

DRV - (IntcDAud) Intel(R) -- C:\Windows\System32\drivers\IntcDAud.sys (Intel(R) Corporation)

DRV - (HECI) Intel(R) -- C:\Windows\System32\drivers\HECI.sys (Intel Corporation)

DRV - (mod7700) -- C:\Windows\System32\drivers\mod7700.sys (DiBcom SA)

DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)

DRV - (XUIF) -- C:\Windows\System32\drivers\x10ufx2.sys (X10 Wireless Technology, Inc.)

DRV - (X10Hid) -- C:\Windows\System32\drivers\x10hid.sys (X10 Wireless Technology, Inc.)

DRV - (PIXMCV) -- C:\Windows\System32\drivers\pixmcvc.sys (Pixela)

DRV - (PIXMCVV) -- C:\Windows\System32\drivers\pixmcvv.sys (Pixela)

DRV - (PIXMCVA) -- C:\Windows\System32\drivers\pixmcva.sys (Pixela)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com [binary data]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://medion.msn.com [binary data]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2319825

IE - HKCU\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - No CLSID value found

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\..\SearchScopes\{AF56D317-6C7A-420E-8EE7-36E7B0760420}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = bibliothek.fh-fresenius.de:8080

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.selectedEngine: "CHIP Online Suche"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "about:home"

FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.9.3

FF - prefs.js..extensions.enabledItems: {8B72860F-C5F8-4286-865E-D2C2DB98A9E6}:1.0.0

FF - prefs.js..extensions.enabledItems: simpletimer@grbradt.org:1.10

FF - prefs.js..extensions.enabledItems: zotero@chnm.gmu.edu:2.1.6

FF - prefs.js..extensions.enabledItems: zoteroWinWordIntegration@zotero.org:3.1

FF - prefs.js..extensions.enabledItems: zoteroscholarcitations@beloglazov.info:1.2

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6

FF - prefs.js..extensions.enabledItems: 2020Player@2020Technologies.com:5.0.4.0

FF - prefs.js..network.proxy.backup.ftp: "217.17.29.34"

FF - prefs.js..network.proxy.backup.ftp_port: 8080

FF - prefs.js..network.proxy.backup.gopher: "217.17.29.34"

FF - prefs.js..network.proxy.backup.gopher_port: 8080

FF - prefs.js..network.proxy.backup.socks: "217.17.29.34"

FF - prefs.js..network.proxy.backup.socks_port: 8080

FF - prefs.js..network.proxy.backup.ssl: "217.17.29.34"

FF - prefs.js..network.proxy.backup.ssl_port: 8080

FF - prefs.js..network.proxy.ftp: "217.17.29.34"

FF - prefs.js..network.proxy.ftp_port: 8080

FF - prefs.js..network.proxy.gopher: "217.17.29.34"

FF - prefs.js..network.proxy.gopher_port: 8080

FF - prefs.js..network.proxy.http: "217.17.29.34"

FF - prefs.js..network.proxy.http_port: 8080

FF - prefs.js..network.proxy.no_proxies_on: ", stealthy.co"

FF - prefs.js..network.proxy.share_proxy_settings: true

FF - prefs.js..network.proxy.socks: "217.17.29.34"

FF - prefs.js..network.proxy.socks_port: 8080

FF - prefs.js..network.proxy.ssl: "217.17.29.34"

FF - prefs.js..network.proxy.ssl_port: 8080

FF - prefs.js..network.proxy.type: 0

FF - user.js - File not found

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll ()

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll File not found

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Nele\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}: C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2011.01.19 21:41:24 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.03.20 09:51:47 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.04.13 20:48:09 | 000,000,000 | ---D | M]

 

[2010.08.13 16:02:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nele\AppData\Roaming\mozilla\Extensions

[2010.08.13 16:02:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nele\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

[2012.04.26 23:36:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nele\AppData\Roaming\mozilla\Firefox\Profiles\h7wflwku.default\extensions

[2012.03.30 09:58:27 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Nele\AppData\Roaming\mozilla\Firefox\Profiles\h7wflwku.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

[2011.04.18 19:07:45 | 000,000,000 | ---D | M] (20-20 3D Viewer) -- C:\Users\Nele\AppData\Roaming\mozilla\Firefox\Profiles\h7wflwku.default\extensions\2020Player@2020Technologies.com

[2011.09.17 10:34:42 | 000,000,000 | ---D | M] (20-20 3D Viewer - IKEA) -- C:\Users\Nele\AppData\Roaming\mozilla\Firefox\Profiles\h7wflwku.default\extensions\2020Player_IKEA@2020Technologies.com

[2012.03.18 13:22:33 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\Nele\AppData\Roaming\mozilla\Firefox\Profiles\h7wflwku.default\extensions\foxyproxy@eric.h.jung

[2012.02.17 19:55:12 | 000,000,000 | ---D | M] (Zotero) -- C:\Users\Nele\AppData\Roaming\mozilla\Firefox\Profiles\h7wflwku.default\extensions\zotero@chnm.gmu.edu

[2012.03.18 13:22:35 | 000,000,000 | ---D | M] (Zotero Word for Windows Integration) -- C:\Users\Nele\AppData\Roaming\mozilla\Firefox\Profiles\h7wflwku.default\extensions\zoteroWinWordIntegration@zotero.org

[2011.11.02 23:10:10 | 000,002,122 | ---- | M] () -- C:\Users\Nele\AppData\Roaming\Mozilla\Firefox\Profiles\h7wflwku.default\searchplugins\chip-online-suche.xml

[2010.06.22 17:49:41 | 000,001,504 | ---- | M] () -- C:\Users\Nele\AppData\Roaming\Mozilla\Firefox\Profiles\h7wflwku.default\searchplugins\imdb.xml

[2010.09.06 16:39:25 | 000,002,661 | ---- | M] () -- C:\Users\Nele\AppData\Roaming\Mozilla\Firefox\Profiles\h7wflwku.default\searchplugins\opensubtitles.xml

[2010.06.25 21:26:17 | 000,000,961 | ---- | M] () -- C:\Users\Nele\AppData\Roaming\Mozilla\Firefox\Profiles\h7wflwku.default\searchplugins\shareminercom.xml

[2011.09.05 00:04:42 | 000,002,006 | ---- | M] () -- C:\Users\Nele\AppData\Roaming\Mozilla\Firefox\Profiles\h7wflwku.default\searchplugins\urban-dictionary.xml

[2010.07.26 00:08:39 | 000,001,330 | ---- | M] () -- C:\Users\Nele\AppData\Roaming\Mozilla\Firefox\Profiles\h7wflwku.default\searchplugins\wikipedia-en.xml

[2011.02.10 17:26:16 | 000,002,446 | ---- | M] () -- C:\Users\Nele\AppData\Roaming\Mozilla\Firefox\Profiles\h7wflwku.default\searchplugins\wiktionary-de.xml

[2010.06.22 17:49:20 | 000,004,140 | ---- | M] () -- C:\Users\Nele\AppData\Roaming\Mozilla\Firefox\Profiles\h7wflwku.default\searchplugins\youtube.xml

[2011.10.16 11:50:13 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions

() (No name found) -- C:\USERS\NELE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H7WFLWKU.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI

() (No name found) -- C:\USERS\NELE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H7WFLWKU.DEFAULT\EXTENSIONS\{8B72860F-C5F8-4286-865E-D2C2DB98A9E6}.XPI

() (No name found) -- C:\USERS\NELE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H7WFLWKU.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI

() (No name found) -- C:\USERS\NELE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H7WFLWKU.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI

() (No name found) -- C:\USERS\NELE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H7WFLWKU.DEFAULT\EXTENSIONS\SIMPLETIMER@GRBRADT.ORG.XPI

() (No name found) -- C:\USERS\NELE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H7WFLWKU.DEFAULT\EXTENSIONS\STEALTHYEXTENSION@GMAIL.COM.XPI

() (No name found) -- C:\USERS\NELE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H7WFLWKU.DEFAULT\EXTENSIONS\ZOTEROSCHOLARCITATIONS@BELOGLAZOV.INFO.XPI

[2012.03.20 09:51:47 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2011.05.07 15:15:03 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml

[2011.05.07 15:15:03 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2011.05.07 15:15:03 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml

[2011.05.07 15:15:03 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml

[2011.05.07 15:15:03 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml

[2011.05.07 15:15:03 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

 
 ========== Chrome  ==========

 

 

O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {40C3CC16-7269-4B32-9531-17F2950FB06F} - No CLSID value found.

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)

O4 - HKLM..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe (Wistron)

O4 - HKLM..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe" File not found

O4 - HKLM..\Run: [LMgrVolOSD] C:\Program Files\Launch Manager\OSD.exe (Wistron Corp.)

O4 - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [Wbutton] C:\Program Files\Launch Manager\Wbutton.exe (Wistron Corp.)

O4 - Startup: C:\Users\Nele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Nele\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O8 - Extra context menu item: &Citavi Picker... - file://C:\ProgramData\Swiss Academic Software\Citavi Picker\Internet Explorer\ShowContextMenu.html File not found

O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)

O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found

O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4 File not found

O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4 File not found

O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{45E7A42D-34F3-4E38-8108-0519D5D90937}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AF1075E2-4B82-43A8-937F-DE7FCB359661}: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)

O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)

O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O33 - MountPoints2\{2455cedb-0601-11e0-8c5e-00262dbec614}\Shell - "" = AutoRun

O33 - MountPoints2\{2455cedb-0601-11e0-8c5e-00262dbec614}\Shell\AutoRun\command - "" = F:\RUNME.bat

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.04.25 09:21:41 | 000,000,000 | ---D | C] -- C:\Users\Nele\Desktop\Anti

[2012.04.23 21:28:10 | 000,000,000 | ---D | C] -- C:\Users\Nele\Desktop\Berichte

[2012.04.22 23:05:25 | 000,000,000 | ---D | C] -- C:\Users\Nele\AppData\Roaming\Malwarebytes

[2012.04.22 23:05:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2012.04.22 23:05:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2012.04.22 23:05:15 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2012.04.22 23:05:15 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2012.04.22 21:43:24 | 000,000,000 | ---D | C] -- C:\Users\Nele\Desktop\2012-04-22 PDSS

[2012.04.22 21:43:24 | 000,000,000 | ---D | C] -- C:\Users\Nele\Desktop\2012-04-19 titel

[2012.04.11 12:16:48 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2012.04.11 12:16:47 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll

[2012.04.11 12:16:46 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll

[2012.04.11 12:16:46 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2012.04.11 12:16:45 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

[2012.04.11 12:16:45 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2012.04.11 12:11:24 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe

[2012.04.11 12:11:24 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe

[2012.03.31 15:08:28 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe

[2012.03.28 20:28:44 | 000,000,000 | ---D | C] -- C:\Users\Nele\AppData\Roaming\ProtectDisc

[2012.03.28 20:28:31 | 000,000,000 | ---D | C] -- C:\Users\Nele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Patholinguistische Diagnostik

[2012.03.28 20:27:47 | 000,000,000 | ---D | C] -- C:\Users\Nele\AppData\Local\Apps

[2012.03.28 20:27:46 | 000,000,000 | ---D | C] -- C:\Users\Nele\AppData\Local\Deployment

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.04.26 23:34:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012.04.26 23:34:03 | 2307,862,528 | -HS- | M] () -- C:\hiberfil.sys

[2012.04.26 23:28:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012.04.26 21:50:26 | 000,009,920 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012.04.26 21:50:26 | 000,009,920 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012.04.26 21:46:33 | 000,654,166 | ---- | M] () -- C:\Windows\System32\perfh007.dat

[2012.04.26 21:46:33 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2012.04.26 21:46:33 | 000,130,006 | ---- | M] () -- C:\Windows\System32\perfc007.dat

[2012.04.26 21:46:33 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2012.04.25 09:27:23 | 000,000,000 | ---- | M] () -- C:\Users\Nele\defogger_reenable

[2012.04.22 23:05:18 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.04.22 12:23:24 | 000,004,096 | ---- | M] () -- C:\Users\Public\Documents\00001D5A.LCS

[2012.04.15 17:17:47 | 000,360,835 | ---- | M] () -- C:\Users\Nele\Desktop\mottiertest.pdf

[2012.04.15 08:50:57 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe

[2012.04.15 08:50:57 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

[2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2012.03.29 07:59:57 | 000,421,600 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2012.03.28 20:28:32 | 000,000,332 | ---- | M] () -- C:\Users\Nele\Desktop\Patholinguistische Diagnostik bei Sprachentwicklungsstörungen.appref-ms

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2012.04.25 09:27:23 | 000,000,000 | ---- | C] () -- C:\Users\Nele\defogger_reenable

[2012.04.22 23:05:18 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.04.15 17:17:47 | 000,360,835 | ---- | C] () -- C:\Users\Nele\Desktop\mottiertest.pdf

[2012.03.31 15:08:30 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012.03.28 20:28:46 | 000,004,096 | ---- | C] () -- C:\Users\Public\Documents\00001D5A.LCS

[2012.03.28 20:28:32 | 000,000,332 | ---- | C] () -- C:\Users\Nele\Desktop\Patholinguistische Diagnostik bei Sprachentwicklungsstörungen.appref-ms

[2011.10.23 12:06:02 | 000,197,648 | ---- | C] () -- C:\Windows\System32\drivers\StkCSF.sys

[2011.10.23 09:59:43 | 000,084,616 | ---- | C] () -- C:\Windows\StkUnist.exe

[2011.10.23 09:59:43 | 000,025,608 | ---- | C] () -- C:\Windows\System32\drivers\StkCSam.sys

[2010.08.25 20:30:02 | 000,127,868 | ---- | C] () -- C:\Windows\System32\igcompkrng575.bin

[2010.08.25 20:30:00 | 000,104,796 | ---- | C] () -- C:\Windows\System32\igfcg575m.bin

[2010.08.25 19:59:08 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll

[2010.08.24 23:37:33 | 000,014,848 | ---- | C] () -- C:\Users\Nele\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010.06.23 15:36:24 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2010.06.22 22:57:29 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll

[2010.06.22 22:02:12 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys

[2010.06.22 18:00:25 | 000,000,000 | ---- | C] () -- C:\Users\Nele\AppData\Roaming\wklnhst.dat

 
 ========== Alternate Data Streams ==========

 

@Alternate Data Stream - 154 bytes -> C:\ProgramData\Temp:548232DE
 

< End of report >

OTL-Extras

Code:

OTL Extras logfile created on: 26.04.2012 23:37:29 - Run 1

OTL by OldTimer - Version 3.2.42.1     Folder = C:\Users\Nele\Desktop\Anti

 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,87 Gb Total Physical Memory | 1,60 Gb Available Physical Memory | 55,95% Memory free

5,73 Gb Paging File | 4,33 Gb Available in Paging File | 75,61% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 266,99 Gb Total Space | 23,17 Gb Free Space | 8,68% Space Free | Partition Type: NTFS

Drive D: | 30,00 Gb Total Space | 19,06 Gb Free Space | 63,53% Space Free | Partition Type: NTFS

 

Computer Name: SCHACK_JR | User Name: Nele | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 
 ========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 
 ========== Authorized Applications List ==========

 

 
 ========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{07A7BB90-94EB-42A0-BB3D-CC707FF873E4}" = lport=445 | protocol=6 | dir=in | app=system | 

"{0C9A92EF-9EDB-4675-A281-F3E915C360B3}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 

"{1AA29434-8FA7-4408-8672-1827EDC28E13}" = rport=445 | protocol=6 | dir=out | app=system | 

"{1CC6F20D-5377-4207-97F6-D63B35D06438}" = lport=139 | protocol=6 | dir=in | app=system | 

"{219FBBC2-33E2-4501-BAB3-87E8BAF35D45}" = lport=2869 | protocol=6 | dir=in | app=system | 

"{2F1CF472-75D0-4210-B074-AE153D79715C}" = rport=10243 | protocol=6 | dir=out | app=system | 

"{345DD22E-8646-4E2B-9FCE-427854C0D01A}" = lport=138 | protocol=17 | dir=in | app=system | 

"{34759FA1-AD15-4E1B-83F6-16EC415F224B}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 

"{431CF4BD-F4C3-40A1-94BF-78DA587081BF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{5E0AF8C6-A76B-4297-B668-F384BA7207A1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{739BAB64-811D-4F4D-9ED5-895BA6F27B1B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 

"{7663145F-2C57-403B-99BE-DECB82362E67}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{879ED60B-3953-4309-A0D3-3D86196D6955}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{8A92827B-4B40-4DE1-A200-BECC3ADB6BD3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 

"{92922AD5-22C3-45FE-A8FA-040E1C48A942}" = rport=138 | protocol=17 | dir=out | app=system | 

"{970BE2D1-9EA6-434C-9224-09920AA85634}" = lport=137 | protocol=17 | dir=in | app=system | 

"{A725CCE6-46F4-41A3-9C69-FB42BEBE6918}" = lport=10243 | protocol=6 | dir=in | app=system | 

"{A8FB3D88-7572-4F18-9549-7DDD2EC7F754}" = lport=2869 | protocol=6 | dir=in | app=system | 

"{AF78D111-8032-4E0B-B56D-BB38943162EC}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{C5266201-B30D-46F7-B96A-164C9DED1220}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{DD1F6E10-A3DF-4F05-B1C6-0EF69A873AD0}" = rport=139 | protocol=6 | dir=out | app=system | 

"{DD38B9BD-9242-488E-A75A-CBB888B96242}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{E0C04847-E84A-45E2-AD10-D93BB397D099}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{ED7B1FE2-E61E-485D-8DE1-609D7D34C62C}" = rport=137 | protocol=17 | dir=out | app=system | 

"{F7106C57-FDA8-4B42-AE1B-550FAFB9688E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 

 
 ========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0B2D6B4F-8F0E-4F50-8D9A-A7FD87A65C66}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{0C38E39E-ECA9-4F28-9AD1-97045861C70D}" = protocol=6 | dir=in | app=c:\users\nele\appdata\roaming\dropbox\bin\dropbox.exe | 

"{109B609F-9AE6-4399-8C97-630373DD4A24}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{2729903B-259D-4346-B529-D50EA035BB55}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 

"{37BD6AB5-379F-40E3-AC88-7370E963219E}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 

"{537720AB-4BCE-4D65-BE6B-325B1437FE53}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 

"{59810A99-3D23-49F3-B195-FE296DA752B1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{746E68DE-6CF9-40EE-AFC3-A4E45D186C95}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 

"{82D0373E-C4B6-4FFB-A749-AD9F683E2908}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{8382F56D-7574-4DF6-A228-4E6C5044775E}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 

"{8434744C-7D9A-407C-8147-C51771463519}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{890744D9-1879-4741-A24B-F451B3071B3D}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | 

"{8F4A467A-D5BE-49F8-A043-C23DB585B6C9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{97E3249B-9623-43AA-9E56-C913513A2893}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 

"{B44E7248-3EE4-43EC-AAC3-02D63E33130E}" = protocol=6 | dir=out | app=system | 

"{C508FB88-4D11-473B-AE6D-70C5C70AD6BD}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 

"{C8CD224F-2AC5-40EB-94D8-A22A13133E51}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 

"{CA02B5E2-88BF-4B51-B3D3-F7C470CFEE6C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 

"{DDD8E63F-BFE0-4C5D-A009-99200CE6C738}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 

"{E195C058-8906-47F3-A7AA-6748599C6BEF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{E5F8F8BC-C36F-4D7F-8072-350C05699281}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{E8A78A7B-F160-461D-BC88-75CB3236A1EB}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 

"{E929EB44-B9E6-416B-87D7-B7EDF10257C7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{E965A0BE-FD11-41EB-8DD9-EB0A94A55E41}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{EE70A816-A8F5-4544-AFB1-F060E5942E17}" = protocol=17 | dir=in | app=c:\users\nele\appdata\roaming\dropbox\bin\dropbox.exe | 

"{F50687E8-33E2-46EB-9885-01261215ED86}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"TCP Query User{1938DDC7-D450-4625-811D-CC1A030BDEF9}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 

"TCP Query User{343166C6-C58A-4A66-884A-32D1B0B2467F}C:\users\nele\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\nele\appdata\roaming\dropbox\bin\dropbox.exe | 

"UDP Query User{DD79E304-AE76-4C92-B5B3-CD539265FEC1}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 

"UDP Query User{F3F79924-1899-4531-975B-371D25910E44}C:\users\nele\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\nele\appdata\roaming\dropbox\bin\dropbox.exe | 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}" = CorelDRAW Essentials 4

"_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}" = CorelDRAW Essentials 4 - Windows Shell Extension

"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam

"{0280F0D8-1542-4DAA-913C-8529E2A3835D}" = The Longest Journey

"{07B62101-7EBD-434A-94B1-B38063BE5516}" = CorelDRAW Essentials 4 - PHOTO-PAINT

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0CA6F2DA-0DCB-4627-8A0C-858E3833769F}_is1" = And Yet It Moves 1.2.0

"{0ED4216F-3540-4D6B-8199-1C8DDEA3924B}" = CorelDRAW Essentials 4 - Lang DE

"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser

"{19AC095C-3520-4999-AA15-93B6D0248A50}" = CorelDRAW Essentials 4 - Content

"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger

"{1CCF060E-91A1-4E3C-B376-DACA2D1A358A}" = PDSS.FontInstaller

"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20

"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{34A9406E-1994-4C20-AC72-04CFA2B24545}" = CorelDRAW Essentials 4 - Lang EN

"{3576C335-958D-4D60-A812-F68F9A2796AF}" = CorelDRAW Essentials 4 - Lang IT

"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack

"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3C873221-12B9-475D-8DCB-62D0B2179AF9}" = USB2.0 ATV

"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology

"{3E6F0CAD-EE38-42A5-9EEA-AE17A55BF2D4}" = Firebird SQL Server - MAGIX Edition

"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go

"{45518B6D-9DDF-4144-83E4-A56762524F35}" = USB2.0 Grabber

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module

"{5500BB35-1C21-4328-9F16-F894B860FADE}" = CorelDRAW Essentials 4 - Lang NL

"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync

"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module

"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components

"{68260A58-E952-4182-A26C-A4144B230174}" = Wetter Gadget

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{76E852ED-1B06-4BC8-9D6A-625DB95FB7E5}" = CorelDRAW Essentials 4 - IPM - No VBA

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer

"{86501894-E722-4385-A792-B7C2F28FAE7B}" = NetSpeedMonitor 2.5.4.0 x86

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010

"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010

"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010

"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010

"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010

"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010

"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010

"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010

"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010

"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010

"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010

"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010

"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010

"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010

"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{9043B9A0-9505-405B-8202-E7167A38A89C}" = CorelDRAW Essentials 4

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D3D8C60-A55F-4fed-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A7BDCFCC-E17A-41A4-B5CA-3CBBA241E5B0}_is1" = FluencyCoach 1.0.2.1

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{ABD8B955-1C69-4AF3-949B-13CD587C175F}" = CorelDRAW Essentials 4 - Lang BR

"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch

"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter

"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie

"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail

"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0

"{B9FA9F15-A1F3-4DB1-AD49-0B9351843FAA}" = CorelDRAW Essentials 4 - Draw

"{BA9319FE-BCEF-4C99-8039-F464648D046E}" = CorelDRAW Essentials 4 - Lang FR

"{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}" = Microsoft SQL Server 2005 Compact Edition [DEU]

"{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}" = CorelDRAW Essentials 4 - ICA

"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common

"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint

"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant

"{C682F3F0-00A6-4379-B083-4F3273624D7B}" = CorelDRAW Essentials 4 - Lang ES

"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}" = CorelDRAW Essentials 4 - Windows Shell Extension

"{D0846526-66DD-4DC9-A02C-98F9A2806812}" = Launch Manager V1.5.0.8

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{DC6B4110-394D-45B9-A677-BA495D84CA63}" = Shutdown Timer

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series

"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy

"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker

"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger

"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module

"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F16841F6-5F0F-4DBE-B318-63CEB916F21D}" = CorelDRAW Essentials 4 - Filters

"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials

"7-Zip" = 7-Zip 4.65

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"ALDI Foto Service D" = ALDI Foto Service

"ALDI Nord Foto Manager Free D" = ALDI Nord Foto Manager Free

"Aldi Nord Fotoservice_is1" = Aldi Nord Fotoservice

"ALDI Nord Online Druck Service D" = ALDI Nord Online Druck Service

"Ashampoo Burning Studio_is1" = Ashampoo Burning Studio

"Ashampoo Photo Commander_is1" = Ashampoo Photo Commander

"Ashampoo Snap_is1" = Ashampoo Snap

"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode)

"Avira AntiVir Desktop" = Avira Free Antivirus

"AVS Audio Editor_is1" = AVS Audio Editor 7.1

"AVS Screen Capture_is1" = AVS Screen Capture version 2.0.1

"AVS Update Manager_is1" = AVS Update Manager 1.0

"AVS Video Editor_is1" = AVS Video Editor 6

"AVS Video Recorder_is1" = AVS Video Recorder 2.4

"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4

"Broken Sword - Director's Cut_is1" = Broken Sword - Director's Cut

"Broken Sword - The Sleeping Dragon" = Broken Sword - The Sleeping Dragon

"Broken Sword - The Sleeping Dragon_is1" = Broken Sword - The Sleeping Dragon

"Broken Sword II - The Smoking Mirror Director's Cut_is1" = Broken Sword II - The Smoking Mirror Director's Cut

"Cogs" = Cogs

"Gobliiins Pack_is1" = Gobliiins Pack

"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam

"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema

"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go

"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint

"InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy

"JDownloader" = JDownloader

"KLiteCodecPack_is1" = K-Lite Codec Pack 6.0.4 (Standard)

"Machinarium" = Machinarium

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400

"Matrox VFW Software Codecs" = Matrox VFW Software Codecs, build 28 

"MEDION Fotos auf CD & DVD SE Nord D" = MEDION Fotos auf CD & DVD SE Nord

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"Mozilla Firefox 11.0 (x86 de)" = Mozilla Firefox 11.0 (x86 de)

"Office14.SingleImage" = Microsoft Office Home and Student 2010

"OpenAL" = OpenAL

"quicktime_lite_is1" = QT Lite 4.1.0

"ScummVM_is1" = ScummVM 1.4.0

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"The Feeble Files_is1" = The Feeble Files

"VirtualCloneDrive" = VirtualCloneDrive

"VLMC" = VideoLAN Movie Creator

"Windows Media Encoder 9" = Windows Media Encoder 9 Series

"WinLiveSuite" = Windows Live Essentials

"X10Hardware" = X10 Hardware(TM)

 
 ========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"8e2028b333c57027" = Patholinguistische Diagnostik bei Sprachentwicklungsstörungen

"Dropbox" = Dropbox

"Tangram" = Tangram

"TimeAdjuster" = Time Adjuster STANDARD 3.1

"UnityWebPlayer" = Unity Web Player

 
 ========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 18.02.2012 09:08:33 | Computer Name = Schack_Jr | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: WButton.exe, Version: 1.0.9.2, Zeitstempel:

 0x4b4d2d75  Name des fehlerhaften Moduls: WButton.exe, Version: 1.0.9.2, Zeitstempel:

 0x4b4d2d75  Ausnahmecode: 0x40000015  Fehleroffset: 0x0003c311  ID des fehlerhaften Prozesses:

 0xa70  Startzeit der fehlerhaften Anwendung: 0x01ccee3e5bd7edb7  Pfad der fehlerhaften

 Anwendung: C:\Program Files\Launch Manager\WButton.exe  Pfad des fehlerhaften Moduls:

 C:\Program Files\Launch Manager\WButton.exe  Berichtskennung: a8a2ee36-5a31-11e1-b921-00262dbec614

 

Error - 25.02.2012 11:51:04 | Computer Name = Schack_Jr | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: wmpnetwk.exe, Version: 12.0.7601.17514,

 Zeitstempel: 0x4ce7a4a7  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,

 Zeitstempel: 0x4ec49b60  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00052d24  ID des fehlerhaften

 Prozesses: 0x6e4  Startzeit der fehlerhaften Anwendung: 0x01ccf3d5450627f1  Pfad der

 fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmpnetwk.exe  Pfad 

des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll  Berichtskennung: 85923c06-5fc8-11e1-955e-00262dbec614

 

Error - 28.02.2012 12:25:56 | Computer Name = Schack_Jr | Source = Application Hang | ID = 1002

Description = Programm firefox.exe, Version 10.0.2.4428 kann nicht mehr unter Windows

 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,

 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 17c4    Startzeit:

 01ccf5fced6b24ac    Endzeit: 68    Anwendungspfad: C:\Program Files\Mozilla Firefox\firefox.exe
 

Berichts-ID:

 e0878150-6228-11e1-a939-00262dbec614  

 

Error - 22.03.2012 03:11:25 | Computer Name = Schack_Jr | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: WButton.exe, Version: 1.0.9.2, Zeitstempel:

 0x4b4d2d75  Name des fehlerhaften Moduls: WButton.exe, Version: 1.0.9.2, Zeitstempel:

 0x4b4d2d75  Ausnahmecode: 0x40000015  Fehleroffset: 0x0003c311  ID des fehlerhaften Prozesses:

 0xa34  Startzeit der fehlerhaften Anwendung: 0x01cd07faf251cf16  Pfad der fehlerhaften

 Anwendung: C:\Program Files\Launch Manager\WButton.exe  Pfad des fehlerhaften Moduls:

 C:\Program Files\Launch Manager\WButton.exe  Berichtskennung: 3c05d309-73ee-11e1-baa0-00262dbec614

 

Error - 26.03.2012 01:59:49 | Computer Name = Schack_Jr | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: WButton.exe, Version: 1.0.9.2, Zeitstempel:

 0x4b4d2d75  Name des fehlerhaften Moduls: WButton.exe, Version: 1.0.9.2, Zeitstempel:

 0x4b4d2d75  Ausnahmecode: 0x40000015  Fehleroffset: 0x0003c311  ID des fehlerhaften Prozesses:

 0xaa4  Startzeit der fehlerhaften Anwendung: 0x01cd0b1552848080  Pfad der fehlerhaften

 Anwendung: C:\Program Files\Launch Manager\WButton.exe  Pfad des fehlerhaften Moduls:

 C:\Program Files\Launch Manager\WButton.exe  Berichtskennung: e5210253-7708-11e1-b5da-00262dbec614

 

Error - 15.04.2012 04:01:42 | Computer Name = Schack_Jr | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: WINWORD.EXE, Version: 14.0.6024.1000,

 Zeitstempel: 0x4d83e310  Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.6161,

 Zeitstempel: 0x4dace5b9  Ausnahmecode: 0xc0000417  Fehleroffset: 0x000320f0  ID des fehlerhaften

 Prozesses: 0x1394  Startzeit der fehlerhaften Anwendung: 0x01cd1ad785647a9d  Pfad der

 fehlerhaften Anwendung: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE  Pfad

 des fehlerhaften Moduls: C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll

Berichtskennung:

 3c3aca1f-86d1-11e1-95a5-00262dbec614

 

Error - 24.04.2012 11:26:34 | Computer Name = Schack_Jr | Source = PerfNet | ID = 2004

Description = 

 

Error - 24.04.2012 11:26:34 | Computer Name = Schack_Jr | Source = PerfNet | ID = 2002

Description = 

 

Error - 25.04.2012 04:05:59 | Computer Name = Schack_Jr | Source = PerfNet | ID = 2004

Description = 

 

Error - 25.04.2012 04:05:59 | Computer Name = Schack_Jr | Source = PerfNet | ID = 2002

Description = 

 

[ Media Center Events ]

Error - 28.06.2011 09:12:52 | Computer Name = Schack_Jr | Source = MCUpdate | ID = 0

Description = 15:12:42 - EpgListings konnte nicht abgerufen werden (Fehler: Die 

zugrunde liegende Verbindung wurde geschlossen: Unbekannter Fehler beim Empfangen..)
 

 

Error - 11.09.2011 03:29:06 | Computer Name = Schack_Jr | Source = MCUpdate | ID = 0

Description = 09:29:05 - Fehler beim Herstellen der Internetverbindung.  09:29:06 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 11.09.2011 03:29:25 | Computer Name = Schack_Jr | Source = MCUpdate | ID = 0

Description = 09:29:11 - Fehler beim Herstellen der Internetverbindung.  09:29:11 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 27.09.2011 03:12:52 | Computer Name = Schack_Jr | Source = MCUpdate | ID = 0

Description = 09:12:52 - Fehler beim Herstellen der Internetverbindung.  09:12:52 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 27.09.2011 03:13:07 | Computer Name = Schack_Jr | Source = MCUpdate | ID = 0

Description = 09:12:57 - Fehler beim Herstellen der Internetverbindung.  09:12:57 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 13.12.2011 04:33:38 | Computer Name = Schack_Jr | Source = MCUpdate | ID = 0

Description = 09:33:12 - EpgListings konnte nicht abgerufen werden (Fehler: Die 

Verbindung mit dem Remoteserver kann nicht hergestellt werden.)  

 

Error - 13.01.2012 02:59:42 | Computer Name = Schack_Jr | Source = MCUpdate | ID = 0

Description = 07:59:42 - Fehler beim Herstellen der Internetverbindung.  07:59:42 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 13.01.2012 03:00:02 | Computer Name = Schack_Jr | Source = MCUpdate | ID = 0

Description = 07:59:47 - Fehler beim Herstellen der Internetverbindung.  07:59:47 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 26.02.2012 04:52:00 | Computer Name = Schack_Jr | Source = MCUpdate | ID = 0

Description = 09:52:00 - Fehler beim Herstellen der Internetverbindung.  09:52:00 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 26.02.2012 04:52:16 | Computer Name = Schack_Jr | Source = MCUpdate | ID = 0

Description = 09:52:05 - Fehler beim Herstellen der Internetverbindung.  09:52:05 

-     Serververbindung konnte nicht hergestellt werden..  

 

[ System Events ]

Error - 25.04.2012 07:14:56 | Computer Name = Schack_Jr | Source = Service Control Manager | ID = 7001

Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location

 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068

 

Error - 25.04.2012 07:14:56 | Computer Name = Schack_Jr | Source = Service Control Manager | ID = 7001

Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location

 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068

 

Error - 25.04.2012 07:14:56 | Computer Name = Schack_Jr | Source = Service Control Manager | ID = 7001

Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location

 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068

 

Error - 25.04.2012 07:14:56 | Computer Name = Schack_Jr | Source = Service Control Manager | ID = 7001

Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location

 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068

 

Error - 25.04.2012 07:14:56 | Computer Name = Schack_Jr | Source = Service Control Manager | ID = 7001

Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location

 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068

 

Error - 25.04.2012 07:23:11 | Computer Name = Schack_Jr | Source = DCOM | ID = 10005

Description = 

 

Error - 25.04.2012 07:23:11 | Computer Name = Schack_Jr | Source = DCOM | ID = 10005

Description = 

 

Error - 25.04.2012 07:23:11 | Computer Name = Schack_Jr | Source = Service Control Manager | ID = 7001

Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location

 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068

 

Error - 26.04.2012 15:42:59 | Computer Name = Schack_Jr | Source = WMPNetworkSvc | ID = 866300

Description = 

 

Error - 26.04.2012 15:46:29 | Computer Name = Schack_Jr | Source = BROWSER | ID = 8032

Description = 

 

 

< End of report >

CCleaner-Installierte Programme

Code:

7-Zip 4.65                23.06.2010                

Adobe Flash Player 10 ActiveX        Adobe Systems Incorporated        21.06.2010                10.0.45.2

Adobe Flash Player 11 Plugin        Adobe Systems Incorporated        14.04.2012        6,00MB        11.2.202.233

Adobe Reader X (10.1.3) - Deutsch        Adobe Systems Incorporated        12.04.2012        194,3MB        10.1.3

ALDI Foto Service        MAGIX AG        22.04.2010                4.5.9.141

ALDI Nord Foto Manager Free        MAGIX AG        22.04.2010                6.0.1.491

Aldi Nord Fotoservice                22.04.2010                

ALDI Nord Online Druck Service        MAGIX AG        22.04.2010                4.5.1.0

And Yet It Moves 1.2.0        Broken Rules        06.08.2011        68,1MB        

Apple Application Support        Apple Inc.        08.03.2011        52,8MB        1.4.1

Apple Software Update        Apple Inc.        08.03.2011        2,16MB        2.1.1.116

Ashampoo Burning Studio        ashampoo GmbH & Co. KG        21.04.2010        129,0MB        9.23.0

Ashampoo Photo Commander        ashampoo GmbH & Co. KG        21.04.2010        114,0MB        8.1.0

Ashampoo Snap        ashampoo GmbH & Co. KG        21.04.2010        27,4MB        3.4.0

Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver        Atheros Communications Inc.        21.04.2010                1.0.0.27

Audacity 1.3.12 (Unicode)        Audacity Team        27.11.2010        32,6MB        

Avira Free Antivirus        Avira        15.02.2012        104,4MB        12.0.0.898

AVS Audio Editor 7.1        Online Media Technologies Ltd.        08.11.2011                

AVS Screen Capture version 2.0.1        Online Media Technologies Ltd.        15.10.2011                

AVS Update Manager 1.0        Online Media Technologies Ltd.        08.11.2011                

AVS Video Editor 6        Online Media Technologies Ltd.        15.10.2011                

AVS Video Recorder 2.4        Online Media Technologies Ltd.        15.10.2011                

AVS4YOU Software Navigator 1.4        Online Media Technologies Ltd.        08.11.2011                

Broken Sword - Director's Cut        GOG.com        07.08.2011                

Broken Sword - The Sleeping Dragon                17.08.2011                

Broken Sword - The Sleeping Dragon        GOG.com        18.08.2011                

Broken Sword II - The Smoking Mirror Director's Cut        GOG.com        12.08.2011                

CCleaner        Piriform        26.04.2012                3.18

Cisco EAP-FAST Module        Cisco Systems, Inc.        21.04.2010        1,15MB        2.2.14

Cisco LEAP Module        Cisco Systems, Inc.        21.04.2010        0,48MB        1.0.19

Cisco PEAP Module        Cisco Systems, Inc.        21.04.2010        0,90MB        1.1.6

Cogs                07.08.2011                

CorelDRAW Essentials 4        Corel Corporation        21.04.2010                

CorelDRAW Essentials 4 - Windows Shell Extension        Corel Corporation        21.04.2010        2,93MB        

CyberLink LabelPrint        CyberLink Corp.        21.04.2010        143,4MB        2.5.2602

CyberLink Power2Go        CyberLink Corp.        21.04.2010        104,8MB        6.1.3602c

CyberLink PowerDVD Copy        CyberLink Corp.        21.04.2010        30,8MB        1.5.1306

CyberLink YouCam        CyberLink Corp.        21.04.2010        132,1MB        3.0.2626

Dropbox        Dropbox, Inc.        24.02.2012                1.2.52

Firebird SQL Server - MAGIX Edition        MAGIX AG        22.04.2010        10,1MB        2.1.23.0

FluencyCoach 1.0.2.1        Janus Development Group        22.01.2012                

Gobliiins Pack        GOG.com        12.08.2011                

Intel(R) Graphics Media Accelerator Driver        Intel Corporation        22.04.2010                8.15.10.2086

Intel(R) Management Engine Components        Intel Corporation        22.04.2010                6.0.0.1179

Intel(R) Rapid Storage Technology        Intel Corporation        22.04.2010                9.6.0.1014

Java(TM) 6 Update 20        Sun Microsystems, Inc.        21.04.2010        97,2MB        6.0.200

JDownloader        AppWork UG (haftungsbeschränkt)        21.06.2010                0.89

K-Lite Codec Pack 6.0.4 (Standard)                21.06.2010        39,0MB        6.0.4

Launch Manager V1.5.0.8        Wistron Corp.        21.04.2010                1.5.0.8

Machinarium        Amanita Design, s.r.o.        06.08.2011                23.10.09

Malwarebytes Anti-Malware Version 1.61.0.1400        Malwarebytes Corporation        21.04.2012        18,0MB        1.61.0.1400

Matrox VFW Software Codecs, build 28                15.10.2011                

MEDION Fotos auf CD & DVD SE Nord        MAGIX AG        22.04.2010                8.0.3.4

Medion Home Cinema        CyberLink Corp.        21.04.2010        36,5MB        8.0.1505

Microsoft .NET Framework 4 Client Profile        Microsoft Corporation        24.06.2010        38,8MB        4.0.30319

Microsoft .NET Framework 4 Client Profile DEU Language Pack        Microsoft Corporation        24.06.2010        2,94MB        4.0.30319

Microsoft Office Home and Student 2010        Microsoft Corporation        24.10.2011                14.0.6029.1000

Microsoft Silverlight        Microsoft Corporation        13.02.2012        199,8MB        4.1.10111.0

Microsoft SQL Server 2005 Compact Edition [DEU]        Microsoft Corporation        22.04.2010        0,33MB        3.1.0000

Microsoft SQL Server 2005 Compact Edition [ENU]        Microsoft Corporation        22.04.2010        1,72MB        3.1.0000

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053        Microsoft Corporation        21.04.2010        0,25MB        8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable        Microsoft Corporation        15.06.2011        0,29MB        8.0.59193

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570        Microsoft Corporation        06.05.2011        0,58MB        9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17        Microsoft Corporation        22.04.2010        0,58MB        9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148        Microsoft Corporation        21.06.2010        0,58MB        9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161        Microsoft Corporation        15.06.2011        0,59MB        9.0.30729.6161

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219        Microsoft Corporation        16.10.2011        12,3MB        10.0.40219

Microsoft Works        Microsoft Corporation        10.04.2012        1.045MB        9.7.0621

Mozilla Firefox 11.0 (x86 de)        Mozilla        19.03.2012        37,0MB        11.0

MSXML 4.0 SP2 (KB973688)        Microsoft Corporation        21.04.2010        1,35MB        4.20.9876.0

MSXML 4.0 SP3 Parser        Microsoft Corporation        22.01.2012        1,48MB        4.30.2100.0

MSXML 4.0 SP3 Parser (KB973685)        Microsoft Corporation        23.01.2012        1,53MB        4.30.2107.0

NetSpeedMonitor 2.5.4.0 x86        Florian Gilles        05.08.2011        1,04MB        2.5.4.0

OpenAL                07.08.2011                

Patholinguistische Diagnostik bei Sprachentwicklungsstörungen        Patholinguistische Diagnostik        27.03.2012                1.3.0.3

PDSS.FontInstaller        Copyright © Elsevier GmbH 2011        27.03.2012        49,00KB        2.3.0

PlayReady PC Runtime x86        Microsoft Corporation        21.06.2010        1,65MB        1.3.0

QT Lite 4.1.0                14.10.2011        37,5MB        4.1.0

Realtek High Definition Audio Driver        Realtek Semiconductor Corp.        21.04.2010                6.0.1.6083

Realtek USB 2.0 Card Reader        Realtek Semiconductor Corp.        21.04.2010                6.1.7600.30117

REALTEK Wireless LAN Driver        REALTEK Semiconductor Corp.        21.04.2010                1.00.0145

ScummVM 1.4.0        The ScummVM Team        30.11.2011        23,2MB        

Shutdown Timer        Sinvise Systems        22.10.2011        7,38MB        3.1

Skype™ 5.5        Skype Technologies S.A.        06.11.2011        17,0MB        5.5.124

Synaptics Pointing Device Driver        Synaptics Incorporated        21.04.2010                14.0.19.0

Tangram        Four2B GmbH        20.10.2010                

The Feeble Files        GOG.com        07.08.2011                

The Longest Journey                12.08.2011                

Time Adjuster STANDARD 3.1        IrekSoftware.com        08.01.2011                

Unity Web Player        Unity Technologies ApS        13.11.2010        12,0MB        2.6.1f3_31223

USB2.0 ATV        Regulus        22.10.2011                6.10.000.001

USB2.0 Grabber        Youyan        22.10.2011                7.12.000.002

VideoLAN Movie Creator                22.10.2011                

VirtualCloneDrive        Elaborate Bytes        11.12.2010                

Wetter Gadget        wetter.de        04.10.2011        1,54MB        1.0.15

Windows Live Essentials        Microsoft Corporation        14.10.2011                15.4.3538.0513

Windows Live Sync        Microsoft Corporation        04.02.2011        2,79MB        14.0.8117.416

Windows Media Encoder 9 Series                21.04.2010                

X10 Hardware(TM)                21.06.2010

Viele Grüße und danke für die Hilfe
ChronoJon

Zu 1)
Der Fresenius-Proxy wurde manuell eingerichtet und hat mit dem Uni-Netz meiner Freundin zu tun. Die Firefox-Proxy-Einstellungen sind wahrscheinlich von Stealthy, einem Firefox-Addon zum Umgehen von Ländersperren bei YouTube o.ä.. Für den Uni-Proxy nutzt sie im Firefox FoxyProxy.

Zu 2)
OTL:

Code:

All processes killed

========== OTL ==========

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!

Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{40c3cc16-7269-4b32-9531-17f2950fb06f} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40c3cc16-7269-4b32-9531-17f2950fb06f}\ not found.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AF56D317-6C7A-420E-8EE7-36E7B0760420}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF56D317-6C7A-420E-8EE7-36E7B0760420}\ not found.

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!

Prefs.js: "CHIP Online Suche" removed from browser.search.selectedEngine

C:\Users\Nele\AppData\Roaming\Mozilla\Firefox\Profiles\h7wflwku.default\searchplugins\chip-online-suche.xml moved successfully.

C:\Users\Nele\AppData\Roaming\Mozilla\Firefox\Profiles\h7wflwku.default\searchplugins\imdb.xml moved successfully.

C:\Users\Nele\AppData\Roaming\Mozilla\Firefox\Profiles\h7wflwku.default\searchplugins\opensubtitles.xml moved successfully.

C:\Users\Nele\AppData\Roaming\Mozilla\Firefox\Profiles\h7wflwku.default\searchplugins\shareminercom.xml moved successfully.

C:\Users\Nele\AppData\Roaming\Mozilla\Firefox\Profiles\h7wflwku.default\searchplugins\urban-dictionary.xml moved successfully.

C:\Users\Nele\AppData\Roaming\Mozilla\Firefox\Profiles\h7wflwku.default\searchplugins\wikipedia-en.xml moved successfully.

C:\Users\Nele\AppData\Roaming\Mozilla\Firefox\Profiles\h7wflwku.default\searchplugins\wiktionary-de.xml moved successfully.

C:\Users\Nele\AppData\Roaming\Mozilla\Firefox\Profiles\h7wflwku.default\searchplugins\youtube.xml moved successfully.

C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml moved successfully.

C:\Programme\Mozilla Firefox\searchplugins\bing.xml moved successfully.

C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml moved successfully.

C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml moved successfully.

C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml moved successfully.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{40C3CC16-7269-4B32-9531-17F2950FB06F} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40C3CC16-7269-4B32-9531-17F2950FB06F}\ not found.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2455cedb-0601-11e0-8c5e-00262dbec614}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2455cedb-0601-11e0-8c5e-00262dbec614}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2455cedb-0601-11e0-8c5e-00262dbec614}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2455cedb-0601-11e0-8c5e-00262dbec614}\ not found.

File F:\RUNME.bat not found.

ADS C:\ProgramData\Temp:548232DE deleted successfully.

========== FILES ==========
 < ipconfig /flushdns /c >

Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

C:\Users\Nele\Desktop\Anti\cmd.bat deleted successfully.

C:\Users\Nele\Desktop\Anti\cmd.txt deleted successfully.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Nele

->Temp folder emptied: 1236099543 bytes

->Temporary Internet Files folder emptied: 260611644 bytes

->Java cache emptied: 3087159 bytes

->FireFox cache emptied: 784635676 bytes

->Flash cache emptied: 298367 bytes

 

User: Public

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 114782892 bytes

RecycleBin emptied: 59132070 bytes

 

Total Files Cleaned = 2.345,00 mb

 

 

OTL by OldTimer - Version 3.2.42.1 log created on 04292012_131615
 

Files\Folders moved on Reboot...
 

Registry entries deleted on Reboot...

Zu 3)
Java ist jetzt aktuallisiert. Aber eigentlich läuft immer Auto-Update und ich habe meiner Freundin gesagt, dass sie das immer bestätigen soll.

Zu 5)
Ich habe mit CCleaner alles bereinigt.

Zu 6)
SuperAntiSpyware

Code:

SUPERAntiSpyware Scann-Protokoll

hxxp://www.superantispyware.com
 

Generiert 04/29/2012 bei 04:58 PM
 

Version der Applikation : 5.0.1148
 

Version der Kern-Datenbank : 8528

Version der Spur-Datenbank : 6340
 

Scan Art       : kompletter Scann

Totale Scann-Zeit : 00:49:34
 

Operating System Information

Windows 7 Home Premium 32-bit, Service Pack 1 (Build 6.01.7601)

UAC On - Limited User
 

Gescannte Speicherelemente  : 686

Erfasste Speicher-Bedrohungen  : 0

Gescannte Register-Elemente  : 35850

Erfasste Register-Bedrohungen  : 0

Gescannte Datei-Elemente     : 47036

Erfasste Datei-Elemente   : 0

Zu 8)
ESET:

Code:

ESETSmartInstaller@High as downloader log:

all ok

# version=7

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=836d93b022b08140a61afe2b31719338

# end=finished

# remove_checked=true

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2012-04-29 05:37:39

# local_time=2012-04-29 07:37:39 (+0100, Mitteleuropäische Sommerzeit)

# country="Germany"

# lang=1033

# osver=6.1.7601 NT Service Pack 1

# compatibility_mode=1792 16777215 100 0 16961542 16961542 0 0

# compatibility_mode=5893 16776573 100 94 15657 87344517 0 0

# compatibility_mode=8192 67108863 100 0 766 766 0 0

# scanned=188925

# found=0

# cleaned=0

# scan_time=7733

Zu 9)
OTL

Code:

OTL logfile created on: 29.04.2012 20:17:47 - Run 2

OTL by OldTimer - Version 3.2.42.1     Folder = C:\Users\Nele\Desktop\Anti

 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,87 Gb Total Physical Memory | 1,54 Gb Available Physical Memory | 53,67% Memory free

5,73 Gb Paging File | 4,33 Gb Available in Paging File | 75,63% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 266,99 Gb Total Space | 24,17 Gb Free Space | 9,05% Space Free | Partition Type: NTFS

Drive D: | 30,00 Gb Total Space | 19,06 Gb Free Space | 63,53% Space Free | Partition Type: NTFS

 

Computer Name: SCHACK_JR | User Name: Nele | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2012.04.26 23:32:54 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Nele\Desktop\Anti\OTL.exe

PRC - [2012.03.20 09:51:47 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe

PRC - [2012.02.15 01:03:14 | 024,246,216 | ---- | M] (Dropbox, Inc.) -- C:\Users\Nele\AppData\Roaming\Dropbox\bin\Dropbox.exe

PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2011.10.11 15:00:02 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe

PRC - [2011.10.11 14:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe

PRC - [2011.10.11 14:59:37 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe

PRC - [2011.10.11 14:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe

PRC - [2011.08.12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Programme\SUPERAntiSpyware\SASCore.exe

PRC - [2011.06.24 06:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe

PRC - [2011.03.28 20:31:16 | 000,193,920 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE

PRC - [2011.03.28 20:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE

PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe

PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe

PRC - [2010.11.20 14:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe

PRC - [2010.04.06 17:58:46 | 000,694,816 | ---- | M] (Realtek Semiconductor) -- C:\Programme\Realtek\Audio\HDA\RtHDVBg.exe

PRC - [2010.03.03 20:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

PRC - [2010.01.13 10:18:30 | 000,413,696 | ---- | M] (Wistron Corp.) -- C:\Programme\Launch Manager\WButton.exe

PRC - [2009.12.14 11:25:00 | 000,200,704 | ---- | M] (Wistron) -- C:\Programme\Launch Manager\HotkeyApp.exe

PRC - [2009.12.11 15:18:16 | 000,348,960 | ---- | M] (Wistron Corp.) -- C:\Programme\Launch Manager\OSD.exe

PRC - [2009.12.10 08:48:26 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

PRC - [2009.12.10 08:48:24 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

PRC - [2009.11.07 03:46:52 | 000,020,480 | ---- | M] (X10) -- C:\Programme\Common Files\X10\Common\X10nets.exe

PRC - [2009.11.02 14:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Programme\CyberLink\Power2Go\CLMLSvc.exe

PRC - [2009.10.22 17:05:40 | 000,118,560 | ---- | M] (Wistron Corp.) -- C:\Programme\Launch Manager\WisLMSvc.exe

PRC - [2009.02.03 14:53:00 | 001,155,072 | ---- | M] (MAGIX AG) -- C:\Programme\Common Files\MAGIX Services\Database\bin\FABS.exe

PRC - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2012.03.20 09:51:47 | 001,969,080 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll

MOD - [2009.11.02 14:23:36 | 000,013,096 | ---- | M] () -- C:\Programme\CyberLink\Power2Go\CLMLSvcPS.dll

MOD - [2009.11.02 14:20:10 | 000,619,816 | ---- | M] () -- C:\Programme\CyberLink\Power2Go\CLMediaLibrary.dll

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV - [2012.04.15 08:50:57 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012.03.09 11:11:33 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)

SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2011.10.11 14:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2011.10.11 14:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2011.08.12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Programme\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)

SRV - [2011.03.28 20:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)

SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)

SRV - [2010.03.03 20:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)

SRV - [2010.01.09 22:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)

SRV - [2010.01.09 22:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)

SRV - [2009.12.10 08:48:26 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)

SRV - [2009.12.10 08:48:24 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)

SRV - [2009.11.07 03:46:52 | 000,020,480 | ---- | M] (X10) [Auto | Running] -- C:\Programme\Common Files\X10\Common\X10nets.exe -- (x10nets)

SRV - [2009.10.22 17:05:40 | 000,118,560 | ---- | M] (Wistron Corp.) [On_Demand | Running] -- C:\Programme\Launch Manager\WisLMSvc.exe -- (WisLMSvc)

SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)

SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2009.02.03 14:53:00 | 001,155,072 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)

SRV - [2008.08.07 10:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)

SRV - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - [2012.02.16 00:46:10 | 000,137,416 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)

DRV - [2011.10.11 15:00:01 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)

DRV - [2011.10.11 15:00:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)

DRV - [2011.07.22 18:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)

DRV - [2011.07.12 23:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)

DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)

DRV - [2010.04.16 13:59:44 | 001,521,544 | ---- | M] (Syntek) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\StkCMini.sys -- (StkCMini)

DRV - [2010.04.01 10:13:38 | 001,009,184 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)

DRV - [2010.03.24 17:57:16 | 000,191,008 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)

DRV - [2010.03.04 17:53:08 | 000,067,624 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)

DRV - [2010.02.10 15:01:10 | 000,132,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Impcd.sys -- (Impcd)

DRV - [2010.02.04 13:54:32 | 001,558,368 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NxpCap.sys -- (NxpCap)

DRV - [2010.02.03 05:36:34 | 000,232,960 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)

DRV - [2009.09.18 04:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI) Intel(R)

DRV - [2009.08.13 17:39:40 | 000,786,400 | ---- | M] (DiBcom SA) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mod7700.sys -- (mod7700)

DRV - [2009.07.14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)

DRV - [2009.05.13 12:47:30 | 000,027,160 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10ufx2.sys -- (XUIF)

DRV - [2009.05.13 12:26:26 | 000,013,720 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10hid.sys -- (X10Hid)

DRV - [2004.06.03 21:10:36 | 000,033,792 | ---- | M] (Pixela) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pixmcvc.sys -- (PIXMCV)

DRV - [2004.03.27 01:56:10 | 000,032,768 | ---- | M] (Pixela) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pixmcvv.sys -- (PIXMCVV)

DRV - [2004.03.20 05:27:26 | 000,038,144 | ---- | M] (Pixela) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pixmcva.sys -- (PIXMCVA)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\..\SearchScopes,DefaultScope = 

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com [binary data]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 

IE - HKCU\..\SearchScopes,DefaultScope = 

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = bibliothek.fh-fresenius.de:8080

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.selectedEngine: ""

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "about:home"

FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.9.3

FF - prefs.js..extensions.enabledItems: {8B72860F-C5F8-4286-865E-D2C2DB98A9E6}:1.0.0

FF - prefs.js..extensions.enabledItems: simpletimer@grbradt.org:1.10

FF - prefs.js..extensions.enabledItems: zotero@chnm.gmu.edu:2.1.6

FF - prefs.js..extensions.enabledItems: zoteroWinWordIntegration@zotero.org:3.1

FF - prefs.js..extensions.enabledItems: zoteroscholarcitations@beloglazov.info:1.2

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6

FF - prefs.js..extensions.enabledItems: 2020Player@2020Technologies.com:5.0.4.0

FF - prefs.js..network.proxy.backup.ftp: "217.17.29.34"

FF - prefs.js..network.proxy.backup.ftp_port: 8080

FF - prefs.js..network.proxy.backup.gopher: "217.17.29.34"

FF - prefs.js..network.proxy.backup.gopher_port: 8080

FF - prefs.js..network.proxy.backup.socks: "217.17.29.34"

FF - prefs.js..network.proxy.backup.socks_port: 8080

FF - prefs.js..network.proxy.backup.ssl: "217.17.29.34"

FF - prefs.js..network.proxy.backup.ssl_port: 8080

FF - prefs.js..network.proxy.ftp: "217.17.29.34"

FF - prefs.js..network.proxy.ftp_port: 8080

FF - prefs.js..network.proxy.gopher: "217.17.29.34"

FF - prefs.js..network.proxy.gopher_port: 8080

FF - prefs.js..network.proxy.http: "217.17.29.34"

FF - prefs.js..network.proxy.http_port: 8080

FF - prefs.js..network.proxy.no_proxies_on: ", stealthy.co"

FF - prefs.js..network.proxy.share_proxy_settings: true

FF - prefs.js..network.proxy.socks: "217.17.29.34"

FF - prefs.js..network.proxy.socks_port: 8080

FF - prefs.js..network.proxy.ssl: "217.17.29.34"

FF - prefs.js..network.proxy.ssl_port: 8080

FF - prefs.js..network.proxy.type: 0

FF - user.js - File not found

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll File not found

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Nele\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}: C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2011.01.19 21:41:24 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.03.20 09:51:47 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.04.29 13:27:34 | 000,000,000 | ---D | M]

 

[2010.08.13 16:02:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nele\AppData\Roaming\mozilla\Extensions

[2010.08.13 16:02:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nele\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

[2012.04.26 23:36:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nele\AppData\Roaming\mozilla\Firefox\Profiles\h7wflwku.default\extensions

[2012.03.30 09:58:27 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Nele\AppData\Roaming\mozilla\Firefox\Profiles\h7wflwku.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

[2011.04.18 19:07:45 | 000,000,000 | ---D | M] (20-20 3D Viewer) -- C:\Users\Nele\AppData\Roaming\mozilla\Firefox\Profiles\h7wflwku.default\extensions\2020Player@2020Technologies.com

[2011.09.17 10:34:42 | 000,000,000 | ---D | M] (20-20 3D Viewer - IKEA) -- C:\Users\Nele\AppData\Roaming\mozilla\Firefox\Profiles\h7wflwku.default\extensions\2020Player_IKEA@2020Technologies.com

[2012.03.18 13:22:33 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\Nele\AppData\Roaming\mozilla\Firefox\Profiles\h7wflwku.default\extensions\foxyproxy@eric.h.jung

[2012.02.17 19:55:12 | 000,000,000 | ---D | M] (Zotero) -- C:\Users\Nele\AppData\Roaming\mozilla\Firefox\Profiles\h7wflwku.default\extensions\zotero@chnm.gmu.edu

[2012.03.18 13:22:35 | 000,000,000 | ---D | M] (Zotero Word for Windows Integration) -- C:\Users\Nele\AppData\Roaming\mozilla\Firefox\Profiles\h7wflwku.default\extensions\zoteroWinWordIntegration@zotero.org

[2012.04.29 13:41:50 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions

[2012.04.29 13:41:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}

[2012.04.29 13:41:50 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}

() (No name found) -- C:\USERS\NELE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H7WFLWKU.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI

() (No name found) -- C:\USERS\NELE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H7WFLWKU.DEFAULT\EXTENSIONS\{8B72860F-C5F8-4286-865E-D2C2DB98A9E6}.XPI

() (No name found) -- C:\USERS\NELE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H7WFLWKU.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI

() (No name found) -- C:\USERS\NELE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H7WFLWKU.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI

() (No name found) -- C:\USERS\NELE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H7WFLWKU.DEFAULT\EXTENSIONS\SIMPLETIMER@GRBRADT.ORG.XPI

() (No name found) -- C:\USERS\NELE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H7WFLWKU.DEFAULT\EXTENSIONS\STEALTHYEXTENSION@GMAIL.COM.XPI

() (No name found) -- C:\USERS\NELE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H7WFLWKU.DEFAULT\EXTENSIONS\ZOTEROSCHOLARCITATIONS@BELOGLAZOV.INFO.XPI

[2012.03.20 09:51:47 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2012.04.29 13:41:31 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

[2011.05.07 15:15:03 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml

 
 ========== Chrome  ==========

 

 

O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)

O4 - HKLM..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe (Wistron)

O4 - HKLM..\Run: [LMgrVolOSD] C:\Program Files\Launch Manager\OSD.exe (Wistron Corp.)

O4 - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [Wbutton] C:\Program Files\Launch Manager\Wbutton.exe (Wistron Corp.)

O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)

O4 - Startup: C:\Users\Nele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Nele\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O8 - Extra context menu item: &Citavi Picker... - file://C:\ProgramData\Swiss Academic Software\Citavi Picker\Internet Explorer\ShowContextMenu.html File not found

O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)

O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found

O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4 File not found

O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4 File not found

O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{45E7A42D-34F3-4E38-8108-0519D5D90937}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AF1075E2-4B82-43A8-937F-DE7FCB359661}: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)

O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)

O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.04.29 17:16:00 | 000,000,000 | ---D | C] -- C:\Program Files\ESET

[2012.04.29 14:52:58 | 000,000,000 | ---D | C] -- C:\Users\Nele\AppData\Roaming\SUPERAntiSpyware.com

[2012.04.29 14:46:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware

[2012.04.29 14:46:50 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com

[2012.04.29 14:46:50 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware

[2012.04.29 13:43:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java

[2012.04.29 13:41:48 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe

[2012.04.29 13:41:48 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe

[2012.04.29 13:41:48 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe

[2012.04.29 13:41:27 | 000,000,000 | ---D | C] -- C:\Program Files\Java

[2012.04.29 13:16:15 | 000,000,000 | ---D | C] -- C:\_OTL

[2012.04.27 00:02:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

[2012.04.27 00:02:51 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner

[2012.04.25 09:21:41 | 000,000,000 | ---D | C] -- C:\Users\Nele\Desktop\Anti

[2012.04.23 21:28:10 | 000,000,000 | ---D | C] -- C:\Users\Nele\Desktop\Berichte

[2012.04.22 23:05:25 | 000,000,000 | ---D | C] -- C:\Users\Nele\AppData\Roaming\Malwarebytes

[2012.04.22 23:05:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2012.04.22 23:05:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2012.04.22 23:05:15 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2012.04.22 23:05:15 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2012.04.22 21:43:24 | 000,000,000 | ---D | C] -- C:\Users\Nele\Desktop\2012-04-22 PDSS

[2012.04.22 21:43:24 | 000,000,000 | ---D | C] -- C:\Users\Nele\Desktop\2012-04-19 titel

[2012.04.11 12:16:48 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2012.04.11 12:16:47 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll

[2012.04.11 12:16:46 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll

[2012.04.11 12:16:46 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2012.04.11 12:16:45 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

[2012.04.11 12:16:45 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2012.04.11 12:11:24 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe

[2012.04.11 12:11:24 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe

[2012.03.31 15:08:28 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.04.29 19:28:09 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012.04.29 17:13:22 | 000,009,920 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012.04.29 17:13:22 | 000,009,920 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012.04.29 17:11:58 | 000,654,166 | ---- | M] () -- C:\Windows\System32\perfh007.dat

[2012.04.29 17:11:58 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2012.04.29 17:11:58 | 000,130,006 | ---- | M] () -- C:\Windows\System32\perfc007.dat

[2012.04.29 17:11:58 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2012.04.29 17:06:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012.04.29 17:05:55 | 2307,862,528 | -HS- | M] () -- C:\hiberfil.sys

[2012.04.29 14:46:56 | 000,001,965 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk

[2012.04.29 14:20:13 | 000,172,092 | ---- | M] () -- C:\Users\Nele\Documents\cc_20120429_141959.reg

[2012.04.29 13:41:31 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe

[2012.04.29 13:41:31 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe

[2012.04.29 13:41:31 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe

[2012.04.29 13:41:30 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll

[2012.04.27 00:02:52 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2012.04.25 09:27:23 | 000,000,000 | ---- | M] () -- C:\Users\Nele\defogger_reenable

[2012.04.22 23:05:18 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.04.22 12:23:24 | 000,004,096 | ---- | M] () -- C:\Users\Public\Documents\00001D5A.LCS

[2012.04.15 17:17:47 | 000,360,835 | ---- | M] () -- C:\Users\Nele\Desktop\mottiertest.pdf

[2012.04.15 08:50:57 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe

[2012.04.15 08:50:57 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

[2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

 
 ========== Files Created - No Company Name ==========

 

[2012.04.29 14:46:56 | 000,001,965 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk

[2012.04.29 14:20:05 | 000,172,092 | ---- | C] () -- C:\Users\Nele\Documents\cc_20120429_141959.reg

[2012.04.27 00:02:52 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2012.04.25 09:27:23 | 000,000,000 | ---- | C] () -- C:\Users\Nele\defogger_reenable

[2012.04.22 23:05:18 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.04.15 17:17:47 | 000,360,835 | ---- | C] () -- C:\Users\Nele\Desktop\mottiertest.pdf

[2012.03.31 15:08:30 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2011.10.23 12:06:02 | 000,197,648 | ---- | C] () -- C:\Windows\System32\drivers\StkCSF.sys

[2011.10.23 09:59:43 | 000,084,616 | ---- | C] () -- C:\Windows\StkUnist.exe

[2011.10.23 09:59:43 | 000,025,608 | ---- | C] () -- C:\Windows\System32\drivers\StkCSam.sys

[2010.08.25 20:30:02 | 000,127,868 | ---- | C] () -- C:\Windows\System32\igcompkrng575.bin

[2010.08.25 20:30:00 | 000,104,796 | ---- | C] () -- C:\Windows\System32\igfcg575m.bin

[2010.08.25 19:59:08 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll

[2010.08.24 23:37:33 | 000,014,848 | ---- | C] () -- C:\Users\Nele\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010.06.23 15:36:24 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2010.06.22 22:57:29 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll

[2010.06.22 22:02:12 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys

[2010.06.22 18:00:25 | 000,000,000 | ---- | C] () -- C:\Users\Nele\AppData\Roaming\wklnhst.dat

 
 ========== LOP Check ==========

 

[2010.10.07 18:20:10 | 000,000,000 | ---D | M] -- C:\Users\Nele\AppData\Roaming\Ashampoo

[2011.11.09 19:23:43 | 000,000,000 | ---D | M] -- C:\Users\Nele\AppData\Roaming\Audacity

[2011.08.07 10:26:04 | 000,000,000 | ---D | M] -- C:\Users\Nele\AppData\Roaming\Broken Rules

[2012.04.29 17:09:57 | 000,000,000 | ---D | M] -- C:\Users\Nele\AppData\Roaming\Dropbox

[2011.08.08 07:34:32 | 000,000,000 | ---D | M] -- C:\Users\Nele\AppData\Roaming\Lazy 8 Studios

[2010.06.22 20:08:50 | 000,000,000 | ---D | M] -- C:\Users\Nele\AppData\Roaming\MAGIX

[2012.04.29 20:20:09 | 000,000,000 | ---D | M] -- C:\Users\Nele\AppData\Roaming\NetSpeedMonitor

[2012.04.22 12:23:22 | 000,000,000 | ---D | M] -- C:\Users\Nele\AppData\Roaming\ProtectDisc

[2011.12.01 10:21:19 | 000,000,000 | ---D | M] -- C:\Users\Nele\AppData\Roaming\ScummVM

[2011.10.23 03:22:59 | 000,000,000 | ---D | M] -- C:\Users\Nele\AppData\Roaming\Sinvise Systems

[2011.01.02 21:59:11 | 000,000,000 | ---D | M] -- C:\Users\Nele\AppData\Roaming\Swiss Academic Software

[2010.06.22 18:01:10 | 000,000,000 | ---D | M] -- C:\Users\Nele\AppData\Roaming\Template

[2011.01.22 22:20:22 | 000,000,000 | ---D | M] -- C:\Users\Nele\AppData\Roaming\Thunderbird

[2012.04.16 07:16:09 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 
 ========== Purity Check ==========

 

 
 

< End of report >

Extras:

Code:

OTL Extras logfile created on: 29.04.2012 20:17:47 - Run 2

OTL by OldTimer - Version 3.2.42.1     Folder = C:\Users\Nele\Desktop\Anti

 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,87 Gb Total Physical Memory | 1,54 Gb Available Physical Memory | 53,67% Memory free

5,73 Gb Paging File | 4,33 Gb Available in Paging File | 75,63% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 266,99 Gb Total Space | 24,17 Gb Free Space | 9,05% Space Free | Partition Type: NTFS

Drive D: | 30,00 Gb Total Space | 19,06 Gb Free Space | 63,53% Space Free | Partition Type: NTFS

 

Computer Name: SCHACK_JR | User Name: Nele | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 
 ========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 
 ========== Authorized Applications List ==========

 

 
 ========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{07A7BB90-94EB-42A0-BB3D-CC707FF873E4}" = lport=445 | protocol=6 | dir=in | app=system | 

"{0C9A92EF-9EDB-4675-A281-F3E915C360B3}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 

"{1AA29434-8FA7-4408-8672-1827EDC28E13}" = rport=445 | protocol=6 | dir=out | app=system | 

"{1CC6F20D-5377-4207-97F6-D63B35D06438}" = lport=139 | protocol=6 | dir=in | app=system | 

"{219FBBC2-33E2-4501-BAB3-87E8BAF35D45}" = lport=2869 | protocol=6 | dir=in | app=system | 

"{2F1CF472-75D0-4210-B074-AE153D79715C}" = rport=10243 | protocol=6 | dir=out | app=system | 

"{345DD22E-8646-4E2B-9FCE-427854C0D01A}" = lport=138 | protocol=17 | dir=in | app=system | 

"{34759FA1-AD15-4E1B-83F6-16EC415F224B}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 

"{431CF4BD-F4C3-40A1-94BF-78DA587081BF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{5E0AF8C6-A76B-4297-B668-F384BA7207A1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{739BAB64-811D-4F4D-9ED5-895BA6F27B1B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 

"{7663145F-2C57-403B-99BE-DECB82362E67}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{879ED60B-3953-4309-A0D3-3D86196D6955}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{8A92827B-4B40-4DE1-A200-BECC3ADB6BD3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 

"{92922AD5-22C3-45FE-A8FA-040E1C48A942}" = rport=138 | protocol=17 | dir=out | app=system | 

"{970BE2D1-9EA6-434C-9224-09920AA85634}" = lport=137 | protocol=17 | dir=in | app=system | 

"{A725CCE6-46F4-41A3-9C69-FB42BEBE6918}" = lport=10243 | protocol=6 | dir=in | app=system | 

"{A8FB3D88-7572-4F18-9549-7DDD2EC7F754}" = lport=2869 | protocol=6 | dir=in | app=system | 

"{AF78D111-8032-4E0B-B56D-BB38943162EC}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{C5266201-B30D-46F7-B96A-164C9DED1220}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{DD1F6E10-A3DF-4F05-B1C6-0EF69A873AD0}" = rport=139 | protocol=6 | dir=out | app=system | 

"{DD38B9BD-9242-488E-A75A-CBB888B96242}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{E0C04847-E84A-45E2-AD10-D93BB397D099}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{ED7B1FE2-E61E-485D-8DE1-609D7D34C62C}" = rport=137 | protocol=17 | dir=out | app=system | 

"{F7106C57-FDA8-4B42-AE1B-550FAFB9688E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 

 
 ========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0B2D6B4F-8F0E-4F50-8D9A-A7FD87A65C66}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{0C38E39E-ECA9-4F28-9AD1-97045861C70D}" = protocol=6 | dir=in | app=c:\users\nele\appdata\roaming\dropbox\bin\dropbox.exe | 

"{109B609F-9AE6-4399-8C97-630373DD4A24}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{2729903B-259D-4346-B529-D50EA035BB55}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 

"{37BD6AB5-379F-40E3-AC88-7370E963219E}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 

"{59810A99-3D23-49F3-B195-FE296DA752B1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{746E68DE-6CF9-40EE-AFC3-A4E45D186C95}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 

"{82D0373E-C4B6-4FFB-A749-AD9F683E2908}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{8434744C-7D9A-407C-8147-C51771463519}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{890744D9-1879-4741-A24B-F451B3071B3D}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | 

"{8F4A467A-D5BE-49F8-A043-C23DB585B6C9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{97E3249B-9623-43AA-9E56-C913513A2893}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 

"{B44E7248-3EE4-43EC-AAC3-02D63E33130E}" = protocol=6 | dir=out | app=system | 

"{C508FB88-4D11-473B-AE6D-70C5C70AD6BD}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 

"{C8CD224F-2AC5-40EB-94D8-A22A13133E51}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 

"{CA02B5E2-88BF-4B51-B3D3-F7C470CFEE6C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 

"{DDD8E63F-BFE0-4C5D-A009-99200CE6C738}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 

"{E195C058-8906-47F3-A7AA-6748599C6BEF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{E5F8F8BC-C36F-4D7F-8072-350C05699281}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{E8A78A7B-F160-461D-BC88-75CB3236A1EB}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 

"{E929EB44-B9E6-416B-87D7-B7EDF10257C7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{E965A0BE-FD11-41EB-8DD9-EB0A94A55E41}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{EE70A816-A8F5-4544-AFB1-F060E5942E17}" = protocol=17 | dir=in | app=c:\users\nele\appdata\roaming\dropbox\bin\dropbox.exe | 

"{F50687E8-33E2-46EB-9885-01261215ED86}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"TCP Query User{1938DDC7-D450-4625-811D-CC1A030BDEF9}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 

"TCP Query User{343166C6-C58A-4A66-884A-32D1B0B2467F}C:\users\nele\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\nele\appdata\roaming\dropbox\bin\dropbox.exe | 

"UDP Query User{DD79E304-AE76-4C92-B5B3-CD539265FEC1}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 

"UDP Query User{F3F79924-1899-4531-975B-371D25910E44}C:\users\nele\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\nele\appdata\roaming\dropbox\bin\dropbox.exe | 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}" = CorelDRAW Essentials 4

"_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}" = CorelDRAW Essentials 4 - Windows Shell Extension

"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam

"{0280F0D8-1542-4DAA-913C-8529E2A3835D}" = The Longest Journey

"{07B62101-7EBD-434A-94B1-B38063BE5516}" = CorelDRAW Essentials 4 - PHOTO-PAINT

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0CA6F2DA-0DCB-4627-8A0C-858E3833769F}_is1" = And Yet It Moves 1.2.0

"{0ED4216F-3540-4D6B-8199-1C8DDEA3924B}" = CorelDRAW Essentials 4 - Lang DE

"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser

"{19AC095C-3520-4999-AA15-93B6D0248A50}" = CorelDRAW Essentials 4 - Content

"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger

"{1CCF060E-91A1-4E3C-B376-DACA2D1A358A}" = PDSS.FontInstaller

"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31

"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{34A9406E-1994-4C20-AC72-04CFA2B24545}" = CorelDRAW Essentials 4 - Lang EN

"{3576C335-958D-4D60-A812-F68F9A2796AF}" = CorelDRAW Essentials 4 - Lang IT

"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack

"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3C873221-12B9-475D-8DCB-62D0B2179AF9}" = USB2.0 ATV

"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology

"{3E6F0CAD-EE38-42A5-9EEA-AE17A55BF2D4}" = Firebird SQL Server - MAGIX Edition

"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go

"{45518B6D-9DDF-4144-83E4-A56762524F35}" = USB2.0 Grabber

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module

"{5500BB35-1C21-4328-9F16-F894B860FADE}" = CorelDRAW Essentials 4 - Lang NL

"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync

"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module

"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components

"{68260A58-E952-4182-A26C-A4144B230174}" = Wetter Gadget

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{76E852ED-1B06-4BC8-9D6A-625DB95FB7E5}" = CorelDRAW Essentials 4 - IPM - No VBA

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer

"{86501894-E722-4385-A792-B7C2F28FAE7B}" = NetSpeedMonitor 2.5.4.0 x86

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010

"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010

"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010

"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010

"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010

"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010

"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010

"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010

"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010

"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010

"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010

"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010

"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010

"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010

"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{9043B9A0-9505-405B-8202-E7167A38A89C}" = CorelDRAW Essentials 4

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D3D8C60-A55F-4fed-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A7BDCFCC-E17A-41A4-B5CA-3CBBA241E5B0}_is1" = FluencyCoach 1.0.2.1

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{ABD8B955-1C69-4AF3-949B-13CD587C175F}" = CorelDRAW Essentials 4 - Lang BR

"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch

"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter

"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie

"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail

"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0

"{B9FA9F15-A1F3-4DB1-AD49-0B9351843FAA}" = CorelDRAW Essentials 4 - Draw

"{BA9319FE-BCEF-4C99-8039-F464648D046E}" = CorelDRAW Essentials 4 - Lang FR

"{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}" = Microsoft SQL Server 2005 Compact Edition [DEU]

"{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}" = CorelDRAW Essentials 4 - ICA

"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common

"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint

"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant

"{C682F3F0-00A6-4379-B083-4F3273624D7B}" = CorelDRAW Essentials 4 - Lang ES

"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86

"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}" = CorelDRAW Essentials 4 - Windows Shell Extension

"{D0846526-66DD-4DC9-A02C-98F9A2806812}" = Launch Manager V1.5.0.8

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{DC6B4110-394D-45B9-A677-BA495D84CA63}" = Shutdown Timer

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series

"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy

"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker

"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger

"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module

"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F16841F6-5F0F-4DBE-B318-63CEB916F21D}" = CorelDRAW Essentials 4 - Filters

"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials

"7-Zip" = 7-Zip 4.65

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"ALDI Foto Service D" = ALDI Foto Service

"ALDI Nord Foto Manager Free D" = ALDI Nord Foto Manager Free

"Aldi Nord Fotoservice_is1" = Aldi Nord Fotoservice

"ALDI Nord Online Druck Service D" = ALDI Nord Online Druck Service

"Ashampoo Burning Studio_is1" = Ashampoo Burning Studio

"Ashampoo Photo Commander_is1" = Ashampoo Photo Commander

"Ashampoo Snap_is1" = Ashampoo Snap

"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode)

"Avira AntiVir Desktop" = Avira Free Antivirus

"AVS Audio Editor_is1" = AVS Audio Editor 7.1

"AVS Screen Capture_is1" = AVS Screen Capture version 2.0.1

"AVS Update Manager_is1" = AVS Update Manager 1.0

"AVS Video Editor_is1" = AVS Video Editor 6

"AVS Video Recorder_is1" = AVS Video Recorder 2.4

"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4

"Broken Sword - Director's Cut_is1" = Broken Sword - Director's Cut

"Broken Sword - The Sleeping Dragon" = Broken Sword - The Sleeping Dragon

"Broken Sword - The Sleeping Dragon_is1" = Broken Sword - The Sleeping Dragon

"Broken Sword II - The Smoking Mirror Director's Cut_is1" = Broken Sword II - The Smoking Mirror Director's Cut

"CCleaner" = CCleaner

"Cogs" = Cogs

"ESET Online Scanner" = ESET Online Scanner v3

"Gobliiins Pack_is1" = Gobliiins Pack

"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam

"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema

"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go

"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint

"InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy

"JDownloader" = JDownloader

"KLiteCodecPack_is1" = K-Lite Codec Pack 6.0.4 (Standard)

"Machinarium" = Machinarium

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400

"Matrox VFW Software Codecs" = Matrox VFW Software Codecs, build 28 

"MEDION Fotos auf CD & DVD SE Nord D" = MEDION Fotos auf CD & DVD SE Nord

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"Mozilla Firefox 11.0 (x86 de)" = Mozilla Firefox 11.0 (x86 de)

"Office14.SingleImage" = Microsoft Office Home and Student 2010

"OpenAL" = OpenAL

"quicktime_lite_is1" = QT Lite 4.1.0

"ScummVM_is1" = ScummVM 1.4.0

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"The Feeble Files_is1" = The Feeble Files

"VirtualCloneDrive" = VirtualCloneDrive

"VLMC" = VideoLAN Movie Creator

"Windows Media Encoder 9" = Windows Media Encoder 9 Series

"WinLiveSuite" = Windows Live Essentials

"X10Hardware" = X10 Hardware(TM)

 
 ========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"8e2028b333c57027" = Patholinguistische Diagnostik bei Sprachentwicklungsstörungen

"Dropbox" = Dropbox

"Tangram" = Tangram

"TimeAdjuster" = Time Adjuster STANDARD 3.1

"UnityWebPlayer" = Unity Web Player

 
 ========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 28.02.2012 12:25:56 | Computer Name = Schack_Jr | Source = Application Hang | ID = 1002

Description = Programm firefox.exe, Version 10.0.2.4428 kann nicht mehr unter Windows

 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,

 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 17c4    Startzeit:

 01ccf5fced6b24ac    Endzeit: 68    Anwendungspfad: C:\Program Files\Mozilla Firefox\firefox.exe
 

Berichts-ID:

 e0878150-6228-11e1-a939-00262dbec614  

 

Error - 22.03.2012 03:11:25 | Computer Name = Schack_Jr | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: WButton.exe, Version: 1.0.9.2, Zeitstempel:

 0x4b4d2d75  Name des fehlerhaften Moduls: WButton.exe, Version: 1.0.9.2, Zeitstempel:

 0x4b4d2d75  Ausnahmecode: 0x40000015  Fehleroffset: 0x0003c311  ID des fehlerhaften Prozesses:

 0xa34  Startzeit der fehlerhaften Anwendung: 0x01cd07faf251cf16  Pfad der fehlerhaften

 Anwendung: C:\Program Files\Launch Manager\WButton.exe  Pfad des fehlerhaften Moduls:

 C:\Program Files\Launch Manager\WButton.exe  Berichtskennung: 3c05d309-73ee-11e1-baa0-00262dbec614

 

Error - 26.03.2012 01:59:49 | Computer Name = Schack_Jr | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: WButton.exe, Version: 1.0.9.2, Zeitstempel:

 0x4b4d2d75  Name des fehlerhaften Moduls: WButton.exe, Version: 1.0.9.2, Zeitstempel:

 0x4b4d2d75  Ausnahmecode: 0x40000015  Fehleroffset: 0x0003c311  ID des fehlerhaften Prozesses:

 0xaa4  Startzeit der fehlerhaften Anwendung: 0x01cd0b1552848080  Pfad der fehlerhaften

 Anwendung: C:\Program Files\Launch Manager\WButton.exe  Pfad des fehlerhaften Moduls:

 C:\Program Files\Launch Manager\WButton.exe  Berichtskennung: e5210253-7708-11e1-b5da-00262dbec614

 

Error - 15.04.2012 04:01:42 | Computer Name = Schack_Jr | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: WINWORD.EXE, Version: 14.0.6024.1000,

 Zeitstempel: 0x4d83e310  Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.6161,

 Zeitstempel: 0x4dace5b9  Ausnahmecode: 0xc0000417  Fehleroffset: 0x000320f0  ID des fehlerhaften

 Prozesses: 0x1394  Startzeit der fehlerhaften Anwendung: 0x01cd1ad785647a9d  Pfad der

 fehlerhaften Anwendung: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE  Pfad

 des fehlerhaften Moduls: C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll

Berichtskennung:

 3c3aca1f-86d1-11e1-95a5-00262dbec614

 

Error - 24.04.2012 11:26:34 | Computer Name = Schack_Jr | Source = PerfNet | ID = 2004

Description = 

 

Error - 24.04.2012 11:26:34 | Computer Name = Schack_Jr | Source = PerfNet | ID = 2002

Description = 

 

Error - 25.04.2012 04:05:59 | Computer Name = Schack_Jr | Source = PerfNet | ID = 2004

Description = 

 

Error - 25.04.2012 04:05:59 | Computer Name = Schack_Jr | Source = PerfNet | ID = 2002

Description = 

 

Error - 29.04.2012 08:24:57 | Computer Name = Schack_Jr | Source = Windows Search Service | ID = 7040

Description = 

 

Error - 29.04.2012 08:24:57 | Computer Name = Schack_Jr | Source = Windows Search Service | ID = 7042

Description = 

 

[ Media Center Events ]

Error - 28.06.2011 09:12:52 | Computer Name = Schack_Jr | Source = MCUpdate | ID = 0

Description = 15:12:42 - EpgListings konnte nicht abgerufen werden (Fehler: Die 

zugrunde liegende Verbindung wurde geschlossen: Unbekannter Fehler beim Empfangen..)
 

 

Error - 11.09.2011 03:29:06 | Computer Name = Schack_Jr | Source = MCUpdate | ID = 0

Description = 09:29:05 - Fehler beim Herstellen der Internetverbindung.  09:29:06 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 11.09.2011 03:29:25 | Computer Name = Schack_Jr | Source = MCUpdate | ID = 0

Description = 09:29:11 - Fehler beim Herstellen der Internetverbindung.  09:29:11 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 27.09.2011 03:12:52 | Computer Name = Schack_Jr | Source = MCUpdate | ID = 0

Description = 09:12:52 - Fehler beim Herstellen der Internetverbindung.  09:12:52 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 27.09.2011 03:13:07 | Computer Name = Schack_Jr | Source = MCUpdate | ID = 0

Description = 09:12:57 - Fehler beim Herstellen der Internetverbindung.  09:12:57 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 13.12.2011 04:33:38 | Computer Name = Schack_Jr | Source = MCUpdate | ID = 0

Description = 09:33:12 - EpgListings konnte nicht abgerufen werden (Fehler: Die 

Verbindung mit dem Remoteserver kann nicht hergestellt werden.)  

 

Error - 13.01.2012 02:59:42 | Computer Name = Schack_Jr | Source = MCUpdate | ID = 0

Description = 07:59:42 - Fehler beim Herstellen der Internetverbindung.  07:59:42 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 13.01.2012 03:00:02 | Computer Name = Schack_Jr | Source = MCUpdate | ID = 0

Description = 07:59:47 - Fehler beim Herstellen der Internetverbindung.  07:59:47 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 26.02.2012 04:52:00 | Computer Name = Schack_Jr | Source = MCUpdate | ID = 0

Description = 09:52:00 - Fehler beim Herstellen der Internetverbindung.  09:52:00 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 26.02.2012 04:52:16 | Computer Name = Schack_Jr | Source = MCUpdate | ID = 0

Description = 09:52:05 - Fehler beim Herstellen der Internetverbindung.  09:52:05 

-     Serververbindung konnte nicht hergestellt werden..  

 

[ System Events ]

Error - 25.04.2012 07:14:56 | Computer Name = Schack_Jr | Source = Service Control Manager | ID = 7001

Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location

 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068

 

Error - 25.04.2012 07:14:56 | Computer Name = Schack_Jr | Source = Service Control Manager | ID = 7001

Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location

 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068

 

Error - 25.04.2012 07:14:56 | Computer Name = Schack_Jr | Source = Service Control Manager | ID = 7001

Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location

 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068

 

Error - 25.04.2012 07:14:56 | Computer Name = Schack_Jr | Source = Service Control Manager | ID = 7001

Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location

 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068

 

Error - 25.04.2012 07:14:56 | Computer Name = Schack_Jr | Source = Service Control Manager | ID = 7001

Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location

 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068

 

Error - 25.04.2012 07:23:11 | Computer Name = Schack_Jr | Source = DCOM | ID = 10005

Description = 

 

Error - 25.04.2012 07:23:11 | Computer Name = Schack_Jr | Source = DCOM | ID = 10005

Description = 

 

Error - 25.04.2012 07:23:11 | Computer Name = Schack_Jr | Source = Service Control Manager | ID = 7001

Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location

 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068

 

Error - 26.04.2012 15:42:59 | Computer Name = Schack_Jr | Source = WMPNetworkSvc | ID = 866300

Description = 

 

Error - 26.04.2012 15:46:29 | Computer Name = Schack_Jr | Source = BROWSER | ID = 8032

Description = 

 

 

< End of report >

War es das jetzt? Es wurde ja zum Glück nichts gefunden. Vielleicht hat meine Freundin da nochmal Glück gehabt.

Gruß, ChronoJon