Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Funde: PUP.Blabbers und Trojan.Spyeyes (https://www.trojaner-board.de/123126-funde-pup-blabbers-trojan-spyeyes.html)

Linya 30.08.2012 23:24
Funde: PUP.Blabbers und Trojan.Spyeyes
 
Hallo,

Mein Browser (firefox) hat plötzlich nicht mehr funktioniert. Ich habe einen Scan meiner Festplatte C gemacht (auf ihr ist windows+firefox) mit Malwarebytes gemacht:

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.08.30.04

Windows Vista Service Pack 2 x86 NTFS

30.08.2012 19:42:38
mbam-log-2012-08-30 (19-42-38).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 452014
Laufzeit: 3 Stunde(n), 12 Minute(n), 25 Sekunde(n)

Infizierte Speicherprozesse: 1
C:\Program Files\BrowserCompanion\BCHelper.exe (PUP.Blabbers) -> 4956 -> Löschen bei Neustart.

Infizierte Speichermodule: 1
C:\Program Files\BrowserCompanion\sqlite3.dll (PUP.Blabbers) -> Löschen bei Neustart.

Infizierte Registrierungsschlüssel: 22
HKCR\CLSID\{00cbb66b-1d3b-46d3-9577-323a336acb50} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\TypeLib\{8830DDF0-3042-404D-A62C-384A85E34833} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\wit4ie.WitBHO.2 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\wit4ie.WitBHO (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\tdataprotocol.CTData.1 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\tdataprotocol.CTData (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\updatebho.TimerBHO.1 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\updatebho.TimerBHO (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrowserCompanion (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\PROTOCOLS\HANDLER\BASE64 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\PROTOCOLS\HANDLER\CHROME (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\PROTOCOLS\HANDLER\PROX (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 5
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Browser companion helper (PUP.Blabbers) -> Daten: C:\Program Files\BrowserCompanion\BCHelper.exe /T=3 /CHI=kolgnaidildmdbfgdnoapjdianbpajne -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|4Y3Y0C3AYF7XZHXVRJNRFNN (Trojan.Spyeyes) -> Daten: C:\Recycle.Bin\B6232F3A9BF.exe /q -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\protocols\Handler\base64|CLSID (PUP.Blabbers) -> Daten: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\protocols\Handler\chrome|CLSID (PUP.Blabbers) -> Daten: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\protocols\Handler\prox|CLSID (PUP.Blabbers) -> Daten: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 2
C:\Program Files\BrowserCompanion (PUP.Blabbers) -> Löschen bei Neustart.
C:\Recycle.Bin (Trojan.Spyeyes) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 15
C:\Program Files\BrowserCompanion\BCHelper.exe (PUP.Blabbers) -> Löschen bei Neustart.
C:\Program Files\BrowserCompanion\jsloader.dll (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\BrowserCompanion\tdataprotocol.dll (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\BrowserCompanion\updatebhoWin32.dll (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Jenny\AppData\LocalLow\bbrs_002.tb\content\BCHelper.exe (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Recycle.Bin\B6232F3A9BF.exe (Trojan.Spyeyes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\BrowserCompanion\blabbers-ff-full.xpi (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\BrowserCompanion\blabbers-ch.crx (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\BrowserCompanion\logo.ico (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\BrowserCompanion\sqlite3.dll (PUP.Blabbers) -> Löschen bei Neustart.
C:\Program Files\BrowserCompanion\toolbar.dll (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\BrowserCompanion\uninstall.exe (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\BrowserCompanion\updater.ini (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\BrowserCompanion\widgetserv.exe (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Recycle.Bin\72FF43F4DA86753 (Trojan.Spyeyes) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

Während des Scans bekam ich vom Echtzeitscanner von Avira folgende Meldung TR/Dldr.Zamelcat.A.28 (steckt jetzt in der Quarantäne)
Einen Scan mit Avira habe ich noch nicht gemacht.

Danach habe ich diesen Beitrag gelesen: http://www.trojaner-board.de/122676-...-blabbers.html und anschließend noch AdwCleaner über meinen Pc laufen lassen:

# AdwCleaner v2.000 - Datei am 08/30/2012 um 23:57:39 erstellt
# Aktualisiert am 30/08/2012 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Normaler Modus : Normal
# Ausgeführt unter : C:\Users\Jenny\Desktop\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gefunden : C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\743hbu9z.default\searchplugins\Conduit.xml
Ordner Gefunden : C:\Program Files\Conduit
Ordner Gefunden : C:\Program Files\MessengerPlusLive_Germany_TB
Ordner Gefunden : C:\Users\Jenny\AppData\LocalLow\bbrs_002.tb
Ordner Gefunden : C:\Users\Jenny\AppData\LocalLow\boost_interprocess
Ordner Gefunden : C:\Users\Jenny\AppData\LocalLow\Conduit
Ordner Gefunden : C:\Users\Jenny\AppData\LocalLow\MessengerPlusLive_Germany_TB
Ordner Gefunden : C:\Users\Jenny\AppData\LocalLow\PriceGong
Ordner Gefunden : C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\743hbu9z.default\Conduit
Ordner Gefunden : C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\743hbu9z.default\extensions\bbrs_002@blabbers.com

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\MessengerPlusLive_Germany_TB
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gefunden : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gefunden : HKCU\Software\BrowserCompanion
Schlüssel Gefunden : HKCU\Software\Headlight
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BrowserCompanion
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MessengerPlusLive_Germany_TB Toolbar
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{76AEEA42-E04A-4B62-83AB-DF4B2BE2541E}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{76AEEA42-E04A-4B62-83AB-DF4B2BE2541E}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E3844CBB-E6FE-4EC2-A37C-77C29EBC4530}
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKLM\Software\BrowserCompanion
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{76AEEA42-E04A-4B62-83AB-DF4B2BE2541E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{E3844CBB-E6FE-4EC2-A37C-77C29EBC4530}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\base64
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\chrome
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\prox
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT2719325
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Schlüssel Gefunden : HKLM\Software\MessengerPlusLive_Germany_TB
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{76AEEA42-E04A-4B62-83AB-DF4B2BE2541E}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E3844CBB-E6FE-4EC2-A37C-77C29EBC4530}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MessengerPlusLive_Germany_TB Toolbar
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{76AEEA42-E04A-4B62-83AB-DF4B2BE2541E}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{76AEEA42-E04A-4B62-83AB-DF4B2BE2541E}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{76AEEA42-E04A-4B62-83AB-DF4B2BE2541E}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{76AEEA42-E04A-4B62-83AB-DF4B2BE2541E}]

***** [Internet Browser] *****

-\\ Internet Explorer v8.0.6001.19298

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v15.0 (de)

Profilname : default [Profil par défaut]
Datei : C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\743hbu9z.default\prefs.js

[OK] Die Datei ist sauber.

Profilname : Jey
Datei : C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\37oveq13.Jey\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [4998 octets] - [30/08/2012 23:57:39]

########## EOF - C:\AdwCleaner[R1].txt - [5058 octets] ##########

kira 31.08.2012 07:41
Hallo und Herzlich Willkommen! :)

Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]:
Zitat:
  • "Fernbehandlungen/Fernhilfe" und die damit verbundenen Haftungsrisken:
    - da die Fehlerprüfung und Handlung werden über große Entfernungen durchgeführt, besteht keine Haftung unsererseits für die daraus entstehenden Folgen.
    - also, jede Haftung für die daraus entstandene Schäden wird ausgeschlossen, ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG!
  • Charakteristische Merkmale/Profilinformationen:
    - aus der verwendeten Loglisten oder Logdateien - wie z.B. deinen Realnamen, Seriennummer in Programm etc)- kannst Du durch [X] oder Sternchen (*) ersetzen
  • Die Systemprüfung und Bereinigung:
    - kann einige Zeit in Anspruch nehmen (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst
  • Ich empfehle Dir die Anweisungen erst einmal komplett durchzulesen, bevor du es anwendest, weil wenn du etwas falsch machst, kann es wirklich gefährlich werden. Wenn du meinen Anweisungen Schritt für Schritt folgst, kann eigentlich nichts schief gehen.
  • Innerhalb der Betreuungszeit:
    - ohne Abspräche bitte nicht auf eigene Faust handeln!- bei Problemen nachfragen.
  • Die Reihenfolge:
    - genau so wie beschrieben bitte einhalten, nicht selbst die Reihenfolge wählen!
  • GECRACKTE SOFTWARE werden hier nicht geduldet!!!!
  • Ansonsten unsere Forumsregeln:
    - Bitte erst lesen, dann posten!-> Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?
  • Alle Logfile mit einem vBCode Tag eingefügen, das bietet hier eine gute Übersicht, erleichtert mir die Arbeit! Falls das Logfile zu groß, teile es in mehrere Teile auf.

Sobald Du diesen Einführungstext gelesen hast, kannst Du beginnen:)
Hilfeleistung - geplante Vorgehensweise:
  • Problemsuche
  • Problembeseitigung/Systembereinigung
  • Verwendete Programme deinstallieren/entfernen
  • Thema abschließen: Tipps zur Computersicherheit
Für Vista und Win7:
Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen
Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen!

1.
Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Mache Häckchen bei LOP- und Purity-Prüfung
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt - OTL.txt und Extras.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.

2.
Um festzustellen, ob veraltete oder schädliche Software unter Programme installiert sind, ich würde gerne noch all deine installierten Programme sehen:
  • Download den CCleaner herunter
  • Software-Lizenzvereinbarung lesen, falls irgendeine Toolbar angeboten wird, bitte abwählen!-> starten -> Falls nötig, auf "Deutsch" einstellen.
  • starten-> klick auf `Extras` (um auf deinem System installierte Software zu anzeigen)-> dann auf `Als Textdatei speichern...`
  • ein Textdatei wird automatisch erstellt, poste auch dieses Logfile (also die Liste alle installierten Programme...eine Textdatei)

Zitat:
Damit dein Thread übersichtlicher und schön lesbar bleibt, am besten nutze den Code-Tags für deinen Post:
→ vor dein Log schreibst Du (also am Anfang des Logfiles):[code]
hier kommt dein Logfile rein - z.B OTL-Logfile o. sonstiges
→ dahinter - also am Ende der Logdatei: [/code]
** Möglichst nicht ins internet gehen, kein Online-Banking, File-sharing, Chatprogramme usw
gruß
kira

Linya 31.08.2012 10:01
Vielen Dank für die Hilfe :-)

Hier sind die logfiles von OTL:
OTL Logfile:
Code:
OTL logfile created on: 31.08.2012 10:28:24 - Run 1
OTL by OldTimer - Version 3.2.59.1    Folder = C:\Users\Jenny\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19298)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,99 Gb Total Physical Memory | 1,57 Gb Available Physical Memory | 52,53% Memory free
6,19 Gb Paging File | 4,44 Gb Available in Paging File | 71,76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 46,63 Gb Free Space | 32,37% Space Free | Partition Type: NTFS
Drive D: | 140,50 Gb Total Space | 15,23 Gb Free Space | 10,84% Space Free | Partition Type: NTFS
 
Computer Name: XXXX | User Name: XXXX | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Jenny\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe (Adobe Systems, Inc.)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Users\Jenny\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
PRC - C:\Programme\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)
PRC - C:\Programme\Google\Update\1.3.21.115\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Programme\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft\BingBar\7.1.364.0\SeaPort.EXE (Microsoft Corporation.)
PRC - C:\Programme\Microsoft\BingBar\7.1.364.0\BBSvc.EXE (Microsoft Corporation.)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Bamboo Dock\BambooCore.exe ()
PRC - C:\Programme\Tablet\Pen\Pen_Tablet.exe (Wacom Technology, Corp.)
PRC - C:\Programme\Tablet\Pen\Pen_TouchUser.exe (Wacom Technology, Corp.)
PRC - C:\Programme\Tablet\Pen\Pen_TabletUser.exe (Wacom Technology, Corp.)
PRC - C:\Programme\Tablet\Pen\Pen_TouchService.exe (Wacom Technology, Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Programme\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe ()
PRC - C:\Programme\DGS\dgsnetd.exe ()
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Users\Jenny\AppData\Local\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.)
PRC - C:\Programme\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
PRC - C:\Programme\Acer\Acer Bio Protection\CompPtcVUI.exe (Arachnoid Biometrics Identification Group Corp.)
PRC - C:\Programme\Acer\Acer Bio Protection\BASVC.exe ()
PRC - C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
PRC - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Programme\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
PRC - C:\Programme\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
PRC - C:\Programme\Acer\Empowering Technology\Service\ETService.exe ()
PRC - C:\Programme\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
PRC - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
PRC - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Programme\Common Files\SPBA\upeksvr.exe (UPEK Inc.)
PRC - C:\Windows\System32\lxbkcoms.exe ( )
PRC - C:\Programme\Common Files\microsoft shared\ink\InputPersonalization.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
PRC - C:\Programme\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
PRC - C:\ACER\Mobility Center\MobilityService.exe ()
PRC - C:\Windows\PLFSetI.exe ()
PRC - D:\Programme\RocketDock\RocketDock.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8bbcd31ecc8edc7d1f9cdd83ef2bb2d3\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll ()
MOD - C:\Programme\Bamboo Dock\BambooCore.exe ()
MOD - C:\Programme\Tablet\Pen\libxml2.dll ()
MOD - C:\Programme\Yuna Software\Messenger Plus!\Detour32.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - C:\Programme\DGS\dgsnetd.exe ()
MOD - C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3009.0__3036420f80dd6947\Framework.Library.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3009.0__4df5dcab8860d239\Framework.Utility.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3009.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll ()
MOD - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMediaLibrary.dll ()
MOD - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvcPS.dll ()
MOD - C:\Windows\System32\SysHook.dll ()
MOD - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll ()
MOD - C:\Windows\PLFSetI.exe ()
MOD - D:\Programme\RocketDock\RocketDock.exe ()
MOD - D:\Programme\RocketDock\RocketDock.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (Akamai) -- c:\program files\common files\akamai/netsession_win_5891ae0.dll ()
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (BBUpdate) -- C:\Programme\Microsoft\BingBar\7.1.364.0\SeaPort.EXE (Microsoft Corporation.)
SRV - (BBSvc) -- C:\Programme\Microsoft\BingBar\7.1.364.0\BBSvc.EXE (Microsoft Corporation.)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (TabletServicePen) -- C:\Programme\Tablet\Pen\Pen_Tablet.exe (Wacom Technology, Corp.)
SRV - (TouchServicePen) -- C:\Programme\Tablet\Pen\Pen_TouchService.exe (Wacom Technology, Corp.)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (mi-raysat_3dsmax2011_32) -- C:\Programme\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe ()
SRV - (DGSnetd) -- C:\Programme\DGS\dgsnetd.exe ()
SRV - (IGBASVC) -- C:\Programme\Acer\Acer Bio Protection\BASVC.exe ()
SRV - (IAANTMON) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (ETService) -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe ()
SRV - (eDataSecurity Service) -- C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
SRV - (lxbk_device) -- C:\Windows\System32\lxbkcoms.exe ( )
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (CLHNService) -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
SRV - (RS_Service) -- C:\Programme\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
SRV - (MobilityService) -- C:\ACER\Mobility Center\MobilityService.exe ()
SRV - (Adobe Version Cue CS3) -- C:\Programme\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe (Adobe Systems Incorporated)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (WacomVKHid) -- system32\DRIVERS\WacomVKHid.sys File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (npkcrypt) -- D:\Spiele\setups\MastelaRO Full Client\npkcrypt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (wacomvhid) -- C:\Windows\System32\drivers\wacomvhid.sys (Wacom Technology)
DRV - (AnyDVD) -- C:\Windows\System32\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - (USBModem) -- C:\Windows\System32\drivers\lgusbmodem.sys (LG Electronics Inc.)
DRV - (UsbDiag) -- C:\Windows\System32\drivers\lgusbdiag.sys (LG Electronics Inc.)
DRV - (usbbus) -- C:\Windows\System32\drivers\lgusbbus.sys (LG Electronics Inc.)
DRV - (akshasp) -- C:\Windows\System32\drivers\akshasp.sys (Aladdin Knowledge Systems Ltd.)
DRV - (hardlock) -- C:\Windows\System32\drivers\hardlock.sys (SafeNet Inc.)
DRV - (aksusb) -- C:\Windows\System32\drivers\aksusb.sys (Aladdin Knowledge Systems Ltd.)
DRV - (FlashUSB) -- C:\Windows\System32\drivers\FlashUSB.sys (Danish Wireless Design A/S)
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (Point32) -- C:\Windows\System32\drivers\point32k.sys (Microsoft Corporation)
DRV - (AlfaFF) -- C:\Windows\System32\drivers\AlfaFF.sys (Alfa Corporation)
DRV - (wacmoumonitor) -- C:\Windows\System32\drivers\wacmoumonitor.sys (Wacom Technology)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- C:\Programme\Acer Arcade Deluxe\PlayMovie\000.fcl (Cyberlink Corp.)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (L1E) -- C:\Windows\System32\drivers\L1E60x86.sys (Atheros Communications, Inc.)
DRV - (NETw5v32) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (NTIPPKernel) -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys (Cyberlink Corp.)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (winbondcir) -- C:\Windows\System32\drivers\winbondcir.sys (Winbond Electronics Corporation)
DRV - (wacommousefilter) -- C:\Windows\System32\drivers\wacommousefilter.sys (Wacom Technology)
DRV - (int15) -- C:\Windows\System32\drivers\int15.sys ()
DRV - (iviVD) -- C:\Windows\System32\drivers\iviVD.sys (InterVideo)
DRV - (PenClass) -- C:\Windows\System32\drivers\penclass.sys (Wacom Technology Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1008&m=aspire_6930g
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1008&m=aspire_6930g
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {76aeea42-e04a-4b62-83ab-df4b2be2541e} - C:\Programme\MessengerPlusLive_Germany_TB\tbMess.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1008&m=aspire_6930g
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\URLSearchHook: {76aeea42-e04a-4b62-83ab-df4b2be2541e} - C:\Programme\MessengerPlusLive_Germany_TB\tbMess.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7GGLL_de
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = hxxp://127.0.0.1:4664/search&s=XxWLx4A74_tnGbmr9JOO-sxy-7c?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {6e764c17-863a-450f-bdd0-6772bd5aaa18}:1.0.3
FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.5
FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.12.2.44079
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: tineye@ideeinc.com:1.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q="
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: D:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10: C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.09.13 17:41:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.03.01 18:42:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.08.29 15:46:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.06.15 16:47:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\version4\components [2011.06.14 17:04:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\version4\plugins [2012.03.01 18:42:48 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.09.13 17:41:53 | 000,000,000 | ---D | M]
 
[2009.01.27 22:58:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jenny\AppData\Roaming\mozilla\Extensions
[2012.08.11 14:51:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jenny\AppData\Roaming\mozilla\Firefox\Profiles\743hbu9z.default\extensions
[2010.04.30 22:55:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jenny\AppData\Roaming\mozilla\Firefox\Profiles\743hbu9z.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.07.20 21:43:50 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Jenny\AppData\Roaming\mozilla\Firefox\Profiles\743hbu9z.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.03.29 21:42:53 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Jenny\AppData\Roaming\mozilla\Firefox\Profiles\743hbu9z.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.08.19 21:09:48 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Jenny\AppData\Roaming\mozilla\Firefox\Profiles\743hbu9z.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(147)
[2010.08.19 21:09:49 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Jenny\AppData\Roaming\mozilla\Firefox\Profiles\743hbu9z.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(148)
[2012.04.08 10:11:02 | 000,000,000 | ---D | M] (Browser Companion Helper) -- C:\Users\Jenny\AppData\Roaming\mozilla\Firefox\Profiles\743hbu9z.default\extensions\bbrs_002@blabbers.com
[2011.02.17 00:34:07 | 000,000,000 | ---D | M] (TinEye Reverse Image Search) -- C:\Users\Jenny\AppData\Roaming\mozilla\Firefox\Profiles\743hbu9z.default\extensions\tineye@ideeinc.com
[2010.01.20 12:19:10 | 000,000,923 | ---- | M] () -- C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\743hbu9z.default\searchplugins\conduit.xml
[2012.08.28 21:44:50 | 000,001,056 | ---- | M] () -- C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\743hbu9z.default\searchplugins\icqplugin.xml
[2012.08.29 15:46:53 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.05.01 00:11:48 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\version4\extensions
[2011.05.01 00:11:48 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\version4\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2011.10.29 21:09:53 | 000,434,392 | ---- | M] () (No name found) -- C:\USERS\JENNY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\743HBU9Z.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
[2012.08.25 04:00:05 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.12.09 12:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012.08.25 04:49:52 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.25 04:49:52 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.08.25 04:49:52 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.08.25 04:49:52 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.08.25 04:49:52 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.08.25 04:49:52 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.83\pdf.dll
CHR - plugin:  (Enabled) = C:\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\kolgnaidildmdbfgdnoapjdianbpajne\1.0.5_0\chromeNPAPI.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: WacomTabletPlugin (Enabled) = C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll
CHR - plugin:  Wacom Dynamic Link Library (Enabled) = C:\Program Files\TabletPlugins\npwacom.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Foxkeh Theme = C:\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdfmcddmngjdmjmhhpcnbnmnkdhpjhef\0.0.5_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (MessengerPlusLive Germany TB Toolbar) - {76aeea42-e04a-4b62-83ab-df4b2be2541e} - C:\Program Files\MessengerPlusLive_Germany_TB\tbMess.dll (Conduit Ltd.)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Programme\CS3\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Programme\Microsoft\BingBar\7.1.364.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Programme\CS3\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (MessengerPlusLive Germany TB Toolbar) - {76aeea42-e04a-4b62-83ab-df4b2be2541e} - C:\Programme\MessengerPlusLive_Germany_TB\tbMess.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.364.0\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Programme\CS3\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (MessengerPlusLive Germany TB Toolbar) - {76AEEA42-E04A-4B62-83AB-DF4B2BE2541E} - C:\Programme\MessengerPlusLive_Germany_TB\tbMess.dll (Conduit Ltd.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Adobe_ID0EYTHM] C:\Programme\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)
O4 - HKLM..\Run: [BambooCore] C:\Programme\Bamboo Dock\BambooCore.exe ()
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [ePower_DMC] C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4 - HKLM..\Run: [eRecoveryService]  File not found
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [PlusService] C:\Programme\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartDGSnetd] C:\Programme\DGS\dgsnetd.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Jenny\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [RocketDock] D:\Programme\RocketDock\RocketDock.exe ()
O4 - Startup: C:\Users\Jenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Local security authentication server.lnk =  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O8 - Extra context menu item: An vorhandenes PDF anfügen - D:\Programme\CS3\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - D:\Programme\CS3\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - D:\Programme\CS3\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - D:\Programme\CS3\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - D:\Programme\CS3\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Jenny\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: In Adobe PDF konvertieren - D:\Programme\CS3\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - D:\Programme\CS3\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - D:\Programme\CS3\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programme\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programme\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - D:\Programme\icq\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - D:\Programme\icq\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 10.5.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{58F6CE43-4FE6-4393-8EC7-B3A4A2B65993}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\base64 - No CLSID value found
O18 - Protocol\Handler\chrome - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\prox - No CLSID value found
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - (C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll) - C:\Programme\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)
O20 - Winlogon\Notify\spba: DllName - (C:\Program Files\Common Files\SPBA\homefus2.dll) - C:\Programme\Common Files\SPBA\homefus2.dll (UPEK Inc.)
O24 - Desktop WallPaper: C:\Users\Jenny\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Jenny\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.01.02 22:51:48 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{53bd4665-10de-11e0-9874-00238b1c35d8}\Shell - "" = AutoRun
O33 - MountPoints2\{53bd4665-10de-11e0-9874-00238b1c35d8}\Shell\AutoRun\command - "" = E:\USBAutoRun.exe
O33 - MountPoints2\{669f3535-356b-11e1-8007-002269ddee37}\Shell - "" = AutoRun
O33 - MountPoints2\{669f3535-356b-11e1-8007-002269ddee37}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{669f3536-356b-11e1-8007-002269ddee37}\Shell - "" = AutoRun
O33 - MountPoints2\{669f3536-356b-11e1-8007-002269ddee37}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{693eb072-ec7a-11e0-a3df-00238b1c35d8}\Shell - "" = AutoRun
O33 - MountPoints2\{693eb072-ec7a-11e0-a3df-00238b1c35d8}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{693eb074-ec7a-11e0-a3df-00238b1c35d8}\Shell - "" = AutoRun
O33 - MountPoints2\{693eb074-ec7a-11e0-a3df-00238b1c35d8}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{ae2ac478-e9a6-11e0-9f40-00238b1c35d8}\Shell - "" = AutoRun
O33 - MountPoints2\{ae2ac478-e9a6-11e0-9f40-00238b1c35d8}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{ae2ac47b-e9a6-11e0-9f40-00238b1c35d8}\Shell - "" = AutoRun
O33 - MountPoints2\{ae2ac47b-e9a6-11e0-9f40-00238b1c35d8}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.08.31 10:27:05 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Users\Jenny\Desktop\OTL.exe
[2012.08.31 10:22:05 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{E375D325-143A-43A7-A519-61A1C9D500B4}
[2012.08.30 22:21:48 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{FC05CAF2-DDD5-4271-B1F1-ABAEE7AEF83A}
[2012.08.30 13:35:32 | 000,000,000 | ---D | C] -- C:\Users\Jenny\Desktop\Profiles
[2012.08.30 13:08:30 | 000,000,000 | ---D | C] -- C:\Users\Jenny\Desktop\743hbu9z.default
[2012.08.30 10:21:31 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{75513B9D-D703-4963-86DD-443587B5B92D}
[2012.08.29 15:12:23 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{628E1020-0280-4559-822A-56639F0EC5A1}
[2012.08.28 11:42:12 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{A301DAB2-8D8F-4C17-83DE-F1B635D1426D}
[2012.08.27 18:08:15 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{56ECC2C0-F7FD-4E7D-8129-C97D628F6822}
[2012.08.26 19:16:27 | 000,000,000 | ---D | C] -- C:\Users\Jenny\Desktop\Neuer Ordner
[2012.08.26 09:17:46 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{F60A620D-CBA8-45CB-818D-3889C6594C09}
[2012.08.25 13:28:04 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{1E19FFD3-EF94-40D9-9A1D-12F15A50D8DE}
[2012.08.24 16:47:47 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{FC6CED50-E4BE-42D3-B2BD-473B94E3170F}
[2012.08.23 22:51:11 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{4A4EB1BB-6349-4C66-A3AE-D0BD2F5B4993}
[2012.08.23 10:50:50 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{28FB832A-91CD-48EE-BCF9-8850A31DCF5E}
[2012.08.22 10:15:52 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{8E8C1E43-278D-43D2-81F2-1B25559C3B0F}
[2012.08.21 15:21:25 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{C4F497D5-AEDD-4AE5-A7C3-4AD7CCC35962}
[2012.08.20 22:52:24 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{DDD14536-F76F-4A3F-966A-DA1B4EB7897B}
[2012.08.20 11:07:46 | 002,047,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.08.20 11:01:33 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.08.20 11:01:33 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.08.20 11:01:30 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.08.20 11:01:30 | 000,629,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.08.20 11:01:30 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2012.08.20 11:01:29 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012.08.20 11:01:29 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012.08.20 11:01:29 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012.08.20 11:01:29 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.08.20 11:01:29 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012.08.20 11:01:29 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012.08.20 11:01:29 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012.08.20 11:01:29 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012.08.20 11:01:29 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012.08.20 11:01:28 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.08.20 11:01:28 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012.08.20 11:01:28 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.08.20 11:01:28 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012.08.20 10:52:08 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{33541514-8C76-43D3-A30E-94E8599DC555}
[2012.08.19 19:55:45 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{D727D75B-CA0D-457B-B127-6205A6E544F1}
[2012.08.18 20:46:19 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{E68A5A6B-232B-4959-9392-2C2D01D5C5B3}
[2012.08.18 20:46:10 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{1ACEAB98-F114-4743-8BA5-6E718CF7F6E0}
[2012.08.17 16:08:34 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{C9D6317B-E179-4DE7-9F60-6FB1A50194E9}
[2012.08.17 16:08:29 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{3E260075-0AC8-411B-8760-2375BC11689B}
[2012.08.16 21:58:17 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{10C3ABE8-0035-4D27-A8C1-0A843606DA31}
[2012.08.16 09:58:00 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{985ABF91-167C-445D-A4DE-E0AB14E9BADD}
[2012.08.16 09:57:52 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{22783D17-7C37-48F8-9B8A-A38FE8D92C1B}
[2012.08.15 18:14:31 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{9CBD5DCB-6D5F-4055-B4EA-E516E0CC44E8}
[2012.08.15 18:14:28 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{4AC2238A-A41B-4200-B0EF-6113ACCE1FC8}
[2012.08.14 14:24:59 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{9A770879-7A13-4685-9686-525AD1987F36}
[2012.08.14 14:24:55 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{DC85DFCC-0DE1-46EE-96FB-80E1E1D05918}
[2012.08.13 19:48:51 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{8C606F86-FB55-48C5-9AF4-5A60423F5F4E}
[2012.08.13 19:48:47 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{EAB836C9-5D9D-42DB-AE85-EA2192E82A99}
[2012.08.13 07:48:21 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{1CA72312-D287-4210-B24F-1EDA7AEB2FBB}
[2012.08.13 07:48:11 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{ED896EE9-A3AC-43A7-9BE5-FE93E2A2BA25}
[2012.08.12 12:49:36 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{D89DCEFA-1351-4F58-97AE-0203DC3CA376}
[2012.08.12 12:49:31 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{EF1C9239-4DD0-4B34-B9A2-C00972C16096}
[2012.08.11 14:49:06 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{E9C74C1F-03D7-4543-A0D7-5F43F4927DF9}
[2012.08.11 14:49:03 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{1779E30E-C28C-4838-9B86-46435243D126}
[2012.08.10 17:38:15 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{B485E729-89A1-40EC-9D5C-C5BADD87FB24}
[2012.08.10 17:38:11 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{04C0137A-5BF1-4326-BE44-3EA97C5A9687}
[2012.08.09 16:13:27 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{F08F020C-1F6B-4277-B913-4FEFD912DC1C}
[2012.08.09 16:13:21 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{6538CCE4-5C76-40DB-903C-6F3198ADAB30}
[2012.08.08 16:38:32 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{7A260BEF-FD13-4865-9AA9-C80617C7FF34}
[2012.08.08 16:38:27 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{58C146BD-AA54-4F15-A340-AC69371FBA87}
[2012.08.07 21:32:48 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2012.08.07 16:47:09 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{5B2D35CB-0C5A-4952-BE52-5E175C01E43F}
[2012.08.07 16:47:05 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{80C55C10-E0C6-4A1F-9CFD-E19C5B3DCDCF}
[2012.08.06 13:06:59 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{E5ACFDF6-FF99-4258-8BD0-016094979E28}
[2012.08.06 13:06:54 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{FF6E6317-2E4F-4C1B-8D56-9903781CFCD8}
[2012.08.05 15:26:55 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{B851BA96-7EB4-4B17-ACE7-095C724C37B1}
[2012.08.05 15:26:44 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{1953354E-6BF2-46E0-BB62-746703108C7A}
[2012.08.04 14:42:30 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{7973F559-9879-4849-B7E7-21419DE51407}
[2012.08.04 14:42:26 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{7EFAF018-B6CA-4247-9F06-DD0782B400A5}
[2012.08.03 17:43:57 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{70391954-D52A-4C11-BBD8-4F0E84912D73}
[2012.08.03 17:43:52 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{3F54C839-2DA8-4CDA-AD9A-1403FF39BF45}
[2012.08.02 15:36:49 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{470F948C-A655-4643-8E9F-DF4764554774}
[2012.08.02 15:36:44 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{4B0990C4-A5EF-4238-9788-536653C07D87}
[2012.08.01 18:29:54 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{9FF88674-8220-47A5-A14B-01770264439A}
[2012.08.01 18:29:50 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{21E2466E-8C60-48ED-A066-0D7EC2F53EDA}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Jenny\Documents\*.tmp files -> C:\Users\Jenny\Documents\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.08.31 10:27:08 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Jenny\Desktop\OTL.exe
[2012.08.31 10:27:01 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.31 10:18:08 | 000,069,885 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012.08.31 10:17:49 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2012.08.31 10:17:28 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.08.31 10:17:09 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.31 10:17:09 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.31 10:17:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.31 10:16:49 | 3215,839,232 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.31 00:32:51 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.08.30 23:57:10 | 000,511,265 | ---- | M] () -- C:\Users\Jenny\Desktop\adwcleaner.exe
[2012.08.30 20:06:58 | 000,196,608 | ---- | M] () -- C:\Users\Jenny\Desktop\Favicons
[2012.08.30 19:48:51 | 000,908,794 | ---- | M] () -- C:\Users\Jenny\Desktop\firefox.jpg
[2012.08.30 19:48:30 | 000,963,676 | ---- | M] () -- C:\Users\Jenny\Desktop\chrome.jpg
[2012.08.30 19:40:07 | 000,000,688 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.08.30 18:50:35 | 000,004,165 | ---- | M] () -- C:\Users\Jenny\Desktop\fox.gif
[2012.08.30 18:46:29 | 000,004,165 | ---- | M] () -- C:\Users\Jenny\Desktop\pyong_raposa_fox-05.gif
[2012.08.30 14:16:00 | 000,000,974 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2012.08.30 14:09:14 | 000,267,596 | ---- | M] () -- C:\Users\Jenny\Desktop\java.jpg
[2012.08.30 14:03:29 | 000,314,008 | ---- | M] () -- C:\Users\Jenny\Desktop\bookmarks.html
[2012.08.30 13:09:57 | 000,121,230 | ---- | M] () -- C:\Users\Jenny\Desktop\bookmarks-2012-08-30.json
[2012.08.29 19:03:09 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.08.29 19:03:09 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.08.27 00:08:03 | 000,069,885 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012.08.26 22:09:36 | 000,220,160 | ---- | M] () -- C:\Users\Jenny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.08.23 17:00:27 | 000,000,680 | ---- | M] () -- C:\Users\Jenny\AppData\Local\d3d9caps.dat
[2012.08.21 15:24:03 | 000,628,992 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.08.21 15:24:03 | 000,596,246 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.08.21 15:24:03 | 000,126,704 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.08.21 15:24:03 | 000,104,320 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.08.21 15:16:29 | 002,543,872 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.08.19 19:51:02 | 213,535,416 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.08.13 10:08:36 | 000,007,962 | ---- | M] () -- C:\cc_20120813_100832.reg
[2012.08.13 09:57:34 | 000,002,299 | ---- | M] () -- C:\Users\Jenny\AppData\Roaming\acervcmtmp.ini
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Jenny\Documents\*.tmp files -> C:\Users\Jenny\Documents\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.08.30 23:57:01 | 000,511,265 | ---- | C] () -- C:\Users\Jenny\Desktop\adwcleaner.exe
[2012.08.30 19:48:49 | 000,908,794 | ---- | C] () -- C:\Users\Jenny\Desktop\firefox.jpg
[2012.08.30 19:48:28 | 000,963,676 | ---- | C] () -- C:\Users\Jenny\Desktop\chrome.jpg
[2012.08.30 19:40:07 | 000,000,688 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.08.30 18:50:34 | 000,004,165 | ---- | C] () -- C:\Users\Jenny\Desktop\fox.gif
[2012.08.30 18:46:37 | 000,004,165 | ---- | C] () -- C:\Users\Jenny\Desktop\pyong_raposa_fox-05.gif
[2012.08.30 14:09:12 | 000,267,596 | ---- | C] () -- C:\Users\Jenny\Desktop\java.jpg
[2012.08.30 14:03:29 | 000,314,008 | ---- | C] () -- C:\Users\Jenny\Desktop\bookmarks.html
[2012.08.30 13:09:57 | 000,121,230 | ---- | C] () -- C:\Users\Jenny\Desktop\bookmarks-2012-08-30.json
[2012.08.19 19:51:02 | 213,535,416 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012.08.13 10:08:35 | 000,007,962 | ---- | C] () -- C:\cc_20120813_100832.reg
[2011.12.28 22:42:43 | 000,153,936 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2011.12.26 22:42:10 | 000,000,783 | ---- | C] () -- C:\Windows\NTIWVEDT.INI
[2011.12.23 01:03:57 | 000,032,256 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2011.12.21 20:27:57 | 000,758,018 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011.12.21 20:27:57 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011.12.21 20:27:56 | 008,676,883 | ---- | C] () -- C:\Windows\System32\NCMedia2.dll
[2011.09.06 22:41:28 | 000,000,314 | ---- | C] () -- C:\Windows\wininit.ini
[2011.07.26 14:35:22 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011.06.23 17:31:10 | 000,000,275 | ---- | C] () -- C:\Users\Jenny\AppData\Local\HamsterVideoConverterSettings.cfg
[2011.02.06 15:16:59 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
[2011.02.06 15:16:59 | 000,002,413 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
[2011.01.20 23:23:44 | 000,200,704 | ---- | C] () -- C:\Windows\System32\BongoSDK.10.v40.dll
[2011.01.04 10:56:56 | 001,630,700 | ---- | C] () -- C:\Program Files\dgs_install.zip
[2011.01.04 10:56:12 | 000,022,376 | -H-- | C] () -- C:\Users\Jenny\.sw-main934
[2011.01.04 10:56:12 | 000,002,560 | -H-- | C] () -- C:\Users\Jenny\.sw-recents
[2010.09.13 17:31:10 | 000,197,053 | ---- | C] () -- C:\Windows\hpwins27.dat
[2010.08.29 21:36:18 | 000,000,093 | ---- | C] () -- C:\Users\Jenny\AppData\Local\fusioncache.dat
[2009.12.29 03:06:59 | 000,000,680 | ---- | C] () -- C:\Users\Jenny\AppData\Local\d3d9caps.dat
[2009.02.01 13:33:46 | 000,220,160 | ---- | C] () -- C:\Users\Jenny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.01.30 21:06:56 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009.01.27 19:11:27 | 000,002,299 | ---- | C] () -- C:\Users\Jenny\AppData\Roaming\acervcmtmp.ini
[2009.01.27 18:15:05 | 000,069,885 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.01.27 18:12:48 | 000,069,885 | ---- | C] () -- C:\ProgramData\nvModes.dat
 
========== LOP Check ==========
 
[2009.02.07 01:05:03 | 000,000,000 | -HSD | M] -- C:\Users\Jenny\AppData\Roaming\.#
[2009.02.17 22:25:49 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Acer
[2008.07.30 04:10:28 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Acer GameZone Console
[2011.10.29 20:40:26 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Atari
[2011.01.30 21:58:04 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Autodesk
[2010.01.30 13:01:10 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Blender Foundation
[2011.12.25 13:04:25 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\com.gugga.radiomini
[2012.07.25 11:31:47 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\DAEMON Tools Lite
[2012.08.13 09:57:19 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Dropbox
[2011.12.22 01:22:50 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\DVDVideoSoft
[2011.07.20 21:43:41 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\DVDVideoSoftIEHelpers
[2009.01.27 18:16:29 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\eSobi
[2011.06.23 23:02:57 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\FreeFLVConverter
[2010.08.25 14:45:53 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\GetRightToGo
[2011.11.06 23:03:06 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\IcoFX
[2011.08.21 00:51:13 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\ICQ
[2009.08.30 16:45:27 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\LG Electronics
[2010.01.29 00:06:56 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Morpheus Software
[2011.10.29 23:24:11 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Mp3tag
[2011.10.29 23:11:33 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\MusicBrainz
[2011.08.13 00:21:35 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Nvu
[2009.10.14 20:36:24 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\OpenOffice.org
[2010.08.22 11:52:58 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\PlayFirst
[2010.04.01 13:05:30 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\SecondLife
[2009.08.25 00:37:43 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\SPORE Creature Creator
[2010.02.04 11:06:57 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\STOIK
[2010.05.10 22:09:07 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\TS3Client
[2010.08.29 21:53:54 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Turbine
[2012.07.24 22:09:58 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\uTorrent
[2011.12.25 11:50:07 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Wacom
[2011.12.25 11:56:55 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
[2010.10.08 12:42:01 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Windows Live Writer
[2012.08.31 00:32:52 | 000,032,530 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 353 bytes -> C:\ProgramData\Temp:05EE1EEF
@Alternate Data Stream - 111 bytes -> C:\ProgramData\Temp:4CF61E54
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:4F636E25
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:2B99FE60

< End of report >
--- --- ---

Code:
OTL Extras logfile created on: 31.08.2012 10:28:24 - Run 1
OTL by OldTimer - Version 3.2.59.1    Folder = C:\Users\Jenny\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19298)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,99 Gb Total Physical Memory | 1,57 Gb Available Physical Memory | 52,53% Memory free
6,19 Gb Paging File | 4,44 Gb Available in Paging File | 71,76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 46,63 Gb Free Space | 32,37% Space Free | Partition Type: NTFS
Drive D: | 140,50 Gb Total Space | 15,23 Gb Free Space | 10,84% Space Free | Partition Type: NTFS
 
Computer Name: XXXX | User Name: XXXX | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [CEWE FOTOSCHAU] -- "D:\Programme\dm Fotowelt\dm-Fotowelt\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- D:\Programme\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [dm Fotowelt] -- "D:\Programme\dm Fotowelt\dm Fotowelt.exe" "%1" ()
Directory [dm-Fotowelt] -- "D:\Programme\dm Fotowelt\dm-Fotowelt\dm-Fotowelt.exe" "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Programme\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption -- ( Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption -- ( Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe:*:Enabled:eDSMgr
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe:*:Enabled:encryption
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe:*:Enabled:decryption
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe:*:Enabled:eDSMgr
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04C38445-AF55-4626-ABEA-F4A0475BBDAD}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{0B94C6F8-B1FA-46E7-A81E-768D35F22CB1}" = lport=50900 | protocol=6 | dir=in | name=adobe version cue cs3 server |
"{1FC0F839-89C0-444E-B0EA-2F2E49C3CFAA}" = lport=2869 | protocol=6 | dir=in | app=system |
"{31C3CCD8-BFE8-49AB-B971-FB7C3FC6CF09}" = lport=50901 | protocol=6 | dir=in | name=adobe version cue cs3 server |
"{59438DE2-21FE-490E-A004-E2A0D8DC75ED}" = lport=49158 | protocol=6 | dir=in | name=akamai netsession interface |
"{70710AFC-B322-48A1-B7D1-E764C883D823}" = lport=3704 | protocol=6 | dir=in | name=adobe version cue cs3 server |
"{8A4AD6A8-10B0-478B-8A04-E6483AC32C10}" = lport=3703 | protocol=6 | dir=in | name=adobe version cue cs3 server |
"{9061396F-2AEF-43CA-A884-777597A80971}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{E639AADE-359D-4FAD-A942-72083826C63B}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{FC980B70-A17B-47A6-86C1-B0540A7F919F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0311C8B4-F137-4B20-883B-FA4DFBD40991}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe |
"{0D66F652-EB71-4C4F-B4F2-8783AB710EE2}" = protocol=17 | dir=in | app=d:\programme\icq\icq7.4\icq.exe |
"{0F472933-D79C-422F-89DE-272C10DE7F43}" = protocol=17 | dir=in | app=c:\program files\3dsmax\mentalimages\satellite\raysat_3dsmax2011_32.exe |
"{14B0664F-D1FC-40D1-8C29-49D7F23BFDDE}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{170F9811-0166-4F95-BC07-111DE0B6FD37}" = protocol=17 | dir=in | app=d:\programme\icq\icq7.4\icq.exe |
"{18911FCF-CEA1-4001-9B2A-10874B579CE9}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{1CA1BEED-350E-40F3-AC52-8C96C117F7B9}" = protocol=6 | dir=in | app=d:\programme\icq\icq7.4\icq.exe |
"{1F459D85-0657-4CAF-A5F9-21BD94091F70}" = dir=in | app=c:\program files\acer\acer vcm\vc.exe |
"{2362F9B1-6FE0-4148-A122-D03B0130994D}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{2567D9BA-2DEF-41E8-ABC0-8ADB06020566}" = protocol=17 | dir=in | app=c:\program files\3dsmax\mentalimages\satellite\raysat_3dsmax2011_32server.exe |
"{28F66114-24E9-4EFA-BC8A-8965E95CCD61}" = protocol=17 | dir=in | app=d:\programme\icq\icq7.4\icq.exe |
"{292C16F0-F366-43E3-A613-8AB770CBA549}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{29C885BE-D034-4466-9F8A-5E7FEBD52DD6}" = protocol=6 | dir=in | app=d:\programme\icq\icq7.4\icq.exe |
"{2BBC3EB7-EE27-4F0E-8566-4A5F16A65A66}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{335D6608-33D4-457C-A0B0-7974467429A5}" = protocol=6 | dir=in | app=c:\program files\3dsmax\3dsmax.exe |
"{352E3AA6-B708-4254-A3D7-C05911FC6361}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{3673E242-38DB-415C-81CD-F767E62534FE}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{392B28F9-BC0E-452C-8593-B5688ADB4E54}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\adobe version cue cs3\server\bin\versioncuecs3.exe |
"{44DC91F9-B3FD-4C00-B8D3-844D0A8C4BF7}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\playmovie.exe |
"{45502E4E-092F-49B1-AC06-D43B9E95AEA6}" = protocol=6 | dir=in | app=d:\spiele\ragnarok\ragexe.exe |
"{455B5C15-BB02-4A13-875B-622C0BE5C55A}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{485E181B-D509-408C-BD5A-33B49E26F589}" = protocol=17 | dir=in | app=c:\program files\3dsmax\3dsmax.exe |
"{4CFF1A8E-E564-4E4E-96E2-73F6BF44ACF3}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{4D0A3162-B233-448A-ACEF-878F5E341A2C}" = protocol=6 | dir=in | app=c:\program files\autodesk\backburner\monitor.exe |
"{4FFF76A4-5133-4FB0-B56E-384BF524FDA9}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{537DB8E8-1770-4AD0-8998-2870E54D74E9}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{55782BB4-ED83-46B5-AB93-93F9ECCB4B99}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxm08.exe |
"{5F1B3C69-935D-440F-A7F2-F99B656C379A}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxbkpswx.exe |
"{6076B964-0B75-40A9-BD76-59A67F1DA942}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{6702E16E-13F4-43F3-A5EB-4EFCC112BD94}" = protocol=17 | dir=in | app=c:\program files\autodesk\backburner\monitor.exe |
"{6DC490AB-9AFF-4D24-80FE-CB63D645A6C7}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2011\3dsmax.exe |
"{75C189BF-AAD7-47C7-A678-89E0B4D66543}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxs08.exe |
"{760648AA-C2FC-4CC3-9D7D-50D5CA29E873}" = protocol=6 | dir=in | app=c:\users\jenny\appdata\roaming\dropbox\bin\dropbox.exe |
"{76A459A5-9788-4A0E-8017-76C2F21FBC5C}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{7BD65B90-A3F1-4D8C-9E90-4999B8EBA804}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{7CDCD324-993C-4E4F-B63E-9C876C176A82}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqfxt08.exe |
"{83E3B3EA-4E60-439C-9E7B-0F15DB6189B4}" = protocol=6 | dir=in | app=c:\program files\3dsmax\mentalimages\satellite\raysat_3dsmax2011_32.exe |
"{85B6ED77-B12A-4D6A-B9DB-077CC791512E}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2011\3dsmax.exe |
"{866CCA5A-D05E-4882-9634-3D51C5FBBDBC}" = protocol=17 | dir=in | app=c:\windows\system32\lxbkcoms.exe |
"{87B0F00A-9CBC-435B-9CE9-5D1980C13A2D}" = protocol=6 | dir=in | app=d:\programme\icq\icq7.4\icq.exe |
"{87C42BB4-C805-493A-A0E1-70D9C4BC882B}" = protocol=17 | dir=in | app=d:\spiele\ragnarok\ragexe.exe |
"{8D47434F-0F66-4966-88EE-606054D649FC}" = protocol=6 | dir=in | app=c:\program files\autodesk\backburner\manager.exe |
"{931E510E-0385-4290-9015-1A05D2A94E0F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpzwiz01.exe |
"{970E2153-184F-482B-9B86-B46EAE130CBB}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{9F4341BF-F16F-44C2-8E08-10B9314832AC}" = protocol=6 | dir=in | app=c:\program files\autodesk\backburner\server.exe |
"{A5A42F72-BB21-4A40-B82B-E259C1E6CED8}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{A8233CF2-CAAD-4B41-A95E-62ADF6B4089A}" = protocol=17 | dir=in | app=c:\users\jenny\appdata\roaming\dropbox\bin\dropbox.exe |
"{B098FDAA-B8EF-41A9-B3DA-DE9E10CE9B39}" = protocol=6 | dir=in | app=c:\program files\3dsmax\mentalimages\satellite\raysat_3dsmax2011_32server.exe |
"{B3D45A7D-8AD2-4E2C-8D15-B27610520A8F}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{B5F70D68-3AF0-49BE-8EE1-008C314E2422}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{BA1EE302-8125-4E4E-8B73-FEAC23C3F9EA}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposfx08.exe |
"{BEEEEE1F-50B1-48DF-B05F-7ACE0E6D17B3}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{BFFCA3C9-3B96-4A2F-AB3E-EB8B021F0602}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{C67B2A5E-7B01-4D17-AF42-8111E9881A22}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe |
"{C89FFB57-F7D2-43D9-B3E9-816A9A45D866}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe |
"{D0E50ACD-136C-4D0C-99A9-4E4DBADBE0B0}" = protocol=17 | dir=in | app=c:\program files\autodesk\backburner\manager.exe |
"{D351F1A2-CD85-4A0F-BDFE-5887CB0D9CDF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{D50664DD-ECC8-4F91-A336-133D57FD409C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{D610B657-85EF-43E0-9B11-4AF8A0911D53}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{D8C63FD1-5080-40C1-81C5-C9C50F79250C}" = protocol=17 | dir=in | app=c:\program files\autodesk\backburner\server.exe |
"{D9277855-0A29-4403-87C3-88B0F208C0D7}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{E4447BF4-83FE-4B2F-8D0D-CEA7B40F5103}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\adobe version cue cs3\server\bin\versioncuecs3.exe |
"{EB5E3053-93A1-4ED7-ACEC-56BCBC7A7E62}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2011\mentalimages\satellite\raysat_3dsmax2011_32.exe |
"{ECD3ADF2-C36E-41C7-8E2E-7A8069B8290A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{F379E883-67C7-49F2-8958-99E77B830FD4}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{F43D50A6-552F-4C8E-882A-C1545396EA2E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{F7D4A726-BB20-4E35-AE4D-ADB61B8E03DA}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2011\mentalimages\satellite\raysat_3dsmax2011_32.exe |
"{F9AB76AD-8DF8-48E5-8F91-D061ACF73245}" = protocol=6 | dir=in | app=c:\windows\system32\lxbkcoms.exe |
"{FA2ECDDF-BEE2-4314-8042-55BD183D8352}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\pmvservice.exe |
"{FC5D96DE-DC96-46EA-BF95-D6913E392B95}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{FCBB9AB1-EE62-4319-AD18-7FE994F6B25D}" = dir=in | app=d:\programme\powerdirector\powerdirector\pdr.exe |
"{FD95881C-1730-44A6-8ECE-F3EFA94F8085}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxbkpswx.exe |
"TCP Query User{28C89E53-407E-4F82-9AAF-E031AA7AC942}D:\spiele\secondlifeviewer2\slvoice.exe" = protocol=6 | dir=in | app=d:\spiele\secondlifeviewer2\slvoice.exe |
"TCP Query User{2ACC8F31-027B-4DD0-88A2-919855AF0B28}C:\program files\rhinoceros 4.0\system\rhino4.exe" = protocol=6 | dir=in | app=c:\program files\rhinoceros 4.0\system\rhino4.exe |
"TCP Query User{3904D328-5B4D-4846-8BDF-E4050CAAA929}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{56A72E0D-2DFE-40F1-BB84-8D515BC1C0CE}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{5DD841DE-8109-4FA8-8549-E4EDA6F3BC5B}C:\users\jenny\desktop\scitysetup_19235222.exe" = protocol=6 | dir=in | app=c:\users\jenny\desktop\scitysetup_19235222.exe |
"TCP Query User{6CD73801-AA15-418E-A8DB-B6F272A42BD0}C:\programdata\asgvis\drspawner\drspawner.exe" = protocol=6 | dir=in | app=c:\programdata\asgvis\drspawner\drspawner.exe |
"TCP Query User{8E9F7AC9-4CD8-4C70-8CC1-D4FABCA565A6}D:\programme\kaspersky\setup.exe" = protocol=6 | dir=in | app=d:\programme\kaspersky\setup.exe |
"TCP Query User{8FCC004E-88E9-4D3A-9155-52AF6C668E35}D:\programme\winamp\winamp.exe" = protocol=6 | dir=in | app=d:\programme\winamp\winamp.exe |
"TCP Query User{90056987-C9AE-419D-96D7-5FB7189A10C0}C:\users\jenny\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\jenny\appdata\local\akamai\netsession_win.exe |
"TCP Query User{9E03B506-EBE3-45BC-A021-897E7C7D1CAE}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{A7ECC04B-A9ED-42D1-B021-73C8EC71B456}D:\programme\musicbrainz picard\picard.exe" = protocol=6 | dir=in | app=d:\programme\musicbrainz picard\picard.exe |
"TCP Query User{BBCCDE66-35B7-4B19-A6CA-EC3DE8A9E794}D:\programme\icq\icq6.5\icq.exe" = protocol=6 | dir=in | app=d:\programme\icq\icq6.5\icq.exe |
"TCP Query User{C0138E9F-7D71-4FEA-AC87-90D72D923183}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{C5236DDA-48EB-4C0A-9DA4-B8758E3424BA}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{D3B4D646-6E9B-459D-B57F-DEF0F41248A7}D:\spiele\spore\eadm\core.exe" = protocol=6 | dir=in | app=d:\spiele\spore\eadm\core.exe |
"TCP Query User{F73FAEF9-AAA5-481F-85E7-98BB08F4B40D}C:\program files\dgs\dgsnetd.exe" = protocol=6 | dir=in | app=c:\program files\dgs\dgsnetd.exe |
"UDP Query User{192570D0-446D-400D-8DCD-0984BED180CA}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{1DF102CB-4124-4E1F-B8F2-809F2201A2B5}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{29DE9ED9-D40C-4EDE-AC9D-A1F7C58BD65C}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{2BF9BCCC-7E76-4EEF-A889-A3B1793589D0}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{398360B7-0871-4AC0-B0C0-B2CA6C728D9B}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{445F0964-0074-4B59-A59C-8F21ABE70022}C:\users\jenny\desktop\scitysetup_19235222.exe" = protocol=17 | dir=in | app=c:\users\jenny\desktop\scitysetup_19235222.exe |
"UDP Query User{51059E3C-8AC8-4A9F-9B5E-EABA4AE3775B}C:\programdata\asgvis\drspawner\drspawner.exe" = protocol=17 | dir=in | app=c:\programdata\asgvis\drspawner\drspawner.exe |
"UDP Query User{8DC30B06-87DF-452C-8F3D-A5FBF3048230}D:\spiele\spore\eadm\core.exe" = protocol=17 | dir=in | app=d:\spiele\spore\eadm\core.exe |
"UDP Query User{9B5E1074-6FCF-42E3-BE9C-82E27C864B83}D:\programme\icq\icq6.5\icq.exe" = protocol=17 | dir=in | app=d:\programme\icq\icq6.5\icq.exe |
"UDP Query User{A3335517-B7F2-43E3-A9BF-988CF3AAD971}D:\spiele\secondlifeviewer2\slvoice.exe" = protocol=17 | dir=in | app=d:\spiele\secondlifeviewer2\slvoice.exe |
"UDP Query User{A7CC504C-D2D7-4645-97A6-BCF004CC657A}C:\program files\rhinoceros 4.0\system\rhino4.exe" = protocol=17 | dir=in | app=c:\program files\rhinoceros 4.0\system\rhino4.exe |
"UDP Query User{B4A6FB27-E861-487B-BBD1-976261AF1DE4}D:\programme\musicbrainz picard\picard.exe" = protocol=17 | dir=in | app=d:\programme\musicbrainz picard\picard.exe |
"UDP Query User{C6E3F91F-D1F6-451A-BED3-6C2BD3F1B938}D:\programme\winamp\winamp.exe" = protocol=17 | dir=in | app=d:\programme\winamp\winamp.exe |
"UDP Query User{D8F48742-8BDA-4C4D-B3F9-BF9538239B4A}C:\users\jenny\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\jenny\appdata\local\akamai\netsession_win.exe |
"UDP Query User{E5E79DF0-0D00-4547-869D-39E49301D009}D:\programme\kaspersky\setup.exe" = protocol=17 | dir=in | app=d:\programme\kaspersky\setup.exe |
"UDP Query User{F9D449BE-AC3E-4599-A138-B56330A9DA7E}C:\program files\dgs\dgsnetd.exe" = protocol=17 | dir=in | app=c:\program files\dgs\dgsnetd.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01521746-02A6-4A72-00BD-A285DF6B80C6}" = Die Sims 2: Wilde Campus-Jahre
"{02602409-9189-4567-BC07-562605243B69}" = Windows Live Remote Client Resources
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.6400
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{10F498FF-5392-4DF3-8F73-FE172A9F3800}" = Winbond CIR Device Drivers
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}" = LG PC Suite II
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1D58229F-C505-45CA-8223-F35F3A34B963}" = Adobe Version Cue CS3 Server
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 24
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{342F5437-C87D-4BB5-89B9-B23E16C6A395}" = Microsoft Visual C++ 8.0 Support DLLs
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}" = Windows Live Remote Service Resources
"{3AF8C37F-696E-871C-0851-CDE980FD665E}" = Bamboo Dock
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1
"{3EB6F78A-66E3-434f-BD0E-76C7D078DB5E}" = 4500G510af_Software_Min
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{40625DE4-DCDB-44FE-84B5-E65F1365BF44}" = V-Ray for Rhinoceros
"{411E0CC3-587A-468C-B461-95FAFD05E4DE}" = Adobe InDesign CS3
"{4393DE35-AD67-4F37-95E4-30F06EA0FDB2}" = Adobe Creative Suite 3 Design Premium
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4817189D-1785-4627-A33C-39FD90919300}" = Die Sims™ 2 Haustiere
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4AA5B8A5-BEEF-4AD8-B11D-4443A042EA4F}" = Adobe Dreamweaver CS3
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{4EAB69C5-7763-4BB8-9D06-733292AA6E0C}" = Bing Bar
"{50A76A32-8D75-4839-815C-93054CFD436B}" = V-Ray for Rhinoceros
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5518E08A-2053-4A3E-85B2-F912D4666C9F}" = Adobe Setup
"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{579F16AF-AFA0-488C-BE83-71F4C92EC216}" = V-Ray for Rhinoceros
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5B63A470-9334-44D1-AF61-6CE2DB565AE9}" = Orion
"{5C2CBFFD-FC3B-4AA9-993B-CE2B8DA25B87}" = Rhinoceros 4.0
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6522C636-B04C-4333-9BEB-9E0C0B6350D6}" = Die Sims™ 2 Küchen- und Bad-Einrichtungs-Accessoires
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{67574624-BF0F-0407-AF6D-19FBD86FF7F7}" = Autodesk 3ds Max 2011 32-Bit
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6E0C3C3D-CF8A-4AEC-AD6C-B4486A96BE8E}" = Bamboo Tablets Tutorial
"{6E17F9751-F056-4335-B718-8AF1B1092AFB}" = Die Sims™ 2 IKEA® Home-Accessoires
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = Die Sims 2
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{762EBEC5-7ADC-48DC-ADDE-882616730050}" = TransType Pro
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7C32C567-DC0F-4C80-B06C-7873850A2E06}" = Die Sims - Tierisch gut drauf
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{8058F9B8-68C6-4769-A1F2-994C4529B2C6}" = V-Ray for Rhinoceros
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}" = Bricks of Egypt
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110322783}" = Big Kahuna Reef
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}" = Chuzzle
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}" = Mystery Case Files - Huntsville
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111324990}" = Kick N Rush
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111543617}" = Backspin Billiards
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111692950}" = Mahjongg Artifacts
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}" = Mystery Solitaire - Secret Island
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111872660}" = Diner Dash Flo on the Go
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112531267}" = Chicken Invaders 3
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}" = Agatha Christie Death on the Nile
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}" = Turbo Pizza
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}" = Azada
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}" = Die Sims™ 2 H&M®-Fashion-Accessoires
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}" = Die Sims™ 2 Freizeit-Spaß
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B9F50F9-BA6F-47c5-990B-76A74A1C68B0}" = 4500G510af
"{8C640345-AF96-4ABA-A697-97D2A0B8C6DB}" = Adobe Flash CS3
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92A51949-EE4C-466D-AAF0-99E74A49A63F}" = DocMgr
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{99E862CC-6F69-4D39-99AA-DBF71BF3B585}" = OpenOffice.org 3.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}" = Autodesk Material Library 2011
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam 2.0.8
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A8DF8593-F619-47DE-AD27-BCABF233433A}" = STOIK Video Converter 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-1033-F400-7760-000000000003}" = Adobe Acrobat 8 Professional - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.0 - Deutsch
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B1899CD8-9584-4DC5-00AE-48F47CF81183}" = Die Sims 2 HomeCrafter Plus
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B6F5B704-06D3-4687-90F3-6195304AD755}" = Die Sims™ 2 Apartment-Leben
"{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3
"{BCEDD813-269C-4D8F-A4BA-01FDC66254D3}" = Adobe Flash Video Encoder
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C167A588-87AA-47BF-A88E-5B0F9A14480D}" = InterVideo DVDCopy5
"{C175D5B0-ED04-42C9-B23F-D8BD406173E7}" = 4500_G510af_Help
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C7DDA8E7-AD3D-4F51-AC1E-B0FF57002192}" = Microsoft IntelliPoint 6.3
"{C8D7A672-F697-4572-AC62-C856053A8DBC}" = Adobe Illustrator CS3
"{C98517B6-DCE9-49B7-B19E-E384178D3986}" = HP Officejet 4500 G510a-f
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CCBC3666-5199-4702-B052-2C58FCA6EFF9}" = Rhinoceros 4.0 SR4b
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe  1.4.142.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFCA7747-0813-AEBA-886F-732E1CBD79EA}" = MoodTuner
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"{D3C605D8-3A5E-4BAD-965D-2C61441BF2AC}" = Adobe Photoshop CS3
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D57F1897-D0F5-4E5F-99BA-80815B43283A}" = Rhinoceros 4.0 SR4
"{D7960C39-E3FD-4B46-8E97-A1E9D128F913}" = Rhinoceros 4.0 SR3
"{D9FE1AFC-8C6D-484F-B3FD-E50780153234}" = Evernote
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = Die Sims™ 2 Vier Jahreszeiten
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4A0225B-A975-416C-8CF7-C1C025FD32D6}" = YP-U1
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EAA38532-7AD0-4f78-918A-4F4F02096ECE}" = Die Sims™ 2 Party-Accessoires
"{ECCD28B2-8798-4D16-8126-625D728294A1}" = SPBA 5.8
"{ECEE0279-785F-4CB3-9F28-E69813234BF8}" = SPORE™ Labor Basisversion
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EF5B1E83-1403-4F0E-A8E6-C169DF0CCE8C}" = LG PC Suite II
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F248ADFA-64E0-4b03-8A83-059078BED6A0}" = Die Sims™ 2 Gute Reise
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F7529650-B9DB-481B-0089-A2AC3C2821C1}" = Die Sims 2: Nightlife
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA52513B-03C2-4631-BE42-03ACF9226179}" = Tablett
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 4.65
"Acer Acer Bio Protection 6.0.00.17" = Acer Bio Protection

AAU 6.0.00.17
"Acer GameZone Console_is1" = Acer GameZone Console 2.0.1.1
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_061850775b1c6d22bf2a145678e05e0" = Adobe Creative Suite 3 Design Premium hinzufügen oder entfernen
"Akamai" = Akamai NetSession Interface Service
"AnyDVD" = AnyDVD
"Autodesk FBX Plug-in 2011.1 - 3ds Max 2011" = Autodesk FBX Plug-in 2011.1 - 3ds Max 2011
"Avira AntiVir Desktop" = Avira Free Antivirus
"Bamboo Dock" = Bamboo Dock
"CamStudio" = CamStudio
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon RAW Codec" = Canon RAW Codec
"CCleaner" = CCleaner
"CEP - Colour Enable Packages_is1" = CEP - Color Enable Package
"CloneDVD2" = CloneDVD2
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"com.gugga.radiomini" = MoodTuner
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dark and Light1.0.14.01" = Dark and Light
"DGS Portrait2" = DGS Portrait2
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup" = DivX-Setup
"dm Fotowelt" = dm Fotowelt
"dm-Fotowelt" = dm-Fotowelt
"DPP" = Canon Utilities Digital Photo Professional 3.1
"EADM" = EA Download Manager
"EOS 20D WIA Driver" = EOS 20D WIA Driver
"EOS Utility" = Canon Utilities EOS Utility
"ESET Online Scanner" = ESET Online Scanner v3
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Flamingo 1.1" = Flamingo 1.1
"Flamingo 1.1 for Rhino 4.0" = Flamingo 1.1 for Rhino 4.0
"FoxyTunesForFirefox" = FoxyTunes for Firefox
"Fraps" = Fraps (remove only)
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free FLV Converter_is1" = Free FLV Converter V 6.98.0
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 7.0
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.14.1206
"Freez FLV to AVI/MPEG/WMV Converter v1.6_is1" = Freez FLV to AVI/MPEG/WMV Converter
"GameWiz32" = GameWiz32
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"GridVista" = Acer GridVista
"Guild Wars" = GUILD WARS
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"IcoFX_is1" = IcoFX 1.6.4
"Id3Sort Version 1.3.0.13_is1" = Id3Sort Version, 1.3.0.13
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"InstallShield_{FA52513B-03C2-4631-BE42-03ACF9226179}" = Tablett
"Lexmark X1100 Series" = Lexmark X1100 Series
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Messenger Plus!" = Messenger Plus! 5
"MessengerPlusLive_Germany_TB Toolbar" = MessengerPlusLive Germany TB Toolbar
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 15.0 (x86 de)" = Mozilla Firefox 15.0 (x86 de)
"Mozilla Firefox 4.0.1 (x86 de)" = Mozilla Firefox 4.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.49
"MusicBrainz Picard" = MusicBrainz Picard
"MyDefrag v4.3.1_is1" = MyDefrag v4.3.1
"myGamersCam" = myGamersCam 1.2
"NVIDIA Drivers" = NVIDIA Drivers
"Nvu_is1" = Nvu 1.0
"ODSK" = Canon Utilities Original Data Security Tools
"Pen Tablet Driver" = Bamboo
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"Ramsete III" = Ramsete III
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"Rhino RDK" = Rhino RDK
"Rhinoceros 3.0" = Rhinoceros 3.0
"RocketDock_is1" = RocketDock 1.3.5
"Shop for HP Supplies" = Shop for HP Supplies
"ST6UNST #1" = Ramsete 2.70
"Surf & E-Mail-Stick" = Surf & E-Mail-Stick
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Tomb Raider: Anniversary Demo" = Tomb Raider: Anniversary Demo 1.0
"T-Splines for Rhino" = T-Splines for Rhino
"Uninstall_is1" = Uninstall 1.0.0.1
"uTorrent" = µTorrent
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1" = Bamboo Dock
"WFTK" = Canon Utilities WFT-E1/E2/E3 Utility
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Wisdom-soft Set up ASR 3.1 Pro" = Wisdom-soft Set up ASR 3.1 Pro
"Word8.0" = Microsoft Word 97
"Zoo Tycoon 1.0" = Zoo Tycoon-Erweiterungen
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Dropbox" = Dropbox
"World of Warcraft Trial" = Probeversion von World of Warcraft
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 27.08.2012 13:48:53 | Computer Name = Kessy | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Acrobat.exe, Version 8.0.0.456, Zeitstempel
0x453c8d7f, fehlerhaftes Modul icuuc34.dll, Version 3.4.0.0, Zeitstempel 0x43f67acf,
 Ausnahmecode 0xc0000005, Fehleroffset 0x0000eba3,  Prozess-ID 0x160c, Anwendungsstartzeit
 01cd847c2d63b175.
 
Error - 28.08.2012 05:39:15 | Computer Name = Kessy | Source = WinMgmt | ID = 10
Description =
 
Error - 29.08.2012 09:03:36 | Computer Name = Kessy | Source = WinMgmt | ID = 10
Description =
 
Error - 29.08.2012 09:27:28 | Computer Name = Kessy | Source = WinMgmt | ID = 10
Description =
 
Error - 29.08.2012 11:31:06 | Computer Name = Kessy | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung firefox.exe, Version 15.0.0.4619, Zeitstempel
 0x50382fcd, fehlerhaftes Modul xul.dll, Version 15.0.0.4619, Zeitstempel 0x50382f44,
 Ausnahmecode 0xc0000005, Fehleroffset 0x001bea47,  Prozess-ID 0x13d8, Anwendungsstartzeit
 01cd85ecc6964acb.
 
Error - 30.08.2012 04:10:20 | Computer Name = Kessy | Source = WinMgmt | ID = 10
Description =
 
Error - 30.08.2012 12:58:40 | Computer Name = Kessy | Source = WinMgmt | ID = 10
Description =
 
Error - 30.08.2012 14:19:57 | Computer Name = Kessy | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 15.0.0.4619 arbeitet nicht mehr mit
Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über
 das Problem zu suchen.  Prozess-ID: 25d8  Anfangszeit: 01cd86db9914554e  Zeitpunkt der
 Beendigung: 12
 
Error - 30.08.2012 17:06:47 | Computer Name = Kessy | Source = WinMgmt | ID = 10
Description =
 
Error - 31.08.2012 04:18:29 | Computer Name = Kessy | Source = WinMgmt | ID = 10
Description =
 
[ System Events ]
Error - 01.02.2009 07:11:54 | Computer Name = Kessy | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
 \Device\NetBT_Tcpip_{58F6CE43-4FE6-4393-8EC7-B3A4A2B65993} vom Serverdienst nicht
 gebunden werden. Der Serverdienst konnte nicht gestartet werden.
 
Error - 01.02.2009 07:11:54 | Computer Name = Kessy | Source = netbt | ID = 4321
Description = Der Name "KESSY          :20" konnte nicht auf der Schnittstelle mit
 IP-Adresse 192.168.2.2  registriert werden. Der Computer mit IP-Adresse 192.168.2.3
 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.
 
Error - 01.02.2009 07:11:57 | Computer Name = Kessy | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
 \Device\NetBT_Tcpip_{58F6CE43-4FE6-4393-8EC7-B3A4A2B65993} vom Serverdienst nicht
 gebunden werden. Der Serverdienst konnte nicht gestartet werden.
 
Error - 01.02.2009 07:11:57 | Computer Name = Kessy | Source = netbt | ID = 4321
Description = Der Name "KESSY          :0" konnte nicht auf der Schnittstelle mit
 IP-Adresse 192.168.2.2  registriert werden. Der Computer mit IP-Adresse 192.168.2.3
 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.
 
Error - 01.02.2009 07:11:57 | Computer Name = Kessy | Source = netbt | ID = 4321
Description = Der Name "KESSY          :0" konnte nicht auf der Schnittstelle mit
 IP-Adresse 192.168.2.2  registriert werden. Der Computer mit IP-Adresse 192.168.2.3
 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.
 
Error - 01.02.2009 07:11:57 | Computer Name = Kessy | Source = netbt | ID = 4321
Description = Der Name "KESSY          :20" konnte nicht auf der Schnittstelle mit
 IP-Adresse 192.168.2.2  registriert werden. Der Computer mit IP-Adresse 192.168.2.3
 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.
 
Error - 01.02.2009 13:32:46 | Computer Name = Kessy | Source = HTTP | ID = 15016
Description =
 
Error - 02.02.2009 15:21:13 | Computer Name = Kessy | Source = HTTP | ID = 15016
Description =
 
Error - 03.02.2009 11:12:35 | Computer Name = Kessy | Source = HTTP | ID = 15016
Description =
 
Error - 03.02.2009 16:11:26 | Computer Name = Kessy | Source = HTTP | ID = 15016
Description =
 
 
< End of report >

Linya 31.08.2012 10:07
und dann noch das Ergebnis von CCleaner

Code:
7-Zip 4.65                05.06.2010        3,13MB       
Acer Arcade Deluxe        CyberLink Corp.        27.10.2008        83,0MB        2.0.5529
Acer Bio Protection

AAU 6.0.00.17                27.10.2008        183,2MB       
Acer Crystal Eye Webcam 2.0.8        SuYin        27.10.2008        2,95MB        2.0.8
Acer eAudio Management        CyberLink Corp.        27.10.2008        4,71MB        3.0.3008
Acer eDataSecurity Management        Egis Inc.        29.07.2008        69,3MB        3.0.3062
Acer Empowering Technology        Acer Incorporated        27.10.2008        147,8MB        3.0.3009
Acer ePower Management        Acer Incorporated        27.10.2008        9,84MB        3.0.3014
Acer eRecovery Management        Acer Incorporated        27.10.2008        27,6MB        3.0.3014
Acer eSettings Management        Acer Incorporated        29.07.2008        27,4MB        3.0.3007
Acer GameZone Console 2.0.1.1        Oberon Media, Inc.        29.07.2008        38,5MB       
Acer GridVista                27.10.2008        1,51MB        2.72.317
Acer Mobility Center Plug-In        Acer Inc.        29.07.2008        4,13MB        3.0.3000
Acer ScreenSaver        Acer Incorporated        27.10.2008                1.11.0701
Acer VCM        Acer Incorporated        27.10.2008        22,9MB        3.1.3000
Activation Assistant for the 2007 Microsoft Office suites        Microsoft Corporation        27.10.2008        14,0MB       
Adobe AIR        Adobe Systems Incorporated        06.06.2012        38,1MB        3.2.0.2070
Adobe Creative Suite 3 Design Premium hinzufügen oder entfernen        Adobe Systems Incorporated        06.11.2009                1.0
Adobe Flash Player 11 ActiveX        Adobe Systems Incorporated        28.08.2012                11.4.402.265
Adobe Flash Player 11 Plugin        Adobe Systems Incorporated        26.08.2012                11.4.402.265
Adobe Reader 9.4.0 - Deutsch        Adobe Systems Incorporated        17.10.2010        242,3MB        9.4.0
Adobe Shockwave Player 11.5        Adobe Systems, Inc.        17.10.2010        8,27MB        11.5.8.612
Agatha Christie Death on the Nile        Oberon Media        27.10.2008        160,8MB       
Akamai NetSession Interface        Akamai Technologies, Inc        21.06.2012        44,2MB       
Akamai NetSession Interface Service                26.10.2011        44,2MB       
Alice Greenfingers        Oberon Media        27.10.2008        13,3MB       
AnyDVD        SlySoft        25.07.2011        9,96MB        6.8.4.0
Apple Application Support        Apple Inc.        31.12.2010        52,8MB        1.4.1
Apple Software Update        Apple Inc.        23.03.2012        2,38MB        2.1.3.127
Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver        Atheros Communications Inc.        29.07.2008        2,93MB        1.0.0.30
Autodesk 3ds Max 2011 32-Bit        Autodesk        01.01.2011        1.376,5MB        13.0
Autodesk Backburner 2008.1        Autodesk, Inc.        01.01.2011        12,5MB        2008.1.1
Autodesk FBX Plug-in 2011.1 - 3ds Max 2011        Autodesk        01.01.2011        38,9MB       
Autodesk Material Library 2011        Autodesk        01.01.2011        182,2MB        2.0.0.100
Avira Free Antivirus        Avira        11.03.2012        128,4MB        12.0.0.898
Azada        Oberon Media        27.10.2008        61,8MB       
Backspin Billiards        Oberon Media        27.10.2008        9,09MB       
Bamboo        Wacom Technology Corp.        29.04.2012        1,76MB        5.2.5-5
Bamboo Dock        Wacom Co., Ltd.        24.12.2011        200,5MB        4.0
Big Kahuna Reef        Oberon Media        27.10.2008        11,4MB       
Bing Bar        Microsoft Corporation        16.03.2012        0,51MB        7.1.364.0
Bricks of Egypt        Oberon Media        27.10.2008        6,73MB       
Cake Mania        Oberon Media        27.10.2008        17,5MB       
CamStudio                21.03.2009        161,5MB       
CANON iMAGE GATEWAY Task for ZoomBrowser EX                02.06.2010        41,0MB        1.3.1.5
Canon Internet Library for ZoomBrowser EX                02.06.2010        41,0MB        1.5.1.4
Canon RAW Codec        Canon Inc.        31.05.2010        30,8MB        1.7.0.56
Canon RAW Image Task for ZoomBrowser EX                02.06.2010        13,5MB        2.7.0.3
Canon Utilities Digital Photo Professional 3.1                02.06.2010        58,3MB        3.1.0.0
Canon Utilities EOS Utility                02.06.2010        31,7MB        2.1.0.1
Canon Utilities Original Data Security Tools                02.06.2010        5,87MB        1.1.0.0
Canon Utilities PhotoStitch                02.06.2010        6,14MB        3.1.19.43
Canon Utilities Picture Style Editor                02.06.2010        58,0MB        1.0.1.0
Canon Utilities WFT-E1/E2/E3 Utility                02.06.2010        2,26MB        3.1.0.7
Canon Utilities ZoomBrowser EX                02.06.2010        41,0MB        5.8.0.74
CCleaner        Piriform        05.03.2010        2,73MB        2.29
CEP - Color Enable Package        Numenor, for ModTheSims2        10.08.2010        0,68MB        6.0b (beta)
Chicken Invaders 3        Oberon Media        27.10.2008        53,4MB       
Chuzzle        Oberon Media        27.10.2008        10,3MB       
CloneDVD2        Elaborate Bytes        25.07.2011        8,85MB        2.9.3.0
ConvertHelper 2.2        DownloadHelper        15.11.2009        29,5MB       
CyberLink PhotoNow        CyberLink Corp.        16.09.2009        20,9MB        1.1.5615
CyberLink PowerDirector        CyberLink Corp.        16.09.2009        199,6MB        7.0.2905
DAEMON Tools Lite        DT Soft Ltd        24.07.2012        25,8MB        4.45.4.0314
Dark and Light        Farlan Entertainment Ltd        08.03.2009        1.337,2MB        1.0.14.01
DGS Portrait2                03.01.2011        12,7MB       
Die Sims - Tierisch gut drauf                03.04.2010        13,1MB       
Die Sims 2                12.04.2010        5.337,5MB       
Die Sims 2 HomeCrafter Plus                14.02.2011        12,7MB       
Die Sims 2: Nightlife                24.07.2012        1.286,6MB       
Die Sims 2: Wilde Campus-Jahre                12.04.2010        5.337,5MB       
Die Sims™ 2 Apartment-Leben        Electronic Arts        19.07.2010        8.015,1MB       
Die Sims™ 2 Freizeit-Spaß        Electronic Arts        06.02.2012        9.632,2MB       
Die Sims™ 2 Gute Reise        Electronic Arts        20.07.2012        12,7MB       
Die Sims™ 2 H&M®-Fashion-Accessoires                22.04.2010        8.015,1MB       
Die Sims™ 2 Haustiere                12.04.2010        5.337,5MB       
Die Sims™ 2 IKEA® Home-Accessoires        Electronic Arts        22.04.2010        8.015,1MB       
Die Sims™ 2 Küchen- und Bad-Einrichtungs-Accessoires        Electronic Arts        22.04.2010        8.015,1MB       
Die Sims™ 2 Party-Accessoires                06.02.2012        9.632,2MB       
Die Sims™ 2 Vier Jahreszeiten                12.04.2010        5.337,5MB       
Diner Dash Flo on the Go        Oberon Media        27.10.2008        17,2MB       
DivX Converter        DivX, Inc.        10.05.2010        45,3MB        7.1.0
DivX Plus DirectShow Filters        DivX, Inc.        10.05.2010        1,58MB       
DivX-Setup        DivX, LLC        29.02.2012        3,48MB        2.6.1.8
dm Fotowelt                06.12.2009        203,0MB       
dm-Fotowelt                17.02.2012        407,0MB       
Dropbox        Dropbox, Inc.        14.06.2012        26,2MB        1.4.7
EA Download Manager        Electronic Arts, Inc.        23.08.2009        7,99MB        5.0.0.288
EOS 20D WIA Driver                31.05.2010        1,25MB        6.0.0.4
ESET Online Scanner v3                31.03.2012        93,4MB       
eSobi v2        esobi Inc.        29.07.2008        17,0MB        2.0.3.000189
EVEREST Home Edition v2.20        Lavalys Inc        04.02.2009        6,58MB        2.20
Flamingo 1.1        Robert McNeel & Associates, 3670 Woodland Park Avenue North, Seattle, WA 98103 USA        19.01.2011        104,6MB        1.1 Release    20051111
Flamingo 1.1 for Rhino 4.0        Robert McNeel & Associates, 3670 Woodland Park Avenue North, Seattle, WA 98103 USA        19.01.2011        76,4MB        1.1.4 Release    2007-01-16
FoxyTunes for Firefox                03.04.2010               
Fraps (remove only)                28.03.2009        1,84MB       
Free Audio CD Burner version 1.4.7        DVDVideoSoft Limited.        12.04.2011        3,13MB       
Free FLV Converter V 6.98.0        Koyote Soft        22.06.2011        13,5MB        6.98.0.0
Free M4a to MP3 Converter 7.0        ManiacTools.com        14.10.2011        3,87MB       
Free YouTube to MP3 Converter version 3.10.14.1206        DVDVideoSoft Ltd.        21.12.2011        3,41MB       
Freez FLV to AVI/MPEG/WMV Converter        www.smallvideosoft.com        20.12.2011        9,94MB        1.6
GameWiz32        Nico Ebert        15.02.2009        1,64MB        1.43
Google Chrome        Google Inc.        01.09.2009        134,0MB        21.0.1180.83
Google Desktop        Google        13.06.2011        30,2MB        5.9.1005.12335
Google Earth        Google        18.11.2011        92,8MB        6.1.0.5001
Google Toolbar for Internet Explorer        Google Inc.        20.08.2012        34,9MB        7.4.3203.136
Google Updater        Google Inc.        20.09.2011        3,91MB        2.4.2432.1652
GUILD WARS                15.07.2010        858,5MB       
HDAUDIO Soft Data Fax Modem with SmartCP        Conexant Systems        29.07.2008        0,98MB        7.73.00.52
HijackThis 2.0.2        TrendMicro        21.11.2009        0,40MB        2.0.2
HP Customer Participation Program 13.0        HP        12.09.2010        280,5MB        13.0
HP Document Manager 2.0        HP        12.09.2010        3,29MB        2.0
HP Imaging Device Functions 13.0        HP        12.09.2010        3,36MB        13.0
HP Officejet 4500 G510a-f        HP        12.09.2010        33,4MB        13.0
HP Smart Web Printing 4.5        HP        12.09.2010        26,4MB        4.5
HP Solution Center 13.0        HP        12.09.2010        3,45MB        13.0
HP Update        Hewlett-Packard        26.12.2011        3,98MB        5.003.001.001
IcoFX 1.6.4                05.11.2011        3,75MB       
ICQ7.4        ICQ        10.04.2011        63,1MB        7.4
Id3Sort Version, 1.3.0.13                01.09.2010        1,59MB       
Intel® Matrix Storage Manager        Intel Corporation        27.10.2008        49,7MB       
InterVideo DVDCopy5        InterVideo Inc.        25.07.2011        96,9MB        5.5-B0.4
Java(TM) 6 Update 24        Sun Microsystems, Inc.        13.10.2009        97,7MB        6.0.240
Java(TM) 7 Update 5        Oracle        14.06.2012        99,3MB        7.0.50
JavaFX 2.1.1        Oracle Corporation        14.06.2012        20,9MB        2.1.1
Jewel Quest Solitaire        Oberon Media        27.10.2008        27,0MB       
Kick N Rush        Oberon Media        27.10.2008        43,3MB       
Launch Manager                27.10.2008        2,66MB       
Lexmark X1100 Series        Lexmark International, Inc.        25.04.2009        73,3MB       
LG PC Suite II        LG PC Suite        25.12.2010        204,3MB        2.00.0000
LG United Mobile Driver        LG Electronics        05.02.2011        5,99MB        2.2
Mahjong Escape Ancient China        Oberon Media        27.10.2008        13,6MB       
Mahjongg Artifacts        Oberon Media        27.10.2008        15,9MB       
Malwarebytes Anti-Malware Version 1.61.0.1400        Malwarebytes Corporation        29.08.2012        7,30MB        1.61.0.1400
Messenger Plus! 5        Yuna Software        04.08.2012        18,5MB        5.50.0.761
MessengerPlusLive Germany TB Toolbar        MessengerPlusLive Germany TB        06.08.2010        2,82MB        5.7.2.2
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU        Microsoft Corporation        03.02.2009        37,0MB       
Microsoft .NET Framework 3.5 SP1        Microsoft Corporation        02.02.2009        37,0MB       
Microsoft .NET Framework 4 Client Profile        Microsoft Corporation        25.06.2010        120,3MB        4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack        Microsoft Corporation        25.06.2010        24,5MB        4.0.30319
Microsoft IntelliPoint 6.3        Microsoft        23.12.2009        21,4MB        6.31.258.0
Microsoft Office File Validation Add-In        Microsoft Corporation        14.09.2011        7,92MB        14.0.5130.5003
Microsoft Office Home and Student 2007        Microsoft Corporation        18.02.2012        298,1MB        12.0.6612.1000
Microsoft Office Live Add-in 1.5        Microsoft Corporation        29.05.2010        0,49MB        2.0.4024.1
Microsoft Silverlight        Microsoft Corporation        12.05.2012        23,8MB        4.1.10329.0
Microsoft SQL Server 2005 Compact Edition [ENU]        Microsoft Corporation        28.08.2011        1,74MB        3.1.0000
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053        Microsoft Corporation        28.07.2009        0,25MB        8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable        Microsoft Corporation        16.06.2011        0,29MB        8.0.61001
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148        Microsoft Corporation        28.07.2009        0,19MB        9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570        Microsoft Corporation        23.04.2011        0,58MB        9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022        Microsoft Corporation        15.02.2009        0,45MB        9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729        Microsoft Corporation        29.11.2010        0,23MB        9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17        Microsoft Corporation        26.08.2009        0,58MB        9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148        Microsoft Corporation        25.03.2010        0,58MB        9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161        Microsoft Corporation        16.06.2011        0,58MB        9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219        Microsoft Corporation        12.03.2012        16,5MB        10.0.40219
Microsoft Visual C++ 8.0 Support DLLs        McNeel & Associates        26.03.2010        4,23MB        1.0.0
Microsoft Word 97                10.05.2009        22,8MB       
Microsoft Works        Microsoft Corporation        09.12.2009        282,6MB        08.05.0822
MoodTuner        GUGA EOOD        24.12.2011        6,30MB        1.1
Mozilla Firefox 15.0 (x86 de)        Mozilla        28.08.2012        70,4MB        15.0
Mozilla Firefox 4.0.1 (x86 de)        Mozilla        30.04.2011        30,1MB        4.0.1
Mozilla Maintenance Service        Mozilla        28.08.2012        0,20MB        15.0
Mp3tag v2.49        Florian Heidenreich        28.10.2011        6,91MB        v2.49
MSXML 4.0 SP2 (KB954430)        Microsoft Corporation        26.01.2009        1,28MB        4.20.9870.0
MSXML 4.0 SP2 (KB973688)        Microsoft Corporation        25.11.2009        1,34MB        4.20.9876.0
MSXML 4.0 SP2 Parser and SDK        Microsoft Corporation        08.03.2009        36,00KB        4.20.9818.0
MusicBrainz Picard        MusicBrainz        28.10.2011        33,1MB        0.16
MyDefrag v4.3.1        J.C. Kessels        24.06.2011        3,28MB        4.0.0.0
myGamersCam 1.2        Frogster Online Gaming GmbH        27.02.2009        2,07MB        1.2
Mystery Case Files - Huntsville        Oberon Media        27.10.2008        24,4MB       
Mystery Solitaire - Secret Island        Oberon Media        27.10.2008        19,9MB       
NTI Backup Now 5        NewTech Infosystems        29.07.2008        28,6MB        5.1.2.606
NTI Media Maker 8        NewTech Infosystems        29.07.2008        187,0MB        8.0.2.6329
NVIDIA Drivers                18.08.2009               
Nvu 1.0        Thorsten Fritz        12.08.2011        22,0MB        1.0
OCR Software by I.R.I.S. 13.0        HP        12.09.2010        3,29MB        13.0
OpenOffice.org 3.1        OpenOffice.org        13.10.2009        371,1MB        3.1.9420
Orion        Convesoft        29.07.2008        12,2MB        2.0.1
PC Inspector File Recovery                04.07.2010        5,93MB        4.0
Probeversion von World of Warcraft        Blizzard Entertainment        18.07.2010        1,18MB       
QuickTime        Apple Inc.        31.12.2010        73,7MB        7.69.80.9
Ramsete 2.70                01.01.2011        14,7MB       
Ramsete III                03.01.2011               
Realtek High Definition Audio Driver        Realtek Semiconductor Corp.        29.07.2008        21,6MB        6.0.1.5618
Realtek USB 2.0 Card Reader        Realtek Semiconductor Corp.        29.07.2008        2,97MB       
Rhino RDK                19.01.2011               
Rhinoceros 3.0        Robert McNeel & Associates, 3670 Woodland Park Avenue North, Seattle, WA 98103 USA        19.01.2011        252,0MB        3.0 Release
Rhinoceros 4.0        McNeel & Associates        19.01.2011        238,3MB        4.0.20206
Rhinoceros 4.0 SR3        McNeel & Associates        19.01.2011        89,0MB        4.0.30222
Rhinoceros 4.0 SR4        Robert McNeel & Associates        19.01.2011        89,0MB        4.0.30807
Rhinoceros 4.0 SR4b        Robert McNeel & Associates        19.01.2011        89,0MB        4.0.30827
RocketDock 1.3.5        Punk Software        19.03.2010        12,0MB       
Shop for HP Supplies        HP        12.09.2010        280,5MB        13.0
SPBA 5.8        UPEK Inc.        27.10.2008        20,1MB        5.8.2.4218
Spelling Dictionaries Support For Adobe Reader 8        Adobe Systems        29.08.2009        32,5MB        8.0.0
SPORE™ Labor Basisversion        Electronic Arts        22.08.2009        179,6MB        1.00.0000
STOIK Video Converter 2        STOIK Imaging        03.02.2010        3,16MB        2.1.0.0
Surf & E-Mail-Stick        Huawei Technologies Co.,Ltd        27.09.2011        64,4MB        16.001.06.02.35
Synaptics Pointing Device Driver        Synaptics        29.07.2008        14,4MB        11.1.4.0
T-Splines for Rhino        T-Splines Inc        19.01.2011        2,48MB        1.2
Tablett        Ihr Firmenname        14.08.2009                4.72.0000
TeamSpeak 2 RC2        Dominating Bytes Design        27.01.2009                2.0.32.60
TeamSpeak 3 Client        TeamSpeak Systems GmbH        16.04.2010        35,4MB       
Tomb Raider: Anniversary Demo 1.0                05.05.2011        400,2MB       
TransType Pro        FontLab        08.12.2009        10,1MB        3.0
Turbo Pizza        Oberon Media        27.10.2008        175,4MB       
Uninstall 1.0.0.1                12.04.2011        30,8MB       
V-Ray for Rhinoceros        ASGvis, LLC        19.01.2011        28,1MB        01.01.71
WebTablet FB Plugin        Wacom Technology Corp.        24.12.2011                2.0.0.1
WebTablet IE Plugin        Wacom Technology Corp.        24.12.2011                1.1.0.12
WebTablet Netscape Plugin        Wacom Technology Corp.        24.12.2011        3,01MB        1.1.0.10
WIDCOMM Bluetooth Software 6.0.1.6400        Broadcom Corporation        27.10.2008        35,5MB        6.0.1.6400
Winamp        Nullsoft, Inc        25.12.2010        27,0MB        5.601
Winbond CIR Device Drivers        Winbond Electronics Corporation        29.07.2008        2,25MB        7.60.1012
Windows Live Essentials        Microsoft Corporation        29.07.2008                15.4.3555.0308
Windows Live Mesh ActiveX control for remote connections        Microsoft Corporation        12.02.2011        5,58MB        15.4.5722.2
Windows Live Sync        Microsoft Corporation        01.10.2009        2,79MB        14.0.8089.726
Windows Media Player Firefox Plugin        Microsoft Corp        03.04.2009        0,29MB        1.0.0.8
WinRAR                10.08.2010        3,21MB       
Wisdom-soft Set up ASR 3.1 Pro        Wisdom Software Inc.        20.12.2011        8,40MB       
YP-U1                16.06.2012        5,80MB       
Zoo Tycoon-Erweiterungen                08.05.2011        492,9MB       
Zuma Deluxe        Oberon Media        27.10.2008        11,2MB       
µTorrent                23.07.2012        0,86MB        3.2.0

kira 01.09.2012 00:43
Systemreinigung und Prüfung:

damit ich weiß, welche Änderungen Du vorgenommen hast:
Zitat:
► Berichte mir kurz über alle Umsetzungsschritte (zu jedem Punkt), die Du erledigt hast!
► Wenn Du nun alle Schritte erledigt hast, melde dich mit die gewünschten Ergebnisse zurück!
Nur bei Probleme inzwischen melden!

1.
Windows Defender:
Parallel zu ein AV-Programm nicht Empfehlenswert aktiv laufen lassen, weil dadurch können sich in die Quere kommen. Bitte dich ihn so zu deaktivieren: -> Aktivieren und Deaktivieren von Windows Defender
Windows Defender komplett deaktivieren

Start => Systemsteuerung => Klassische Ansicht => Windows Defender oder
Windows Defender starten (C:\Programme\Windows Defender\MSASCui.exe)

Extras => Optionen => Automatische Überprüfung => Haken bei "Computer automatisch überprüfen" entfernen.
Extras => Optionen => Echtzeitschutz => Haken bei "Echtzeitschutz aktivieren" entfernen.
Extras => Optionen => Administrator => Haken bei "Dieses Programm verwenden" entfernen.

Start => services.msc ins Suchfeld eingeben.
Es öffnet sich das Fenster der Dienste
Doppelklick auf den Dienst "Windows Defender"
Starttyp auf "Manuell" umstellen.
Dienststatus beenden, falls der Dienst noch gestartet ist.
► Nach einem Neustart (falls noch existirt) unter "Start-> ausführen-> "msconfig" (reinschreiben ohne ""-> OK -> Systemstart kontrolliere, ob mitläuft?! - ggf Häckhen rausnehmen
► Unter Dienste:
Start -> Ausführen -> "Services.msc" -> (reinschreiben ohne ""-> OK" - "Eigenschaften"-> "Stop" -> Starttyp "Deaktiviert" auswählen

2.
Code:
Messenger Plus! Live
MessengerPlusLive Germany TB Toolbar:
Zur Kategorie des Unsicheren gehört! Hast Du während der Installation der von Programm "zusätzlich" angebotenen Software abgewählt (etwa wie Sponsorprogramm etc)? Nämlich da neben der eigentlichen Software auch Adware -Programm wird (mit)installiert
Wenn du unbedingt möchtest (nicht empfohlen, da es absolut nicht nötig ist und dein MSN davon nicht betroffen), kannst du nochmal installieren, aber alles genau durchlesen, und Partnerprogrammen, Sponsoren etc möglichst abwählen![/b][/size][/quote]
Immer die benutzerdefinierte Installation wählen, nicht die Standardinstallation, weil dann oft Sachen mitinstalliert werden, die man nicht braucht oder nicht möchte.
es ist besser ein Spy- und Adware freies Messenger Tool einzusetzen - wie Trillian,kann man in der Basisversion von Trillian die Instant Messenger ICQ, AIM, Yahoo! Messenger, Windows Live Messenger (MSN) und IRC vereinen) oder Miranda ),kannst du nochmal installieren,aber alles genau durchlesen, und Partnerprogrammen,Sponsoren etc musst du abwählen!

3.
Zur Info:
AnyDVD <- "Hacker-Tools"

4.
ALTE VERSION!!!:
Code:
Logfile of HijackThis 2.0.2
Die neue Version gibt es hier:
also lösche/deinstalliere HijackThis "2.0.2." und lade Dir erneut von hier HijackThis v2.0.4 herunter

5.
kann deinstalliert werden:
Code:
Bing Bar
Immer mehr Programme bringen eine Toolbar mit.(wie z.B. Google, Yaho,Messenger, Winamp, ICQ usw). Manche Zustimmung der User installiert, manche wieder ohne Wissen des Benutzers;) Viele davon sehr fehleranfällig und fressen eine Menge an Systemressourcen. Zur funktionstüchtigen Installation der jeweiligen Software ist Toolbar aber nicht notwendig, zudem die meisten modernen Browser mit vielen zusätzlichen Funktionen ausgestattet sind. Ausserdem die dazugehörigen Programme, funktionieren auch ohne...

6.
Hast Du absichtlich die IP so als Proxy eingestellt?
Code:
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>
Wenn ja, warum? Wenn nein:
wenn du keinen Proxyserver lokal installiert hast, nimm die Proxyeinstellungen aus den Interneteinstellungen raus
im Internet Explorer:
Extras => Internetoptionen => Verbindungen => Lan-Einstellungen
Haken bei Proxyserver für LAN verwenden und Proxyserver für lokale Adressen umgehen entfernen.

7.
Zitat:
Achtung wichtig!:
Falls Du selber im Logfile Änderungen vorgenommen hast, musst Du durch die Originalbezeichnung ersetzen und so in Script einfügen! sonst funktioniert nicht!
(Benutzerordner, dein Name oder sonstige Änderungen durch X, Stern oder andere Namen ersetzt)
Fixen mit OTL
  • Starte die OTL.exe.
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Kopiere folgendes Skript also - nach dem "Code", alles was in der Codebox steht - (also beginnend mit :OTL und am Ende [emptytemp]), alles was in der Codebox steht (ohne "code"!) :
Code:
:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1008&m=aspire_6930g
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1008&m=aspire_6930g
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {76aeea42-e04a-4b62-83ab-df4b2be2541e} - C:\Programme\MessengerPlusLive_Germany_TB\tbMess.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1008&m=aspire_6930g
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\URLSearchHook: {76aeea42-e04a-4b62-83ab-df4b2be2541e} - C:\Programme\MessengerPlusLive_Germany_TB\tbMess.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7GGLL_de
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=XxWLx4A74_tnGbmr9JOO-sxy-7c?q={searchTerms}
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q="
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
[2010.01.20 12:19:10 | 000,000,923 | ---- | M] () -- C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\743hbu9z.default\searchplugins\conduit.xml
O4 - HKLM..\Run: []  File not found
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{53bd4665-10de-11e0-9874-00238b1c35d8}\Shell - "" = AutoRun
O33 - MountPoints2\{53bd4665-10de-11e0-9874-00238b1c35d8}\Shell\AutoRun\command - "" = E:\USBAutoRun.exe
O33 - MountPoints2\{669f3535-356b-11e1-8007-002269ddee37}\Shell - "" = AutoRun
O33 - MountPoints2\{669f3535-356b-11e1-8007-002269ddee37}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{669f3536-356b-11e1-8007-002269ddee37}\Shell - "" = AutoRun
O33 - MountPoints2\{669f3536-356b-11e1-8007-002269ddee37}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{693eb072-ec7a-11e0-a3df-00238b1c35d8}\Shell - "" = AutoRun
O33 - MountPoints2\{693eb072-ec7a-11e0-a3df-00238b1c35d8}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{693eb074-ec7a-11e0-a3df-00238b1c35d8}\Shell - "" = AutoRun
O33 - MountPoints2\{693eb074-ec7a-11e0-a3df-00238b1c35d8}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{ae2ac478-e9a6-11e0-9f40-00238b1c35d8}\Shell - "" = AutoRun
O33 - MountPoints2\{ae2ac478-e9a6-11e0-9f40-00238b1c35d8}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{ae2ac47b-e9a6-11e0-9f40-00238b1c35d8}\Shell - "" = AutoRun
O33 - MountPoints2\{ae2ac47b-e9a6-11e0-9f40-00238b1c35d8}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe
[2012.08.31 10:27:01 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.31 10:17:28 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
@Alternate Data Stream - 353 bytes -> C:\ProgramData\Temp:05EE1EEF
@Alternate Data Stream - 111 bytes -> C:\ProgramData\Temp:4CF61E54
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:4F636E25
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:2B99FE60

:Files
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]

8.
Adobe Reader aktualisieren :
- Während der Installation aufpassen/mitlesen!: Wenn irgendeine Software, Toolbar etc angeboten wird, bitte abwählen! - (z.B "McAfee Security Scan Plus")
Adobe Reader
Oder: Adobe starten-> gehe auf "Hilfe"-> "Nach Update suchen..."

9.
Alle Programme/Fenster schliessen
Java-Cache leeren

Start => Systemsteuerung => Java => Allgemein => Temporäre Internet-Dateien "Einstellungen" => Dateien löschen => Haken bei "Anwendungen und Applets" sowie bei "Verfolgungs- und Protokolldateien" setzen => OK
-> Wie leere ich den Java-Cache?
-> Java-Cache leeren
-> Kurze Videoanleitung wie man unter Windows 7 und XP den JAVA Cache löschen kann.

10.
Java :
Ältere Versionen falls noch existieren, deinstallieren
► Die alte Java-Versionen verbleiben auf dem PC...aus Sicherheitsgründen müssen entfernt werden,auch in Zukunft darauf achten!
Java(TM) 6 Update 24

11.
Tipps - Der Internet Explorer von Microsoft gehört zur Grundausstattung unter Windows, somit wie alle andere installierte Software muss gepflegt werden! Auch bei Nicht-Verwendung!:
-> Tipps zu Internet Explorer
-> Standard Suchmaschine des Explorers ändern
-> Ändern oder Auswählen eines Suchanbieters in Internet Explorer 7/8
-> Wie kann ich den Cache im Internet Explorer leeren?

12.
Alle Programme/Fenster schliessen
reinige dein System mit CCleaner:
  • "CCleaner"→ "Analysieren"→ Klick auf den Button "Start CCleaner"
  • "Registry""Fehler suchen"→ "Fehler beheben"→ "Alle beheben"
  • Starte dein System neu auf

13.
Vorbereitung
  • Schließe evtl. vorhandene externe Festplatten und/oder sonstigen Wechselmedien (z. B. evtl. vorhandene USB-Sticks) an den Rechner an.
  • Bitte während der Online-Scans deaktivieren:
    Anti-Virus-Programm und Firewall.
  • Internet Explorer starten => im Menü unter Extras => Internetoption => Datenschutz => den Haken bei "Popupblocker einschalten" entfernen und
  • unter dem Reiter "Sicherheit" => die Sicherheitsstufe ggfs. auf "Mittelhoch" herabsetzen.
    Nicht vergessen, sie hinterher wieder einzuschalten bzw. die Internetoptionen wie zuvor einzustellen..
  • Während der Online-Scans auf andere Online-Aktivitäten verzichten.
  • Du musst das Herunterladen und Installieren von ActiveX-Steuerelementen (Controls) zulassen.

  • http://image.hijackthis.eu/upload/activex1.jpg
    .

Den PC NUR online scannen und NICHT ein zweites Antivirenprogramm installieren!!!
  • Eset Online Scanner (NOD32)
    • Unterstützte Betriebssysteme: Microsoft Windows 7 - Vista - XP - 2000 - NT.
    • Anmerkung für Vista und Windows 7-User: Bitte den Browser unbedingt als Administrator starten.
    • Dein Anti-Virus-Programm während des Scans deaktivieren.
    • Button "ESET Online Scanner" drücken.
    • IE-User müssen das Installieren eines ActiveX Elements erlauben.
    • Einen Haken bei "YES, I accept the Terms of Use." machen und auf den Button "Start" drücken.
    • Einen Haken bei "Remove found threads" und "Scan archives" machen.
    • Start drücken.
    • Signaturen werden heruntergeladen.
    • Der Scan beginnt automatisch.
    • Wenn fertig, das Protokoll speichern und mir posten.
      -> List of found threats
      -> Export to text file
      -> Back
      -> Delete quarantäne files
    • Finish drücken.
    • Browser schließen.
    • Deinstallation nachdem das Protokoll mir gepostet hast: Systemsteuerung => Software => Eset Online Scanner V3 entfernen.
    • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

14.
erneut einen Scan mit OTL:
  • Doppelklick auf die OTL.exe
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Oben findest Du ein Kästchen mit Ausgabe.
    Wähle bitte Standard-Ausgabe
  • Unter Extra-Registrierung wähle bitte Benutze SafeList.
  • Mache Häckchen bei LOP- und Purity-Prüfung.
  • Klicke nun auf Scan links oben.
  • Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
    Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.

► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?

Linya 01.09.2012 16:25
Hallo,

Vielen Dank!

1. Windows defender wurde deaktiviert und alle Schritte wie beschrieben durchgeführt. Soll er jetzt immer aus bleiben?

2. + 3. Programme wurden nicht gebraucht und deinstalliert

4. alte Version (hijack This) wurde deinstalliert und neue installiert

5. BingBar wurde deinstalliert

6. Proxyeinstellungen wurden wie beschrieben geändert

7. Fixen mit OTL
Code:
All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{76aeea42-e04a-4b62-83ab-df4b2be2541e} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{76aeea42-e04a-4b62-83ab-df4b2be2541e}\ not found.
File C:\Programme\MessengerPlusLive_Germany_TB\tbMess.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{76aeea42-e04a-4b62-83ab-df4b2be2541e} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{76aeea42-e04a-4b62-83ab-df4b2be2541e}\ not found.
File C:\Programme\MessengerPlusLive_Germany_TB\tbMess.dll not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70D46D94-BF1E-45ED-B567-48701376298E}\ not found.
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=" removed from keyword.URL
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14\ deleted successfully.
C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll not found.
C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\743hbu9z.default\searchplugins\conduit.xml moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost\ deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\GD\\http deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{53bd4665-10de-11e0-9874-00238b1c35d8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53bd4665-10de-11e0-9874-00238b1c35d8}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{53bd4665-10de-11e0-9874-00238b1c35d8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53bd4665-10de-11e0-9874-00238b1c35d8}\ not found.
File E:\USBAutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{669f3535-356b-11e1-8007-002269ddee37}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{669f3535-356b-11e1-8007-002269ddee37}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{669f3535-356b-11e1-8007-002269ddee37}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{669f3535-356b-11e1-8007-002269ddee37}\ not found.
File G:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{669f3536-356b-11e1-8007-002269ddee37}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{669f3536-356b-11e1-8007-002269ddee37}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{669f3536-356b-11e1-8007-002269ddee37}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{669f3536-356b-11e1-8007-002269ddee37}\ not found.
File G:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{693eb072-ec7a-11e0-a3df-00238b1c35d8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{693eb072-ec7a-11e0-a3df-00238b1c35d8}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{693eb072-ec7a-11e0-a3df-00238b1c35d8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{693eb072-ec7a-11e0-a3df-00238b1c35d8}\ not found.
File G:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{693eb074-ec7a-11e0-a3df-00238b1c35d8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{693eb074-ec7a-11e0-a3df-00238b1c35d8}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{693eb074-ec7a-11e0-a3df-00238b1c35d8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{693eb074-ec7a-11e0-a3df-00238b1c35d8}\ not found.
File H:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ae2ac478-e9a6-11e0-9f40-00238b1c35d8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ae2ac478-e9a6-11e0-9f40-00238b1c35d8}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ae2ac478-e9a6-11e0-9f40-00238b1c35d8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ae2ac478-e9a6-11e0-9f40-00238b1c35d8}\ not found.
File G:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ae2ac47b-e9a6-11e0-9f40-00238b1c35d8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ae2ac47b-e9a6-11e0-9f40-00238b1c35d8}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ae2ac47b-e9a6-11e0-9f40-00238b1c35d8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ae2ac47b-e9a6-11e0-9f40-00238b1c35d8}\ not found.
File G:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\ not found.
File G:\AutoRun.exe not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
ADS C:\ProgramData\Temp:05EE1EEF deleted successfully.
ADS C:\ProgramData\Temp:4CF61E54 deleted successfully.
ADS C:\ProgramData\Temp:4F636E25 deleted successfully.
ADS C:\ProgramData\Temp:2B99FE60 deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\Jenny\Desktop\cmd.bat deleted successfully.
C:\Users\Jenny\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56507 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Jenny
->Temp folder emptied: 29831382 bytes
->Temporary Internet Files folder emptied: 24745023 bytes
->Java cache emptied: 40546471 bytes
->FireFox cache emptied: 61017309 bytes
->Google Chrome cache emptied: 277083573 bytes
->Flash cache emptied: 2009536 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 8945118 bytes
RecycleBin emptied: 44516455 bytes
 
Total Files Cleaned = 466,00 mb
 
 
OTL by OldTimer - Version 3.2.59.1 log created on 09012012_115420

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\hlktmp scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
8. Adobe reader wurde aktualisiert

9. Java Cache wurde geleert. Allerdings habe ich keine "Verfolgungs und Protokolldateien" Option gesehen

10. Java6update24 wurde entfernt

11. explorer cache geleert

12. System wie beschrieben mit CCleaner gereinigt und neu gestartet

13. Externe Festplatte angeschlossen und Sicherheitseinstellungen geändert
anschließend onlineScan mit Eset. Ich konnte nach dem Scan das Protokoll nicht finden! Hier ein Screenshot hxxp://s1.directupload.net/images/120901/jps6mfhm.jpg Bin mir nicht sicher ob ich etwas falsch gemacht habe, oder ob keins vorhanden ist, da nichts gefunden wurde. Habe Eset deshalb noch nicht deinstalliert.

Sicherheitseinstellungen wurden nach Scan wieder geändert.

14. Logfiles OTL

Code:
OTL logfile created on: 01.09.2012 16:59:44 - Run 2
OTL by OldTimer - Version 3.2.59.1    Folder = c:\Users\Jenny\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19298)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,99 Gb Total Physical Memory | 1,12 Gb Available Physical Memory | 37,26% Memory free
6,19 Gb Paging File | 3,98 Gb Available in Paging File | 64,27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 49,36 Gb Free Space | 34,27% Space Free | Partition Type: NTFS
Drive D: | 140,50 Gb Total Space | 15,24 Gb Free Space | 10,84% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive I: | 465,76 Gb Total Space | 236,58 Gb Free Space | 50,79% Space Free | Partition Type: NTFS
 
Computer Name: XXXX | User Name: XXXX | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.09.01 11:58:12 | 000,204,800 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\Jenny\AppData\Local\Temp\RtkBtMnt.exe
PRC - [2012.08.31 10:27:08 | 000,598,528 | ---- | M] (OldTimer Tools) -- c:\Users\Jenny\Desktop\OTL.exe
PRC - [2012.08.25 03:59:03 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2012.08.10 18:59:52 | 004,440,896 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Jenny\AppData\Local\Akamai\netsession_win.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.16 18:22:21 | 000,186,832 | ---- | M] (Google Inc.) -- C:\Programme\Google\Update\1.3.21.115\GoogleCrashHandler.exe
PRC - [2012.06.28 13:40:41 | 000,638,048 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\iexplore.exe
PRC - [2012.03.08 18:50:28 | 004,280,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Live\Messenger\msnmsgr.exe
PRC - [2012.01.31 09:56:34 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.01.31 09:56:05 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.01.31 09:55:48 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.01.31 09:55:48 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.09.27 05:45:40 | 000,646,232 | ---- | M] () -- C:\Programme\Bamboo Dock\BambooCore.exe
PRC - [2011.09.08 17:48:34 | 005,554,552 | ---- | M] (Wacom Technology, Corp.) -- C:\Programme\Tablet\Pen\Pen_Tablet.exe
PRC - [2011.09.08 17:48:34 | 003,281,272 | ---- | M] (Wacom Technology, Corp.) -- C:\Programme\Tablet\Pen\Pen_TouchUser.exe
PRC - [2011.09.08 17:48:34 | 001,485,176 | ---- | M] (Wacom Technology, Corp.) -- C:\Programme\Tablet\Pen\Pen_TabletUser.exe
PRC - [2011.09.08 17:48:34 | 000,451,960 | ---- | M] (Wacom Technology, Corp.) -- C:\Programme\Tablet\Pen\Pen_TouchService.exe
PRC - [2011.03.28 20:31:16 | 000,193,920 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2011.03.28 20:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2010.09.02 16:55:28 | 001,045,256 | ---- | M] (Acresso Software Inc.) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2010.04.01 11:02:42 | 000,086,016 | ---- | M] () -- C:\Programme\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe
PRC - [2009.09.04 12:26:19 | 000,446,976 | ---- | M] () -- C:\Programme\DGS\dgsnetd.exe
PRC - [2009.04.11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2009.01.07 21:46:56 | 001,468,296 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft IntelliPoint\ipoint.exe
PRC - [2008.10.28 14:30:27 | 003,520,512 | ---- | M] (Arachnoid Biometrics Identification Group Corp.) -- C:\Programme\Acer\Acer Bio Protection\CompPtcVUI.exe
PRC - [2008.10.28 14:30:19 | 003,602,432 | ---- | M] () -- C:\Programme\Acer\Acer Bio Protection\BASVC.exe
PRC - [2008.08.01 10:51:42 | 000,405,504 | ---- | M] (Acer Inc.) -- C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe
PRC - [2008.07.24 16:54:18 | 000,167,936 | ---- | M] (CyberLink) -- C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
PRC - [2008.07.24 16:54:10 | 000,147,456 | ---- | M] (CyberLink Corp.) -- C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
PRC - [2008.07.20 11:45:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008.07.20 11:45:06 | 000,182,808 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008.07.18 17:04:36 | 000,167,936 | ---- | M] (Acer Corp.) -- C:\Programme\Acer Arcade Deluxe\PlayMovie\PMVService.exe
PRC - [2008.06.04 14:03:36 | 000,817,672 | ---- | M] (Dritek System Inc.) -- C:\Programme\Launch Manager\QtZgAcer.EXE
PRC - [2008.06.02 10:26:22 | 000,319,488 | ---- | M] () -- C:\Programme\Acer\Empowering Technology\Framework.Launcher.exe
PRC - [2008.06.02 10:25:40 | 000,024,576 | ---- | M] () -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe
PRC - [2008.05.30 12:24:30 | 000,544,768 | ---- | M] (Acer Incorporated) -- C:\Programme\Acer\Empowering Technology\eAudio\eAudio.exe
PRC - [2008.05.14 17:05:30 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008.05.14 17:05:22 | 000,526,896 | ---- | M] (Egis Incorporated) -- C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
PRC - [2008.05.07 10:19:26 | 006,139,904 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.04.23 12:22:38 | 001,624,616 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2008.04.23 12:22:38 | 000,727,592 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008.03.25 16:25:06 | 000,050,952 | ---- | M] (UPEK Inc.) -- C:\Programme\Common Files\SPBA\upeksvr.exe
PRC - [2008.02.19 09:12:18 | 000,537,256 | ---- | M] ( ) -- C:\Windows\System32\lxbkcoms.exe
PRC - [2008.01.21 04:25:32 | 000,198,656 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\ink\InputPersonalization.exe
PRC - [2008.01.21 04:24:44 | 002,585,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FirewallControlPanel.exe
PRC - [2008.01.16 19:35:02 | 000,081,504 | ---- | M] () -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
PRC - [2008.01.10 18:03:00 | 000,233,472 | ---- | M] (Acer Incorporated) -- C:\Programme\Acer\Acer VCM\RS_Service.exe
PRC - [2007.12.06 16:15:28 | 000,110,592 | ---- | M] () -- C:\ACER\Mobility Center\MobilityService.exe
PRC - [2007.10.23 11:56:18 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2007.09.02 14:58:52 | 000,495,616 | ---- | M] () -- D:\Programme\RocketDock\RocketDock.exe
PRC - [2007.04.03 07:09:18 | 044,814,336 | ---- | M] (Adobe Systems, Incorporated) -- D:\Programme\CS3\Adobe Photoshop CS3\Photoshop.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.08.25 03:59:17 | 002,242,528 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2012.06.15 10:53:01 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8bbcd31ecc8edc7d1f9cdd83ef2bb2d3\System.ServiceProcess.ni.dll
MOD - [2012.06.15 10:50:42 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll
MOD - [2012.06.15 10:50:32 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll
MOD - [2012.05.14 11:15:33 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f3d4d5fe5ab848fbfcf91a49960dc8ae\System.Management.ni.dll
MOD - [2012.05.14 11:13:46 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll
MOD - [2012.05.14 10:37:23 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll
MOD - [2012.05.14 10:35:28 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012.05.14 10:35:15 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
MOD - [2011.09.27 05:45:40 | 000,646,232 | ---- | M] () -- C:\Programme\Bamboo Dock\BambooCore.exe
MOD - [2011.09.08 17:48:36 | 000,962,936 | ---- | M] () -- C:\Programme\Tablet\Pen\libxml2.dll
MOD - [2010.03.15 11:28:22 | 000,141,824 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2009.09.04 12:26:19 | 000,446,976 | ---- | M] () -- C:\Programme\DGS\dgsnetd.exe
MOD - [2009.03.30 06:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008.12.31 06:31:25 | 000,034,088 | R--- | M] () -- C:\Programme\Cyberlink\Shared files\richvideops.dll
MOD - [2008.10.28 14:17:21 | 000,573,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.UIComponent\3.0.3009.0__739b31b1908c49e5\Framework.UIComponent.dll
MOD - [2008.10.28 14:17:21 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3009.0__3036420f80dd6947\Framework.Library.dll
MOD - [2008.10.28 14:17:21 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3009.0__4df5dcab8860d239\Framework.Utility.dll
MOD - [2008.10.28 14:17:21 | 000,015,360 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Host\3.0.3009.0__672b450de5a7e94a\Framework.Host.dll
MOD - [2008.10.28 14:17:21 | 000,009,216 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3009.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll
MOD - [2008.10.28 14:17:21 | 000,006,144 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.PluginInterface\3.0.3009.0__9ecdf03bb2054f94\Framework.PluginInterface.dll
MOD - [2008.07.24 16:54:20 | 000,757,760 | ---- | M] () -- C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMediaLibrary.dll
MOD - [2008.07.24 16:54:16 | 000,007,680 | ---- | M] () -- C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvcPS.dll
MOD - [2008.06.11 10:21:46 | 000,204,800 | ---- | M] () -- C:\Windows\System32\SysHook.dll
MOD - [2008.06.02 10:26:22 | 000,319,488 | ---- | M] () -- C:\Programme\Acer\Empowering Technology\Framework.Launcher.exe
MOD - [2008.06.02 10:25:36 | 000,013,824 | ---- | M] () -- C:\Programme\Acer\Empowering Technology\Framework.Presenter.dll
MOD - [2008.06.02 10:25:02 | 000,005,120 | ---- | M] () -- C:\Programme\Acer\Empowering Technology\de\Framework.AppBar.resources.dll
MOD - [2008.06.02 10:25:00 | 001,822,720 | ---- | M] () -- C:\Programme\Acer\Empowering Technology\Framework.AppBar.dll
MOD - [2008.05.30 12:25:12 | 000,028,672 | ---- | M] () -- C:\Programme\Acer\Empowering Technology\eAudio\eAudioMenuPlugin.dll
MOD - [2008.05.26 14:39:26 | 000,020,480 | ---- | M] () -- C:\Programme\Acer\Empowering Technology\eSettings\eSettings.QuickMenu.dll
MOD - [2008.05.14 17:05:10 | 000,227,888 | ---- | M] () -- C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll
MOD - [2007.10.23 11:56:18 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
MOD - [2007.09.02 14:58:52 | 000,495,616 | ---- | M] () -- D:\Programme\RocketDock\RocketDock.exe
MOD - [2007.09.02 14:57:36 | 000,069,632 | ---- | M] () -- D:\Programme\RocketDock\RocketDock.dll
MOD - [2007.04.03 07:10:00 | 002,342,912 | ---- | M] () -- D:\Programme\CS3\Adobe Photoshop CS3\Photoshop.dll
MOD - [2007.04.03 07:09:18 | 000,049,152 | ---- | M] () -- D:\Programme\CS3\Adobe Photoshop CS3\QuickTimeGlue.dll
MOD - [2007.04.03 07:09:14 | 000,393,216 | ---- | M] () -- D:\Programme\CS3\Adobe Photoshop CS3\AdobeXMP.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2012.08.30 21:57:58 | 004,537,664 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_5891ae0.dll -- (Akamai)
SRV - [2012.08.25 03:59:11 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.01.31 09:56:05 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.01.31 09:55:48 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.11.16 18:23:44 | 000,377,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2011.09.08 17:48:34 | 005,554,552 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Programme\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen)
SRV - [2011.09.08 17:48:34 | 000,451,960 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Programme\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen)
SRV - [2011.07.20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2011.03.28 20:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.09.22 17:33:04 | 000,051,040 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.09.02 16:55:28 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Running] -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.04.01 11:02:42 | 000,086,016 | ---- | M] () [Auto | Running] -- C:\Programme\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe -- (mi-raysat_3dsmax2011_32)
SRV - [2009.09.04 12:26:19 | 000,446,976 | ---- | M] () [Auto | Running] -- C:\Programme\DGS\dgsnetd.exe -- (DGSnetd)
SRV - [2008.10.28 14:30:19 | 003,602,432 | ---- | M] () [Auto | Running] -- C:\Programme\Acer\Acer Bio Protection\BASVC.exe -- (IGBASVC)
SRV - [2008.07.20 11:45:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2008.06.02 10:25:40 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV - [2008.05.14 17:05:30 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008.02.19 09:12:18 | 000,537,256 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxbkcoms.exe -- (lxbk_device)
SRV - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.16 19:35:02 | 000,081,504 | ---- | M] () [Auto | Running] -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService)
SRV - [2008.01.10 18:03:00 | 000,233,472 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2007.12.06 16:15:28 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\ACER\Mobility Center\MobilityService.exe -- (MobilityService)
SRV - [2007.03.20 17:41:24 | 000,153,792 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Programme\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3)
SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\WacomVKHid.sys -- (WacomVKHid)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\Spiele\setups\MastelaRO Full Client\npkcrypt.sys -- (npkcrypt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012.07.25 11:23:41 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2012.01.31 09:56:33 | 000,137,416 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.01.31 09:56:33 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.09.16 17:08:07 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011.09.08 18:49:24 | 000,014,120 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2010.10.21 10:45:18 | 000,025,216 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2010.10.21 10:45:16 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2010.10.21 10:45:16 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2010.09.27 17:42:16 | 000,238,208 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\akshasp.sys -- (akshasp)
DRV - [2010.09.27 17:42:14 | 000,588,800 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\hardlock.sys -- (hardlock)
DRV - [2010.09.27 17:42:14 | 000,016,384 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\aksusb.sys -- (aksusb)
DRV - [2010.05.12 13:23:04 | 000,016,896 | ---- | M] (Danish Wireless Design A/S) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\FlashUSB.sys -- (FlashUSB)
DRV - [2009.12.07 19:53:18 | 000,103,168 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.10.08 17:55:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008.12.20 02:08:28 | 000,030,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\point32k.sys -- (Point32)
DRV - [2008.10.28 14:30:15 | 000,042,608 | ---- | M] (Alfa Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AlfaFF.sys -- (AlfaFF)
DRV - [2008.10.06 11:53:24 | 000,015,656 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV - [2008.07.18 18:23:00 | 007,545,824 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008.07.18 17:05:10 | 000,061,424 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Programme\Acer Arcade Deluxe\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})
DRV - [2008.06.25 07:05:06 | 000,044,064 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008.05.19 18:23:00 | 000,047,104 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1E60x86.sys -- (L1E)
DRV - [2008.05.05 03:05:00 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32)
DRV - [2008.01.16 19:35:08 | 000,122,368 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys -- (NTIPPKernel)
DRV - [2007.10.19 00:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007.03.28 07:51:40 | 000,043,008 | ---- | M] (Winbond Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winbondcir.sys -- (winbondcir)
DRV - [2007.02.16 11:12:36 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2007.01.26 08:32:18 | 000,069,632 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2005.11.16 16:42:48 | 000,045,056 | ---- | M] (InterVideo) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\iviVD.sys -- (iviVD)
DRV - [2001.04.09 20:45:00 | 000,008,138 | ---- | M] (Wacom Technology Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\penclass.sys -- (PenClass)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7GGLL_de
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {6e764c17-863a-450f-bdd0-6772bd5aaa18}:1.0.3
FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.5
FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.12.2.44079
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: tineye@ideeinc.com:1.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q="
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: D:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10: C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.09.13 17:41:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.03.01 18:42:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.08.29 15:46:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.09.01 12:12:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\version4\components [2011.06.14 17:04:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\version4\plugins [2012.09.01 12:12:59 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.09.13 17:41:53 | 000,000,000 | ---D | M]
 
[2009.01.27 22:58:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jenny\AppData\Roaming\mozilla\Extensions
[2012.08.31 23:38:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jenny\AppData\Roaming\mozilla\Firefox\Profiles\743hbu9z.default\extensions
[2010.04.30 22:55:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jenny\AppData\Roaming\mozilla\Firefox\Profiles\743hbu9z.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.08.31 23:38:06 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Jenny\AppData\Roaming\mozilla\Firefox\Profiles\743hbu9z.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011.07.20 21:43:50 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Jenny\AppData\Roaming\mozilla\Firefox\Profiles\743hbu9z.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.03.29 21:42:53 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Jenny\AppData\Roaming\mozilla\Firefox\Profiles\743hbu9z.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.08.19 21:09:48 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Jenny\AppData\Roaming\mozilla\Firefox\Profiles\743hbu9z.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(147)
[2010.08.19 21:09:49 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Jenny\AppData\Roaming\mozilla\Firefox\Profiles\743hbu9z.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(148)
[2012.04.08 10:11:02 | 000,000,000 | ---D | M] (Browser Companion Helper) -- C:\Users\Jenny\AppData\Roaming\mozilla\Firefox\Profiles\743hbu9z.default\extensions\bbrs_002@blabbers.com
[2011.02.17 00:34:07 | 000,000,000 | ---D | M] (TinEye Reverse Image Search) -- C:\Users\Jenny\AppData\Roaming\mozilla\Firefox\Profiles\743hbu9z.default\extensions\tineye@ideeinc.com
[2012.08.28 21:44:50 | 000,001,056 | ---- | M] () -- C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\743hbu9z.default\searchplugins\icqplugin.xml
[2012.08.29 15:46:53 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.05.01 00:11:48 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\version4\extensions
[2011.05.01 00:11:48 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\version4\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012.08.31 23:21:26 | 000,527,328 | ---- | M] () (No name found) -- C:\USERS\JENNY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\743HBU9Z.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
[2011.10.29 21:09:53 | 000,434,392 | ---- | M] () (No name found) -- C:\USERS\JENNY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\743HBU9Z.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
[2012.08.25 04:00:05 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.12.09 12:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012.08.25 04:49:52 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.25 04:49:52 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.08.25 04:49:52 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.08.25 04:49:52 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.08.25 04:49:52 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.08.25 04:49:52 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.83\pdf.dll
CHR - plugin:  (Enabled) = C:\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\kolgnaidildmdbfgdnoapjdianbpajne\1.0.5_0\chromeNPAPI.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: WacomTabletPlugin (Enabled) = C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll
CHR - plugin:  Wacom Dynamic Link Library (Enabled) = C:\Program Files\TabletPlugins\npwacom.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Foxkeh Theme = C:\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdfmcddmngjdmjmhhpcnbnmnkdhpjhef\0.0.5_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Programme\CS3\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Programme\CS3\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Programme\CS3\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe_ID0EYTHM] C:\Programme\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)
O4 - HKLM..\Run: [BambooCore] C:\Programme\Bamboo Dock\BambooCore.exe ()
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [ePower_DMC] C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4 - HKLM..\Run: [eRecoveryService]  File not found
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartDGSnetd] C:\Programme\DGS\dgsnetd.exe ()
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Jenny\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [RocketDock] D:\Programme\RocketDock\RocketDock.exe ()
O4 - Startup: C:\Users\Jenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Local security authentication server.lnk =  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O8 - Extra context menu item: An vorhandenes PDF anfügen - D:\Programme\CS3\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - D:\Programme\CS3\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - D:\Programme\CS3\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - D:\Programme\CS3\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - D:\Programme\CS3\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Jenny\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: In Adobe PDF konvertieren - D:\Programme\CS3\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - D:\Programme\CS3\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - D:\Programme\CS3\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programme\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programme\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - D:\Programme\icq\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - D:\Programme\icq\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 10.5.0)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 1.7.0_05)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{58F6CE43-4FE6-4393-8EC7-B3A4A2B65993}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\base64 - No CLSID value found
O18 - Protocol\Handler\chrome - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\prox - No CLSID value found
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - (C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll) - C:\Programme\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)
O20 - Winlogon\Notify\spba: DllName - (C:\Program Files\Common Files\SPBA\homefus2.dll) - C:\Programme\Common Files\SPBA\homefus2.dll (UPEK Inc.)
O24 - Desktop WallPaper: C:\Users\Jenny\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Jenny\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.01.02 22:51:48 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - Unable to obtain root file information for disk I:\
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.09.01 12:06:25 | 051,769,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Users\Jenny\Desktop\AdbeRdr1014_de_DE.exe
[2012.09.01 11:54:20 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.09.01 11:43:46 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2012.09.01 11:08:36 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{B128F32D-7D48-4D9A-80C0-977CA7D2C7C0}
[2012.08.31 23:04:28 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{A36FFF7C-69B7-439D-B515-AF947C1E9647}
[2012.08.31 10:27:05 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Users\Jenny\Desktop\OTL.exe
[2012.08.31 10:22:05 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{E375D325-143A-43A7-A519-61A1C9D500B4}
[2012.08.30 22:21:48 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{FC05CAF2-DDD5-4271-B1F1-ABAEE7AEF83A}
[2012.08.30 13:35:32 | 000,000,000 | ---D | C] -- C:\Users\Jenny\Desktop\Profiles
[2012.08.30 13:08:30 | 000,000,000 | ---D | C] -- C:\Users\Jenny\Desktop\743hbu9z.default
[2012.08.30 10:21:31 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{75513B9D-D703-4963-86DD-443587B5B92D}
[2012.08.29 15:12:23 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{628E1020-0280-4559-822A-56639F0EC5A1}
[2012.08.28 11:42:12 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{A301DAB2-8D8F-4C17-83DE-F1B635D1426D}
[2012.08.27 18:08:15 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{56ECC2C0-F7FD-4E7D-8129-C97D628F6822}
[2012.08.26 19:16:27 | 000,000,000 | ---D | C] -- C:\Users\Jenny\Desktop\Neuer Ordner
[2012.08.26 09:17:46 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{F60A620D-CBA8-45CB-818D-3889C6594C09}
[2012.08.25 13:28:04 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{1E19FFD3-EF94-40D9-9A1D-12F15A50D8DE}
[2012.08.24 16:47:47 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{FC6CED50-E4BE-42D3-B2BD-473B94E3170F}
[2012.08.23 22:51:11 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{4A4EB1BB-6349-4C66-A3AE-D0BD2F5B4993}
[2012.08.23 10:50:50 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{28FB832A-91CD-48EE-BCF9-8850A31DCF5E}
[2012.08.22 10:15:52 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{8E8C1E43-278D-43D2-81F2-1B25559C3B0F}
[2012.08.21 15:21:25 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{C4F497D5-AEDD-4AE5-A7C3-4AD7CCC35962}
[2012.08.20 22:52:24 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{DDD14536-F76F-4A3F-966A-DA1B4EB7897B}
[2012.08.20 11:07:46 | 002,047,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.08.20 11:01:33 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.08.20 11:01:33 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.08.20 11:01:30 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.08.20 11:01:30 | 000,629,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.08.20 11:01:30 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2012.08.20 11:01:29 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012.08.20 11:01:29 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012.08.20 11:01:29 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012.08.20 11:01:29 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.08.20 11:01:29 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012.08.20 11:01:29 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012.08.20 11:01:29 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012.08.20 11:01:29 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012.08.20 11:01:29 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012.08.20 11:01:28 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.08.20 11:01:28 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012.08.20 11:01:28 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.08.20 11:01:28 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012.08.20 10:52:08 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{33541514-8C76-43D3-A30E-94E8599DC555}
[2012.08.19 19:55:45 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{D727D75B-CA0D-457B-B127-6205A6E544F1}
[2012.08.18 20:46:19 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{E68A5A6B-232B-4959-9392-2C2D01D5C5B3}
[2012.08.18 20:46:10 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{1ACEAB98-F114-4743-8BA5-6E718CF7F6E0}
[2012.08.17 16:08:34 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{C9D6317B-E179-4DE7-9F60-6FB1A50194E9}
[2012.08.17 16:08:29 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{3E260075-0AC8-411B-8760-2375BC11689B}
[2012.08.16 21:58:17 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{10C3ABE8-0035-4D27-A8C1-0A843606DA31}
[2012.08.16 09:58:00 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{985ABF91-167C-445D-A4DE-E0AB14E9BADD}
[2012.08.16 09:57:52 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{22783D17-7C37-48F8-9B8A-A38FE8D92C1B}
[2012.08.15 18:14:31 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{9CBD5DCB-6D5F-4055-B4EA-E516E0CC44E8}
[2012.08.15 18:14:28 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{4AC2238A-A41B-4200-B0EF-6113ACCE1FC8}
[2012.08.14 14:24:59 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{9A770879-7A13-4685-9686-525AD1987F36}
[2012.08.14 14:24:55 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{DC85DFCC-0DE1-46EE-96FB-80E1E1D05918}
[2012.08.13 19:48:51 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{8C606F86-FB55-48C5-9AF4-5A60423F5F4E}
[2012.08.13 19:48:47 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{EAB836C9-5D9D-42DB-AE85-EA2192E82A99}
[2012.08.13 07:48:21 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{1CA72312-D287-4210-B24F-1EDA7AEB2FBB}
[2012.08.13 07:48:11 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{ED896EE9-A3AC-43A7-9BE5-FE93E2A2BA25}
[2012.08.12 12:49:36 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{D89DCEFA-1351-4F58-97AE-0203DC3CA376}
[2012.08.12 12:49:31 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{EF1C9239-4DD0-4B34-B9A2-C00972C16096}
[2012.08.11 14:49:06 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{E9C74C1F-03D7-4543-A0D7-5F43F4927DF9}
[2012.08.11 14:49:03 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{1779E30E-C28C-4838-9B86-46435243D126}
[2012.08.10 17:38:15 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{B485E729-89A1-40EC-9D5C-C5BADD87FB24}
[2012.08.10 17:38:11 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{04C0137A-5BF1-4326-BE44-3EA97C5A9687}
[2012.08.09 16:13:27 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{F08F020C-1F6B-4277-B913-4FEFD912DC1C}
[2012.08.09 16:13:21 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{6538CCE4-5C76-40DB-903C-6F3198ADAB30}
[2012.08.08 16:38:32 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{7A260BEF-FD13-4865-9AA9-C80617C7FF34}
[2012.08.08 16:38:27 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{58C146BD-AA54-4F15-A340-AC69371FBA87}
[2012.08.07 21:32:48 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2012.08.07 16:47:09 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{5B2D35CB-0C5A-4952-BE52-5E175C01E43F}
[2012.08.07 16:47:05 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{80C55C10-E0C6-4A1F-9CFD-E19C5B3DCDCF}
[2012.08.06 13:06:59 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{E5ACFDF6-FF99-4258-8BD0-016094979E28}
[2012.08.06 13:06:54 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{FF6E6317-2E4F-4C1B-8D56-9903781CFCD8}
[2012.08.05 15:26:55 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{B851BA96-7EB4-4B17-ACE7-095C724C37B1}
[2012.08.05 15:26:44 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{1953354E-6BF2-46E0-BB62-746703108C7A}
[2012.08.04 14:42:30 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{7973F559-9879-4849-B7E7-21419DE51407}
[2012.08.04 14:42:26 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{7EFAF018-B6CA-4247-9F06-DD0782B400A5}
[2012.08.03 17:43:57 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{70391954-D52A-4C11-BBD8-4F0E84912D73}
[2012.08.03 17:43:52 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{3F54C839-2DA8-4CDA-AD9A-1403FF39BF45}
[1 C:\Users\Jenny\Documents\*.tmp files -> C:\Users\Jenny\Documents\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.09.01 16:50:07 | 000,339,744 | ---- | M] () -- C:\Users\Jenny\Desktop\eset.jpg
[2012.09.01 16:42:43 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.01 16:42:43 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.01 14:16:09 | 000,000,974 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2012.09.01 12:47:30 | 000,628,992 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.09.01 12:47:30 | 000,596,246 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.09.01 12:47:30 | 000,126,704 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.09.01 12:47:30 | 000,104,320 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.09.01 12:38:17 | 000,069,885 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012.09.01 12:37:51 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2012.09.01 12:37:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.01 12:36:54 | 3215,839,232 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.01 12:35:38 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.09.01 12:34:30 | 000,008,806 | ---- | M] () -- C:\Users\Jenny\Desktop\cc_20120901_123348.reg
[2012.09.01 12:13:00 | 000,001,896 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012.09.01 12:08:56 | 051,769,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\Jenny\Desktop\AdbeRdr1014_de_DE.exe
[2012.09.01 11:43:46 | 000,001,954 | ---- | M] () -- C:\Users\Jenny\Desktop\HiJackThis.lnk
[2012.09.01 11:41:15 | 001,402,880 | ---- | M] () -- C:\Users\Jenny\Desktop\HiJackThis.msi
[2012.08.31 10:27:08 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Jenny\Desktop\OTL.exe
[2012.08.30 23:57:10 | 000,511,265 | ---- | M] () -- C:\Users\Jenny\Desktop\adwcleaner.exe
[2012.08.30 19:48:51 | 000,908,794 | ---- | M] () -- C:\Users\Jenny\Desktop\firefox.jpg
[2012.08.30 19:48:30 | 000,963,676 | ---- | M] () -- C:\Users\Jenny\Desktop\chrome.jpg
[2012.08.30 19:40:07 | 000,000,688 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.08.30 18:50:35 | 000,004,165 | ---- | M] () -- C:\Users\Jenny\Desktop\fox.gif
[2012.08.30 18:46:29 | 000,004,165 | ---- | M] () -- C:\Users\Jenny\Desktop\pyong_raposa_fox-05.gif
[2012.08.30 14:09:14 | 000,267,596 | ---- | M] () -- C:\Users\Jenny\Desktop\java.jpg
[2012.08.30 14:03:29 | 000,314,008 | ---- | M] () -- C:\Users\Jenny\Desktop\bookmarks.html
[2012.08.30 13:09:57 | 000,121,230 | ---- | M] () -- C:\Users\Jenny\Desktop\bookmarks-2012-08-30.json
[2012.08.29 19:03:09 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.08.29 19:03:09 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.08.27 00:08:03 | 000,069,885 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012.08.26 22:09:36 | 000,220,160 | ---- | M] () -- C:\Users\Jenny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.08.23 17:00:27 | 000,000,680 | ---- | M] () -- C:\Users\Jenny\AppData\Local\d3d9caps.dat
[2012.08.21 15:16:29 | 002,543,872 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.08.13 10:08:36 | 000,007,962 | ---- | M] () -- C:\cc_20120813_100832.reg
[2012.08.13 09:57:34 | 000,002,299 | ---- | M] () -- C:\Users\Jenny\AppData\Roaming\acervcmtmp.ini
[1 C:\Users\Jenny\Documents\*.tmp files -> C:\Users\Jenny\Documents\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.09.01 16:48:50 | 000,339,744 | ---- | C] () -- C:\Users\Jenny\Desktop\eset.jpg
[2012.09.01 12:34:18 | 000,008,806 | ---- | C] () -- C:\Users\Jenny\Desktop\cc_20120901_123348.reg
[2012.09.01 12:13:00 | 000,001,896 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012.09.01 12:12:59 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012.09.01 11:43:46 | 000,001,954 | ---- | C] () -- C:\Users\Jenny\Desktop\HiJackThis.lnk
[2012.09.01 11:41:14 | 001,402,880 | ---- | C] () -- C:\Users\Jenny\Desktop\HiJackThis.msi
[2012.08.30 23:57:01 | 000,511,265 | ---- | C] () -- C:\Users\Jenny\Desktop\adwcleaner.exe
[2012.08.30 19:48:49 | 000,908,794 | ---- | C] () -- C:\Users\Jenny\Desktop\firefox.jpg
[2012.08.30 19:48:28 | 000,963,676 | ---- | C] () -- C:\Users\Jenny\Desktop\chrome.jpg
[2012.08.30 19:40:07 | 000,000,688 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.08.30 18:50:34 | 000,004,165 | ---- | C] () -- C:\Users\Jenny\Desktop\fox.gif
[2012.08.30 18:46:37 | 000,004,165 | ---- | C] () -- C:\Users\Jenny\Desktop\pyong_raposa_fox-05.gif
[2012.08.30 14:09:12 | 000,267,596 | ---- | C] () -- C:\Users\Jenny\Desktop\java.jpg
[2012.08.30 14:03:29 | 000,314,008 | ---- | C] () -- C:\Users\Jenny\Desktop\bookmarks.html
[2012.08.30 13:09:57 | 000,121,230 | ---- | C] () -- C:\Users\Jenny\Desktop\bookmarks-2012-08-30.json
[2012.08.13 10:08:35 | 000,007,962 | ---- | C] () -- C:\cc_20120813_100832.reg
[2011.12.28 22:42:43 | 000,153,936 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2011.12.26 22:42:10 | 000,000,783 | ---- | C] () -- C:\Windows\NTIWVEDT.INI
[2011.12.23 01:03:57 | 000,032,256 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2011.12.21 20:27:57 | 000,758,018 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011.12.21 20:27:57 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011.12.21 20:27:56 | 008,676,883 | ---- | C] () -- C:\Windows\System32\NCMedia2.dll
[2011.09.06 22:41:28 | 000,000,314 | ---- | C] () -- C:\Windows\wininit.ini
[2011.07.26 14:35:22 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011.06.23 17:31:10 | 000,000,275 | ---- | C] () -- C:\Users\Jenny\AppData\Local\HamsterVideoConverterSettings.cfg
[2011.02.06 15:16:59 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
[2011.02.06 15:16:59 | 000,002,413 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
[2011.01.20 23:23:44 | 000,200,704 | ---- | C] () -- C:\Windows\System32\BongoSDK.10.v40.dll
[2011.01.04 10:56:56 | 001,630,700 | ---- | C] () -- C:\Program Files\dgs_install.zip
[2011.01.04 10:56:12 | 000,022,376 | -H-- | C] () -- C:\Users\Jenny\.sw-main934
[2011.01.04 10:56:12 | 000,002,560 | -H-- | C] () -- C:\Users\Jenny\.sw-recents
[2010.09.13 17:31:10 | 000,197,053 | ---- | C] () -- C:\Windows\hpwins27.dat
[2010.08.29 21:36:18 | 000,000,093 | ---- | C] () -- C:\Users\Jenny\AppData\Local\fusioncache.dat
[2009.12.29 03:06:59 | 000,000,680 | ---- | C] () -- C:\Users\Jenny\AppData\Local\d3d9caps.dat
[2009.02.01 13:33:46 | 000,220,160 | ---- | C] () -- C:\Users\Jenny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.01.30 21:06:56 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009.01.27 19:11:27 | 000,002,299 | ---- | C] () -- C:\Users\Jenny\AppData\Roaming\acervcmtmp.ini
[2009.01.27 18:15:05 | 000,069,885 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.01.27 18:12:48 | 000,069,885 | ---- | C] () -- C:\ProgramData\nvModes.dat
 
========== LOP Check ==========
 
[2009.02.07 01:05:03 | 000,000,000 | -HSD | M] -- C:\Users\Jenny\AppData\Roaming\.#
[2009.02.17 22:25:49 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Acer
[2008.07.30 04:10:28 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Acer GameZone Console
[2011.10.29 20:40:26 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Atari
[2011.01.30 21:58:04 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Autodesk
[2010.01.30 13:01:10 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Blender Foundation
[2011.12.25 13:04:25 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\com.gugga.radiomini
[2012.07.25 11:31:47 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\DAEMON Tools Lite
[2012.08.13 09:57:19 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Dropbox
[2011.12.22 01:22:50 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\DVDVideoSoft
[2011.07.20 21:43:41 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\DVDVideoSoftIEHelpers
[2009.01.27 18:16:29 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\eSobi
[2011.06.23 23:02:57 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\FreeFLVConverter
[2010.08.25 14:45:53 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\GetRightToGo
[2011.11.06 23:03:06 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\IcoFX
[2011.08.21 00:51:13 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\ICQ
[2009.08.30 16:45:27 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\LG Electronics
[2010.01.29 00:06:56 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Morpheus Software
[2011.10.29 23:24:11 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Mp3tag
[2011.10.29 23:11:33 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\MusicBrainz
[2011.08.13 00:21:35 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Nvu
[2009.10.14 20:36:24 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\OpenOffice.org
[2010.08.22 11:52:58 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\PlayFirst
[2010.04.01 13:05:30 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\SecondLife
[2009.08.25 00:37:43 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\SPORE Creature Creator
[2010.02.04 11:06:57 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\STOIK
[2010.05.10 22:09:07 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\TS3Client
[2010.08.29 21:53:54 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Turbine
[2012.07.24 22:09:58 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\uTorrent
[2011.12.25 11:50:07 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Wacom
[2011.12.25 11:56:55 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
[2010.10.08 12:42:01 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Windows Live Writer
[2012.09.01 12:35:38 | 000,032,530 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >

Linya 01.09.2012 16:37
Code:
OTL Extras logfile created on: 01.09.2012 16:59:45 - Run 2
OTL by OldTimer - Version 3.2.59.1    Folder = c:\Users\Jenny\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19298)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,99 Gb Total Physical Memory | 1,12 Gb Available Physical Memory | 37,26% Memory free
6,19 Gb Paging File | 3,98 Gb Available in Paging File | 64,27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 49,36 Gb Free Space | 34,27% Space Free | Partition Type: NTFS
Drive D: | 140,50 Gb Total Space | 15,24 Gb Free Space | 10,84% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive I: | 465,76 Gb Total Space | 236,58 Gb Free Space | 50,79% Space Free | Partition Type: NTFS
 
Computer Name: XXXX | User Name: XXXX | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [CEWE FOTOSCHAU] -- "D:\Programme\dm Fotowelt\dm-Fotowelt\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- D:\Programme\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [dm Fotowelt] -- "D:\Programme\dm Fotowelt\dm Fotowelt.exe" "%1" ()
Directory [dm-Fotowelt] -- "D:\Programme\dm Fotowelt\dm-Fotowelt\dm-Fotowelt.exe" "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Programme\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption -- ( Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption -- ( Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe:*:Enabled:eDSMgr
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe:*:Enabled:encryption
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe:*:Enabled:decryption
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe:*:Enabled:eDSMgr
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04C38445-AF55-4626-ABEA-F4A0475BBDAD}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{0B94C6F8-B1FA-46E7-A81E-768D35F22CB1}" = lport=50900 | protocol=6 | dir=in | name=adobe version cue cs3 server |
"{1FC0F839-89C0-444E-B0EA-2F2E49C3CFAA}" = lport=2869 | protocol=6 | dir=in | app=system |
"{31C3CCD8-BFE8-49AB-B971-FB7C3FC6CF09}" = lport=50901 | protocol=6 | dir=in | name=adobe version cue cs3 server |
"{59438DE2-21FE-490E-A004-E2A0D8DC75ED}" = lport=49158 | protocol=6 | dir=in | name=akamai netsession interface |
"{70710AFC-B322-48A1-B7D1-E764C883D823}" = lport=3704 | protocol=6 | dir=in | name=adobe version cue cs3 server |
"{8A4AD6A8-10B0-478B-8A04-E6483AC32C10}" = lport=3703 | protocol=6 | dir=in | name=adobe version cue cs3 server |
"{9061396F-2AEF-43CA-A884-777597A80971}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{E639AADE-359D-4FAD-A942-72083826C63B}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{FC980B70-A17B-47A6-86C1-B0540A7F919F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0311C8B4-F137-4B20-883B-FA4DFBD40991}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe |
"{0D66F652-EB71-4C4F-B4F2-8783AB710EE2}" = protocol=17 | dir=in | app=d:\programme\icq\icq7.4\icq.exe |
"{0F472933-D79C-422F-89DE-272C10DE7F43}" = protocol=17 | dir=in | app=c:\program files\3dsmax\mentalimages\satellite\raysat_3dsmax2011_32.exe |
"{14B0664F-D1FC-40D1-8C29-49D7F23BFDDE}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{170F9811-0166-4F95-BC07-111DE0B6FD37}" = protocol=17 | dir=in | app=d:\programme\icq\icq7.4\icq.exe |
"{18911FCF-CEA1-4001-9B2A-10874B579CE9}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{1CA1BEED-350E-40F3-AC52-8C96C117F7B9}" = protocol=6 | dir=in | app=d:\programme\icq\icq7.4\icq.exe |
"{1F459D85-0657-4CAF-A5F9-21BD94091F70}" = dir=in | app=c:\program files\acer\acer vcm\vc.exe |
"{2362F9B1-6FE0-4148-A122-D03B0130994D}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{2567D9BA-2DEF-41E8-ABC0-8ADB06020566}" = protocol=17 | dir=in | app=c:\program files\3dsmax\mentalimages\satellite\raysat_3dsmax2011_32server.exe |
"{28F66114-24E9-4EFA-BC8A-8965E95CCD61}" = protocol=17 | dir=in | app=d:\programme\icq\icq7.4\icq.exe |
"{292C16F0-F366-43E3-A613-8AB770CBA549}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{29C885BE-D034-4466-9F8A-5E7FEBD52DD6}" = protocol=6 | dir=in | app=d:\programme\icq\icq7.4\icq.exe |
"{2BBC3EB7-EE27-4F0E-8566-4A5F16A65A66}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{335D6608-33D4-457C-A0B0-7974467429A5}" = protocol=6 | dir=in | app=c:\program files\3dsmax\3dsmax.exe |
"{352E3AA6-B708-4254-A3D7-C05911FC6361}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{3673E242-38DB-415C-81CD-F767E62534FE}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{392B28F9-BC0E-452C-8593-B5688ADB4E54}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\adobe version cue cs3\server\bin\versioncuecs3.exe |
"{44DC91F9-B3FD-4C00-B8D3-844D0A8C4BF7}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\playmovie.exe |
"{45502E4E-092F-49B1-AC06-D43B9E95AEA6}" = protocol=6 | dir=in | app=d:\spiele\ragnarok\ragexe.exe |
"{455B5C15-BB02-4A13-875B-622C0BE5C55A}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{485E181B-D509-408C-BD5A-33B49E26F589}" = protocol=17 | dir=in | app=c:\program files\3dsmax\3dsmax.exe |
"{4CFF1A8E-E564-4E4E-96E2-73F6BF44ACF3}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{4D0A3162-B233-448A-ACEF-878F5E341A2C}" = protocol=6 | dir=in | app=c:\program files\autodesk\backburner\monitor.exe |
"{4FFF76A4-5133-4FB0-B56E-384BF524FDA9}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{537DB8E8-1770-4AD0-8998-2870E54D74E9}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{55782BB4-ED83-46B5-AB93-93F9ECCB4B99}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxm08.exe |
"{5F1B3C69-935D-440F-A7F2-F99B656C379A}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxbkpswx.exe |
"{6076B964-0B75-40A9-BD76-59A67F1DA942}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{6702E16E-13F4-43F3-A5EB-4EFCC112BD94}" = protocol=17 | dir=in | app=c:\program files\autodesk\backburner\monitor.exe |
"{6DC490AB-9AFF-4D24-80FE-CB63D645A6C7}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2011\3dsmax.exe |
"{75C189BF-AAD7-47C7-A678-89E0B4D66543}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxs08.exe |
"{760648AA-C2FC-4CC3-9D7D-50D5CA29E873}" = protocol=6 | dir=in | app=c:\users\jenny\appdata\roaming\dropbox\bin\dropbox.exe |
"{76A459A5-9788-4A0E-8017-76C2F21FBC5C}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{7BD65B90-A3F1-4D8C-9E90-4999B8EBA804}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{7CDCD324-993C-4E4F-B63E-9C876C176A82}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqfxt08.exe |
"{83E3B3EA-4E60-439C-9E7B-0F15DB6189B4}" = protocol=6 | dir=in | app=c:\program files\3dsmax\mentalimages\satellite\raysat_3dsmax2011_32.exe |
"{85B6ED77-B12A-4D6A-B9DB-077CC791512E}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2011\3dsmax.exe |
"{866CCA5A-D05E-4882-9634-3D51C5FBBDBC}" = protocol=17 | dir=in | app=c:\windows\system32\lxbkcoms.exe |
"{87B0F00A-9CBC-435B-9CE9-5D1980C13A2D}" = protocol=6 | dir=in | app=d:\programme\icq\icq7.4\icq.exe |
"{87C42BB4-C805-493A-A0E1-70D9C4BC882B}" = protocol=17 | dir=in | app=d:\spiele\ragnarok\ragexe.exe |
"{8D47434F-0F66-4966-88EE-606054D649FC}" = protocol=6 | dir=in | app=c:\program files\autodesk\backburner\manager.exe |
"{931E510E-0385-4290-9015-1A05D2A94E0F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpzwiz01.exe |
"{970E2153-184F-482B-9B86-B46EAE130CBB}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{9F4341BF-F16F-44C2-8E08-10B9314832AC}" = protocol=6 | dir=in | app=c:\program files\autodesk\backburner\server.exe |
"{A5A42F72-BB21-4A40-B82B-E259C1E6CED8}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{A8233CF2-CAAD-4B41-A95E-62ADF6B4089A}" = protocol=17 | dir=in | app=c:\users\jenny\appdata\roaming\dropbox\bin\dropbox.exe |
"{B098FDAA-B8EF-41A9-B3DA-DE9E10CE9B39}" = protocol=6 | dir=in | app=c:\program files\3dsmax\mentalimages\satellite\raysat_3dsmax2011_32server.exe |
"{B3D45A7D-8AD2-4E2C-8D15-B27610520A8F}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{B5F70D68-3AF0-49BE-8EE1-008C314E2422}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{BA1EE302-8125-4E4E-8B73-FEAC23C3F9EA}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposfx08.exe |
"{BEEEEE1F-50B1-48DF-B05F-7ACE0E6D17B3}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{BFFCA3C9-3B96-4A2F-AB3E-EB8B021F0602}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{C67B2A5E-7B01-4D17-AF42-8111E9881A22}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe |
"{C89FFB57-F7D2-43D9-B3E9-816A9A45D866}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe |
"{D0E50ACD-136C-4D0C-99A9-4E4DBADBE0B0}" = protocol=17 | dir=in | app=c:\program files\autodesk\backburner\manager.exe |
"{D351F1A2-CD85-4A0F-BDFE-5887CB0D9CDF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{D50664DD-ECC8-4F91-A336-133D57FD409C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{D610B657-85EF-43E0-9B11-4AF8A0911D53}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{D8C63FD1-5080-40C1-81C5-C9C50F79250C}" = protocol=17 | dir=in | app=c:\program files\autodesk\backburner\server.exe |
"{D9277855-0A29-4403-87C3-88B0F208C0D7}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{E4447BF4-83FE-4B2F-8D0D-CEA7B40F5103}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\adobe version cue cs3\server\bin\versioncuecs3.exe |
"{EB5E3053-93A1-4ED7-ACEC-56BCBC7A7E62}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2011\mentalimages\satellite\raysat_3dsmax2011_32.exe |
"{ECD3ADF2-C36E-41C7-8E2E-7A8069B8290A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{F379E883-67C7-49F2-8958-99E77B830FD4}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{F43D50A6-552F-4C8E-882A-C1545396EA2E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{F7D4A726-BB20-4E35-AE4D-ADB61B8E03DA}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2011\mentalimages\satellite\raysat_3dsmax2011_32.exe |
"{F9AB76AD-8DF8-48E5-8F91-D061ACF73245}" = protocol=6 | dir=in | app=c:\windows\system32\lxbkcoms.exe |
"{FA2ECDDF-BEE2-4314-8042-55BD183D8352}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\pmvservice.exe |
"{FC5D96DE-DC96-46EA-BF95-D6913E392B95}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{FCBB9AB1-EE62-4319-AD18-7FE994F6B25D}" = dir=in | app=d:\programme\powerdirector\powerdirector\pdr.exe |
"{FD95881C-1730-44A6-8ECE-F3EFA94F8085}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxbkpswx.exe |
"TCP Query User{28C89E53-407E-4F82-9AAF-E031AA7AC942}D:\spiele\secondlifeviewer2\slvoice.exe" = protocol=6 | dir=in | app=d:\spiele\secondlifeviewer2\slvoice.exe |
"TCP Query User{2ACC8F31-027B-4DD0-88A2-919855AF0B28}C:\program files\rhinoceros 4.0\system\rhino4.exe" = protocol=6 | dir=in | app=c:\program files\rhinoceros 4.0\system\rhino4.exe |
"TCP Query User{3904D328-5B4D-4846-8BDF-E4050CAAA929}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{56A72E0D-2DFE-40F1-BB84-8D515BC1C0CE}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{5DD841DE-8109-4FA8-8549-E4EDA6F3BC5B}C:\users\jenny\desktop\scitysetup_19235222.exe" = protocol=6 | dir=in | app=c:\users\jenny\desktop\scitysetup_19235222.exe |
"TCP Query User{6CD73801-AA15-418E-A8DB-B6F272A42BD0}C:\programdata\asgvis\drspawner\drspawner.exe" = protocol=6 | dir=in | app=c:\programdata\asgvis\drspawner\drspawner.exe |
"TCP Query User{8E9F7AC9-4CD8-4C70-8CC1-D4FABCA565A6}D:\programme\kaspersky\setup.exe" = protocol=6 | dir=in | app=d:\programme\kaspersky\setup.exe |
"TCP Query User{8FCC004E-88E9-4D3A-9155-52AF6C668E35}D:\programme\winamp\winamp.exe" = protocol=6 | dir=in | app=d:\programme\winamp\winamp.exe |
"TCP Query User{90056987-C9AE-419D-96D7-5FB7189A10C0}C:\users\jenny\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\jenny\appdata\local\akamai\netsession_win.exe |
"TCP Query User{9E03B506-EBE3-45BC-A021-897E7C7D1CAE}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{A7ECC04B-A9ED-42D1-B021-73C8EC71B456}D:\programme\musicbrainz picard\picard.exe" = protocol=6 | dir=in | app=d:\programme\musicbrainz picard\picard.exe |
"TCP Query User{BBCCDE66-35B7-4B19-A6CA-EC3DE8A9E794}D:\programme\icq\icq6.5\icq.exe" = protocol=6 | dir=in | app=d:\programme\icq\icq6.5\icq.exe |
"TCP Query User{C0138E9F-7D71-4FEA-AC87-90D72D923183}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{C5236DDA-48EB-4C0A-9DA4-B8758E3424BA}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{D3B4D646-6E9B-459D-B57F-DEF0F41248A7}D:\spiele\spore\eadm\core.exe" = protocol=6 | dir=in | app=d:\spiele\spore\eadm\core.exe |
"TCP Query User{F73FAEF9-AAA5-481F-85E7-98BB08F4B40D}C:\program files\dgs\dgsnetd.exe" = protocol=6 | dir=in | app=c:\program files\dgs\dgsnetd.exe |
"UDP Query User{192570D0-446D-400D-8DCD-0984BED180CA}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{1DF102CB-4124-4E1F-B8F2-809F2201A2B5}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{29DE9ED9-D40C-4EDE-AC9D-A1F7C58BD65C}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{2BF9BCCC-7E76-4EEF-A889-A3B1793589D0}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{398360B7-0871-4AC0-B0C0-B2CA6C728D9B}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{445F0964-0074-4B59-A59C-8F21ABE70022}C:\users\jenny\desktop\scitysetup_19235222.exe" = protocol=17 | dir=in | app=c:\users\jenny\desktop\scitysetup_19235222.exe |
"UDP Query User{51059E3C-8AC8-4A9F-9B5E-EABA4AE3775B}C:\programdata\asgvis\drspawner\drspawner.exe" = protocol=17 | dir=in | app=c:\programdata\asgvis\drspawner\drspawner.exe |
"UDP Query User{8DC30B06-87DF-452C-8F3D-A5FBF3048230}D:\spiele\spore\eadm\core.exe" = protocol=17 | dir=in | app=d:\spiele\spore\eadm\core.exe |
"UDP Query User{9B5E1074-6FCF-42E3-BE9C-82E27C864B83}D:\programme\icq\icq6.5\icq.exe" = protocol=17 | dir=in | app=d:\programme\icq\icq6.5\icq.exe |
"UDP Query User{A3335517-B7F2-43E3-A9BF-988CF3AAD971}D:\spiele\secondlifeviewer2\slvoice.exe" = protocol=17 | dir=in | app=d:\spiele\secondlifeviewer2\slvoice.exe |
"UDP Query User{A7CC504C-D2D7-4645-97A6-BCF004CC657A}C:\program files\rhinoceros 4.0\system\rhino4.exe" = protocol=17 | dir=in | app=c:\program files\rhinoceros 4.0\system\rhino4.exe |
"UDP Query User{B4A6FB27-E861-487B-BBD1-976261AF1DE4}D:\programme\musicbrainz picard\picard.exe" = protocol=17 | dir=in | app=d:\programme\musicbrainz picard\picard.exe |
"UDP Query User{C6E3F91F-D1F6-451A-BED3-6C2BD3F1B938}D:\programme\winamp\winamp.exe" = protocol=17 | dir=in | app=d:\programme\winamp\winamp.exe |
"UDP Query User{D8F48742-8BDA-4C4D-B3F9-BF9538239B4A}C:\users\jenny\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\jenny\appdata\local\akamai\netsession_win.exe |
"UDP Query User{E5E79DF0-0D00-4547-869D-39E49301D009}D:\programme\kaspersky\setup.exe" = protocol=17 | dir=in | app=d:\programme\kaspersky\setup.exe |
"UDP Query User{F9D449BE-AC3E-4599-A138-B56330A9DA7E}C:\program files\dgs\dgsnetd.exe" = protocol=17 | dir=in | app=c:\program files\dgs\dgsnetd.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01521746-02A6-4A72-00BD-A285DF6B80C6}" = Die Sims 2: Wilde Campus-Jahre
"{02602409-9189-4567-BC07-562605243B69}" = Windows Live Remote Client Resources
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.6400
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{10F498FF-5392-4DF3-8F73-FE172A9F3800}" = Winbond CIR Device Drivers
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}" = LG PC Suite II
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1D58229F-C505-45CA-8223-F35F3A34B963}" = Adobe Version Cue CS3 Server
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{342F5437-C87D-4BB5-89B9-B23E16C6A395}" = Microsoft Visual C++ 8.0 Support DLLs
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}" = Windows Live Remote Service Resources
"{3AF8C37F-696E-871C-0851-CDE980FD665E}" = Bamboo Dock
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1
"{3EB6F78A-66E3-434f-BD0E-76C7D078DB5E}" = 4500G510af_Software_Min
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{40625DE4-DCDB-44FE-84B5-E65F1365BF44}" = V-Ray for Rhinoceros
"{411E0CC3-587A-468C-B461-95FAFD05E4DE}" = Adobe InDesign CS3
"{4393DE35-AD67-4F37-95E4-30F06EA0FDB2}" = Adobe Creative Suite 3 Design Premium
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4817189D-1785-4627-A33C-39FD90919300}" = Die Sims™ 2 Haustiere
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4AA5B8A5-BEEF-4AD8-B11D-4443A042EA4F}" = Adobe Dreamweaver CS3
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{50A76A32-8D75-4839-815C-93054CFD436B}" = V-Ray for Rhinoceros
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5518E08A-2053-4A3E-85B2-F912D4666C9F}" = Adobe Setup
"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{579F16AF-AFA0-488C-BE83-71F4C92EC216}" = V-Ray for Rhinoceros
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5B63A470-9334-44D1-AF61-6CE2DB565AE9}" = Orion
"{5C2CBFFD-FC3B-4AA9-993B-CE2B8DA25B87}" = Rhinoceros 4.0
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6522C636-B04C-4333-9BEB-9E0C0B6350D6}" = Die Sims™ 2 Küchen- und Bad-Einrichtungs-Accessoires
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{67574624-BF0F-0407-AF6D-19FBD86FF7F7}" = Autodesk 3ds Max 2011 32-Bit
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6E0C3C3D-CF8A-4AEC-AD6C-B4486A96BE8E}" = Bamboo Tablets Tutorial
"{6E17F9751-F056-4335-B718-8AF1B1092AFB}" = Die Sims™ 2 IKEA® Home-Accessoires
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = Die Sims 2
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{762EBEC5-7ADC-48DC-ADDE-882616730050}" = TransType Pro
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7C32C567-DC0F-4C80-B06C-7873850A2E06}" = Die Sims - Tierisch gut drauf
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{8058F9B8-68C6-4769-A1F2-994C4529B2C6}" = V-Ray for Rhinoceros
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}" = Bricks of Egypt
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110322783}" = Big Kahuna Reef
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}" = Chuzzle
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}" = Mystery Case Files - Huntsville
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111324990}" = Kick N Rush
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111543617}" = Backspin Billiards
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111692950}" = Mahjongg Artifacts
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}" = Mystery Solitaire - Secret Island
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111872660}" = Diner Dash Flo on the Go
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112531267}" = Chicken Invaders 3
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}" = Agatha Christie Death on the Nile
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}" = Turbo Pizza
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}" = Azada
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}" = Die Sims™ 2 H&M®-Fashion-Accessoires
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}" = Die Sims™ 2 Freizeit-Spaß
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B9F50F9-BA6F-47c5-990B-76A74A1C68B0}" = 4500G510af
"{8C640345-AF96-4ABA-A697-97D2A0B8C6DB}" = Adobe Flash CS3
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92A51949-EE4C-466D-AAF0-99E74A49A63F}" = DocMgr
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{99E862CC-6F69-4D39-99AA-DBF71BF3B585}" = OpenOffice.org 3.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}" = Autodesk Material Library 2011
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam 2.0.8
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A8DF8593-F619-47DE-AD27-BCABF233433A}" = STOIK Video Converter 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-1033-F400-7760-000000000003}" = Adobe Acrobat 8 Professional - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B1899CD8-9584-4DC5-00AE-48F47CF81183}" = Die Sims 2 HomeCrafter Plus
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B6F5B704-06D3-4687-90F3-6195304AD755}" = Die Sims™ 2 Apartment-Leben
"{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3
"{BCEDD813-269C-4D8F-A4BA-01FDC66254D3}" = Adobe Flash Video Encoder
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C167A588-87AA-47BF-A88E-5B0F9A14480D}" = InterVideo DVDCopy5
"{C175D5B0-ED04-42C9-B23F-D8BD406173E7}" = 4500_G510af_Help
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C7DDA8E7-AD3D-4F51-AC1E-B0FF57002192}" = Microsoft IntelliPoint 6.3
"{C8D7A672-F697-4572-AC62-C856053A8DBC}" = Adobe Illustrator CS3
"{C98517B6-DCE9-49B7-B19E-E384178D3986}" = HP Officejet 4500 G510a-f
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CCBC3666-5199-4702-B052-2C58FCA6EFF9}" = Rhinoceros 4.0 SR4b
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe  1.4.142.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFCA7747-0813-AEBA-886F-732E1CBD79EA}" = MoodTuner
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"{D3C605D8-3A5E-4BAD-965D-2C61441BF2AC}" = Adobe Photoshop CS3
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D57F1897-D0F5-4E5F-99BA-80815B43283A}" = Rhinoceros 4.0 SR4
"{D7960C39-E3FD-4B46-8E97-A1E9D128F913}" = Rhinoceros 4.0 SR3
"{D9FE1AFC-8C6D-484F-B3FD-E50780153234}" = Evernote
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = Die Sims™ 2 Vier Jahreszeiten
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4A0225B-A975-416C-8CF7-C1C025FD32D6}" = YP-U1
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EAA38532-7AD0-4f78-918A-4F4F02096ECE}" = Die Sims™ 2 Party-Accessoires
"{ECCD28B2-8798-4D16-8126-625D728294A1}" = SPBA 5.8
"{ECEE0279-785F-4CB3-9F28-E69813234BF8}" = SPORE™ Labor Basisversion
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EF5B1E83-1403-4F0E-A8E6-C169DF0CCE8C}" = LG PC Suite II
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F248ADFA-64E0-4b03-8A83-059078BED6A0}" = Die Sims™ 2 Gute Reise
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F7529650-B9DB-481B-0089-A2AC3C2821C1}" = Die Sims 2: Nightlife
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA52513B-03C2-4631-BE42-03ACF9226179}" = Tablett
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 4.65
"Acer Acer Bio Protection 6.0.00.17" = Acer Bio Protection

AAU 6.0.00.17
"Acer GameZone Console_is1" = Acer GameZone Console 2.0.1.1
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_061850775b1c6d22bf2a145678e05e0" = Adobe Creative Suite 3 Design Premium hinzufügen oder entfernen
"Akamai" = Akamai NetSession Interface Service
"Autodesk FBX Plug-in 2011.1 - 3ds Max 2011" = Autodesk FBX Plug-in 2011.1 - 3ds Max 2011
"Avira AntiVir Desktop" = Avira Free Antivirus
"Bamboo Dock" = Bamboo Dock
"CamStudio" = CamStudio
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon RAW Codec" = Canon RAW Codec
"CCleaner" = CCleaner
"CEP - Colour Enable Packages_is1" = CEP - Color Enable Package
"CloneDVD2" = CloneDVD2
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"com.gugga.radiomini" = MoodTuner
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dark and Light1.0.14.01" = Dark and Light
"DGS Portrait2" = DGS Portrait2
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup" = DivX-Setup
"dm Fotowelt" = dm Fotowelt
"dm-Fotowelt" = dm-Fotowelt
"DPP" = Canon Utilities Digital Photo Professional 3.1
"EADM" = EA Download Manager
"EOS 20D WIA Driver" = EOS 20D WIA Driver
"EOS Utility" = Canon Utilities EOS Utility
"ESET Online Scanner" = ESET Online Scanner v3
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Flamingo 1.1" = Flamingo 1.1
"Flamingo 1.1 for Rhino 4.0" = Flamingo 1.1 for Rhino 4.0
"FoxyTunesForFirefox" = FoxyTunes for Firefox
"Fraps" = Fraps (remove only)
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free FLV Converter_is1" = Free FLV Converter V 6.98.0
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 7.0
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.14.1206
"Freez FLV to AVI/MPEG/WMV Converter v1.6_is1" = Freez FLV to AVI/MPEG/WMV Converter
"GameWiz32" = GameWiz32
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"GridVista" = Acer GridVista
"Guild Wars" = GUILD WARS
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"IcoFX_is1" = IcoFX 1.6.4
"Id3Sort Version 1.3.0.13_is1" = Id3Sort Version, 1.3.0.13
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"InstallShield_{FA52513B-03C2-4631-BE42-03ACF9226179}" = Tablett
"Lexmark X1100 Series" = Lexmark X1100 Series
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 15.0 (x86 de)" = Mozilla Firefox 15.0 (x86 de)
"Mozilla Firefox 4.0.1 (x86 de)" = Mozilla Firefox 4.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.49
"MusicBrainz Picard" = MusicBrainz Picard
"MyDefrag v4.3.1_is1" = MyDefrag v4.3.1
"myGamersCam" = myGamersCam 1.2
"NVIDIA Drivers" = NVIDIA Drivers
"Nvu_is1" = Nvu 1.0
"ODSK" = Canon Utilities Original Data Security Tools
"Pen Tablet Driver" = Bamboo
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"Ramsete III" = Ramsete III
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"Rhino RDK" = Rhino RDK
"Rhinoceros 3.0" = Rhinoceros 3.0
"RocketDock_is1" = RocketDock 1.3.5
"Shop for HP Supplies" = Shop for HP Supplies
"ST6UNST #1" = Ramsete 2.70
"Surf & E-Mail-Stick" = Surf & E-Mail-Stick
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Tomb Raider: Anniversary Demo" = Tomb Raider: Anniversary Demo 1.0
"T-Splines for Rhino" = T-Splines for Rhino
"Uninstall_is1" = Uninstall 1.0.0.1
"uTorrent" = µTorrent
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1" = Bamboo Dock
"WFTK" = Canon Utilities WFT-E1/E2/E3 Utility
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Wisdom-soft Set up ASR 3.1 Pro" = Wisdom-soft Set up ASR 3.1 Pro
"Word8.0" = Microsoft Word 97
"Zoo Tycoon 1.0" = Zoo Tycoon-Erweiterungen
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Dropbox" = Dropbox
"World of Warcraft Trial" = Probeversion von World of Warcraft
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 29.08.2012 11:31:06 | Computer Name = Kessy | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung firefox.exe, Version 15.0.0.4619, Zeitstempel
 0x50382fcd, fehlerhaftes Modul xul.dll, Version 15.0.0.4619, Zeitstempel 0x50382f44,
 Ausnahmecode 0xc0000005, Fehleroffset 0x001bea47,  Prozess-ID 0x13d8, Anwendungsstartzeit
 01cd85ecc6964acb.
 
Error - 30.08.2012 04:10:20 | Computer Name = Kessy | Source = WinMgmt | ID = 10
Description =
 
Error - 30.08.2012 12:58:40 | Computer Name = Kessy | Source = WinMgmt | ID = 10
Description =
 
Error - 30.08.2012 14:19:57 | Computer Name = Kessy | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 15.0.0.4619 arbeitet nicht mehr mit
Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über
 das Problem zu suchen.  Prozess-ID: 25d8  Anfangszeit: 01cd86db9914554e  Zeitpunkt der
 Beendigung: 12
 
Error - 30.08.2012 17:06:47 | Computer Name = Kessy | Source = WinMgmt | ID = 10
Description =
 
Error - 31.08.2012 04:18:29 | Computer Name = Kessy | Source = WinMgmt | ID = 10
Description =
 
Error - 01.09.2012 05:06:29 | Computer Name = Kessy | Source = WinMgmt | ID = 10
Description =
 
Error - 01.09.2012 05:27:04 | Computer Name = Kessy | Source = WinMgmt | ID = 10
Description =
 
Error - 01.09.2012 05:58:50 | Computer Name = Kessy | Source = WinMgmt | ID = 10
Description =
 
Error - 01.09.2012 06:38:34 | Computer Name = Kessy | Source = WinMgmt | ID = 10
Description =
 
[ System Events ]
Error - 01.02.2009 07:11:54 | Computer Name = Kessy | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
 \Device\NetBT_Tcpip_{58F6CE43-4FE6-4393-8EC7-B3A4A2B65993} vom Serverdienst nicht
 gebunden werden. Der Serverdienst konnte nicht gestartet werden.
 
Error - 01.02.2009 07:11:54 | Computer Name = Kessy | Source = netbt | ID = 4321
Description = Der Name "KESSY          :20" konnte nicht auf der Schnittstelle mit
 IP-Adresse 192.168.2.2  registriert werden. Der Computer mit IP-Adresse 192.168.2.3
 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.
 
Error - 01.02.2009 07:11:57 | Computer Name = Kessy | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
 \Device\NetBT_Tcpip_{58F6CE43-4FE6-4393-8EC7-B3A4A2B65993} vom Serverdienst nicht
 gebunden werden. Der Serverdienst konnte nicht gestartet werden.
 
Error - 01.02.2009 07:11:57 | Computer Name = Kessy | Source = netbt | ID = 4321
Description = Der Name "KESSY          :0" konnte nicht auf der Schnittstelle mit
 IP-Adresse 192.168.2.2  registriert werden. Der Computer mit IP-Adresse 192.168.2.3
 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.
 
Error - 01.02.2009 07:11:57 | Computer Name = Kessy | Source = netbt | ID = 4321
Description = Der Name "KESSY          :0" konnte nicht auf der Schnittstelle mit
 IP-Adresse 192.168.2.2  registriert werden. Der Computer mit IP-Adresse 192.168.2.3
 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.
 
Error - 01.02.2009 07:11:57 | Computer Name = Kessy | Source = netbt | ID = 4321
Description = Der Name "KESSY          :20" konnte nicht auf der Schnittstelle mit
 IP-Adresse 192.168.2.2  registriert werden. Der Computer mit IP-Adresse 192.168.2.3
 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.
 
Error - 01.02.2009 13:32:46 | Computer Name = Kessy | Source = HTTP | ID = 15016
Description =
 
Error - 02.02.2009 15:21:13 | Computer Name = Kessy | Source = HTTP | ID = 15016
Description =
 
Error - 03.02.2009 11:12:35 | Computer Name = Kessy | Source = HTTP | ID = 15016
Description =
 
Error - 03.02.2009 16:11:26 | Computer Name = Kessy | Source = HTTP | ID = 15016
Description =
 
 
< End of report >
Sonstiges: Firefox wird jetzt wieder verwendet und NoScript, WOT und ADblock Plus wurden hinzugefügt. Momentan keine Probleme feststellbar.

kira 02.09.2012 09:37
1.
Datei-Überprüfung
Folgende Datei/en (siehe Codebox) bei VirusTotal online überprüfen lassen.
Prüfende Datei/en:
Code:
c:\users\jenny\desktop\scitysetup_19235222.exe
  • klick auf "Choose File"
  • Lass Deinen Computer in "" suchen.
  • Wenn Du die Datei gefunden hast, klickst du sie an und auf "Scan it"
  • Sollte VirusTotal melden, dass die Datei bereits überpüft wurde ("File already analysed"), lasse sie trotzdem über den Button Reanalyse erneut prüfen.
  • Wenn VirusTotal die Datei empfangen hat, wird sie diese mit mehreren Anti-Virus-Scannern prüfen und die Ergebnisse anzeigen.
  • Wenn das Ergebnis vorliegt - markieren-> kopieren -> hier einfügen - (egal wie es aussieht - nicht auslassen, das komplette Resultat wie angezeigt da reinkopieren! - und dabei auch die Zeilen mit Namen und Größe der Datei, MD5 und SHA1 kopieren) hier posten. Solltest Du die Datei/en nicht finden oder hochladen können, dann teile uns das ebenfalls mit. Solltest Du die Datei/en nicht finden, überprüfe, ob folgende Einstellungen richtig gesetzt sind.
    ► Oder die Ergebnisse markieren mit <Strg><A>-> kopieren mit <Strg><C>-> mit <Strg><V> hier einfügen

Beispiel - das zu postende Logfile von Virustotal soll so wie hier aussehen Also nicht auslassen, sondern wie Du es bekommst da reinkopieren!:
Scanergebnisse mitsamt Dateiname!
Code:
Datei  File name:
<hier kommt die Dateiname>
Submission date:
2010-10-22 03:34:01 (UTC)
Current status:
queued queued analysing finished
Result:
.....%
   
VT Community

goodware/badware
 Safety score: 100.0%
Compact
Print results
Antivirus    Version    Last Update    Result
AhnLab-V3    2010.10.22.00    2010.10.21    -
AntiVir    7.10.13.15    2010.10.21    -
Antiy-AVL    2.0.3.7    2010.10.22    -
Authentium    5.2.0.5    2010.10.22    -
Avast    4.8.1351.0    2010.10.21    -
Avast5    5.0.594.0    2010.10.21    -
usw........

...werden geprüft v. mehr wie 40 Online Virus Scanner...also Geduld!!
Falls bei der Analyse sich herausstellt,dass die Dateien schädlich sind,lösche noch nicht,weil können unter Umständen dazu führen, dass das System nicht mehr sauber läuft[/quote]

2.
Zitat:
Achtung wichtig!:
Falls Du selber im Logfile Änderungen vorgenommen hast, musst Du durch die Originalbezeichnung ersetzen und so in Script einfügen! sonst funktioniert nicht!
(Benutzerordner, dein Name oder sonstige Änderungen durch X, Stern oder andere Namen ersetzt)
Fixen mit OTL
  • Starte die OTL.exe.
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Kopiere folgendes Skript also - nach dem "Code", alles was in der Codebox steht - (also beginnend mit :OTL und am Ende [emptytemp]), alles was in der Codebox steht (ohne "code"!) :
Code:
:OTL
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7GGLL_de
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q="
[2012.04.08 10:11:02 | 000,000,000 | ---D | M] (Browser Companion Helper) -- C:\Users\Jenny\AppData\Roaming\mozilla\Firefox\Profiles\743hbu9z.default\extensions\bbrs_002@blabbers.com

:Files
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]

Linya 02.09.2012 10:28
zu 1. Ich habe folgende Einstellungen geändert
=> Dateien und Ordner: Erweiterungen bei bekannten Dateitypen ausblenden deaktivieren
=> Dateien und Ordner: Geschützte Systemdateien ausblenden (empfohlen) deaktivieren
=> Dateien und Ordner: Inhalte von Systemordnern anzeigen => aktivieren (entfällt da vista)
=> Versteckte Dateien und Ordner: => alle Dateien und Ordner anzeigen aktivieren

Aber ich konnte die Datei leider nicht finden.

zu 2. Hier das OTL Textdokument:
Code:
All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Prefs.js: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=" removed from keyword.URL
C:\Users\Jenny\AppData\Roaming\mozilla\Firefox\Profiles\743hbu9z.default\extensions\bbrs_002@blabbers.com\components folder moved successfully.
C:\Users\Jenny\AppData\Roaming\mozilla\Firefox\Profiles\743hbu9z.default\extensions\bbrs_002@blabbers.com\chrome\content\cache folder moved successfully.
C:\Users\Jenny\AppData\Roaming\mozilla\Firefox\Profiles\743hbu9z.default\extensions\bbrs_002@blabbers.com\chrome\content folder moved successfully.
C:\Users\Jenny\AppData\Roaming\mozilla\Firefox\Profiles\743hbu9z.default\extensions\bbrs_002@blabbers.com\chrome folder moved successfully.
C:\Users\Jenny\AppData\Roaming\mozilla\Firefox\Profiles\743hbu9z.default\extensions\bbrs_002@blabbers.com folder moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\Jenny\Desktop\Programme\cmd.bat deleted successfully.
C:\Users\Jenny\Desktop\Programme\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Jenny
->Temp folder emptied: 473144 bytes
->Temporary Internet Files folder emptied: 4083055 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 7014215 bytes
->Google Chrome cache emptied: 6317518 bytes
->Flash cache emptied: 805 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 8488289 bytes
RecycleBin emptied: 55656647 bytes
 
Total Files Cleaned = 78,00 mb
 
 
OTL by OldTimer - Version 3.2.59.1 log created on 09022012_111637

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\hlktmp scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Danke

kira 03.09.2012 13:25
erneut einen Scan mit OTL:
  • Doppelklick auf die OTL.exe
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Oben findest Du ein Kästchen mit Ausgabe.
    Wähle bitte Standard-Ausgabe
  • Unter Extra-Registrierung wähle bitte Benutze SafeList.
  • Mache Häckchen bei LOP- und Purity-Prüfung.
  • Klicke nun auf Scan links oben.
  • Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
    Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.

Linya 03.09.2012 15:02
OTL Logfiles:

Code:
OTL Extras logfile created on: 03.09.2012 15:30:02 - Run 3
OTL by OldTimer - Version 3.2.59.1    Folder = C:\Users\Jenny\Desktop\Programme
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19298)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,99 Gb Total Physical Memory | 0,90 Gb Available Physical Memory | 29,97% Memory free
6,19 Gb Paging File | 2,91 Gb Available in Paging File | 47,07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 56,97 Gb Free Space | 39,55% Space Free | Partition Type: NTFS
Drive D: | 140,50 Gb Total Space | 6,06 Gb Free Space | 4,31% Space Free | Partition Type: NTFS
Drive G: | 495,00 Mb Total Space | 11,91 Mb Free Space | 2,41% Space Free | Partition Type: FAT32
Drive I: | 465,76 Gb Total Space | 236,58 Gb Free Space | 50,79% Space Free | Partition Type: NTFS
 
Computer Name: KESSY | User Name: Jenny | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [CEWE FOTOSCHAU] -- "D:\Programme\dm Fotowelt\dm-Fotowelt\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- D:\Programme\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [dm Fotowelt] -- "D:\Programme\dm Fotowelt\dm Fotowelt.exe" "%1" ()
Directory [dm-Fotowelt] -- "D:\Programme\dm Fotowelt\dm-Fotowelt\dm-Fotowelt.exe" "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Programme\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption -- ( Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption -- ( Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe:*:Enabled:eDSMgr
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe:*:Enabled:encryption
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe:*:Enabled:decryption
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe:*:Enabled:eDSMgr
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04C38445-AF55-4626-ABEA-F4A0475BBDAD}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{0B94C6F8-B1FA-46E7-A81E-768D35F22CB1}" = lport=50900 | protocol=6 | dir=in | name=adobe version cue cs3 server |
"{1FC0F839-89C0-444E-B0EA-2F2E49C3CFAA}" = lport=2869 | protocol=6 | dir=in | app=system |
"{31C3CCD8-BFE8-49AB-B971-FB7C3FC6CF09}" = lport=50901 | protocol=6 | dir=in | name=adobe version cue cs3 server |
"{59438DE2-21FE-490E-A004-E2A0D8DC75ED}" = lport=49158 | protocol=6 | dir=in | name=akamai netsession interface |
"{70710AFC-B322-48A1-B7D1-E764C883D823}" = lport=3704 | protocol=6 | dir=in | name=adobe version cue cs3 server |
"{8A4AD6A8-10B0-478B-8A04-E6483AC32C10}" = lport=3703 | protocol=6 | dir=in | name=adobe version cue cs3 server |
"{9061396F-2AEF-43CA-A884-777597A80971}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{E639AADE-359D-4FAD-A942-72083826C63B}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{FC980B70-A17B-47A6-86C1-B0540A7F919F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0311C8B4-F137-4B20-883B-FA4DFBD40991}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe |
"{0D66F652-EB71-4C4F-B4F2-8783AB710EE2}" = protocol=17 | dir=in | app=d:\programme\icq\icq7.4\icq.exe |
"{0F472933-D79C-422F-89DE-272C10DE7F43}" = protocol=17 | dir=in | app=c:\program files\3dsmax\mentalimages\satellite\raysat_3dsmax2011_32.exe |
"{14B0664F-D1FC-40D1-8C29-49D7F23BFDDE}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{170F9811-0166-4F95-BC07-111DE0B6FD37}" = protocol=17 | dir=in | app=d:\programme\icq\icq7.4\icq.exe |
"{18911FCF-CEA1-4001-9B2A-10874B579CE9}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{1CA1BEED-350E-40F3-AC52-8C96C117F7B9}" = protocol=6 | dir=in | app=d:\programme\icq\icq7.4\icq.exe |
"{1F459D85-0657-4CAF-A5F9-21BD94091F70}" = dir=in | app=c:\program files\acer\acer vcm\vc.exe |
"{2362F9B1-6FE0-4148-A122-D03B0130994D}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{2567D9BA-2DEF-41E8-ABC0-8ADB06020566}" = protocol=17 | dir=in | app=c:\program files\3dsmax\mentalimages\satellite\raysat_3dsmax2011_32server.exe |
"{28F66114-24E9-4EFA-BC8A-8965E95CCD61}" = protocol=17 | dir=in | app=d:\programme\icq\icq7.4\icq.exe |
"{292C16F0-F366-43E3-A613-8AB770CBA549}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{29C885BE-D034-4466-9F8A-5E7FEBD52DD6}" = protocol=6 | dir=in | app=d:\programme\icq\icq7.4\icq.exe |
"{2BBC3EB7-EE27-4F0E-8566-4A5F16A65A66}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{335D6608-33D4-457C-A0B0-7974467429A5}" = protocol=6 | dir=in | app=c:\program files\3dsmax\3dsmax.exe |
"{352E3AA6-B708-4254-A3D7-C05911FC6361}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{3673E242-38DB-415C-81CD-F767E62534FE}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{392B28F9-BC0E-452C-8593-B5688ADB4E54}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\adobe version cue cs3\server\bin\versioncuecs3.exe |
"{44DC91F9-B3FD-4C00-B8D3-844D0A8C4BF7}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\playmovie.exe |
"{45502E4E-092F-49B1-AC06-D43B9E95AEA6}" = protocol=6 | dir=in | app=d:\spiele\ragnarok\ragexe.exe |
"{455B5C15-BB02-4A13-875B-622C0BE5C55A}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{485E181B-D509-408C-BD5A-33B49E26F589}" = protocol=17 | dir=in | app=c:\program files\3dsmax\3dsmax.exe |
"{4CFF1A8E-E564-4E4E-96E2-73F6BF44ACF3}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{4D0A3162-B233-448A-ACEF-878F5E341A2C}" = protocol=6 | dir=in | app=c:\program files\autodesk\backburner\monitor.exe |
"{4FFF76A4-5133-4FB0-B56E-384BF524FDA9}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{537DB8E8-1770-4AD0-8998-2870E54D74E9}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{55782BB4-ED83-46B5-AB93-93F9ECCB4B99}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxm08.exe |
"{5F1B3C69-935D-440F-A7F2-F99B656C379A}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxbkpswx.exe |
"{6076B964-0B75-40A9-BD76-59A67F1DA942}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{6702E16E-13F4-43F3-A5EB-4EFCC112BD94}" = protocol=17 | dir=in | app=c:\program files\autodesk\backburner\monitor.exe |
"{6DC490AB-9AFF-4D24-80FE-CB63D645A6C7}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2011\3dsmax.exe |
"{75C189BF-AAD7-47C7-A678-89E0B4D66543}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxs08.exe |
"{760648AA-C2FC-4CC3-9D7D-50D5CA29E873}" = protocol=6 | dir=in | app=c:\users\jenny\appdata\roaming\dropbox\bin\dropbox.exe |
"{76A459A5-9788-4A0E-8017-76C2F21FBC5C}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{7BD65B90-A3F1-4D8C-9E90-4999B8EBA804}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{7CDCD324-993C-4E4F-B63E-9C876C176A82}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqfxt08.exe |
"{83E3B3EA-4E60-439C-9E7B-0F15DB6189B4}" = protocol=6 | dir=in | app=c:\program files\3dsmax\mentalimages\satellite\raysat_3dsmax2011_32.exe |
"{85B6ED77-B12A-4D6A-B9DB-077CC791512E}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2011\3dsmax.exe |
"{866CCA5A-D05E-4882-9634-3D51C5FBBDBC}" = protocol=17 | dir=in | app=c:\windows\system32\lxbkcoms.exe |
"{87B0F00A-9CBC-435B-9CE9-5D1980C13A2D}" = protocol=6 | dir=in | app=d:\programme\icq\icq7.4\icq.exe |
"{87C42BB4-C805-493A-A0E1-70D9C4BC882B}" = protocol=17 | dir=in | app=d:\spiele\ragnarok\ragexe.exe |
"{8D47434F-0F66-4966-88EE-606054D649FC}" = protocol=6 | dir=in | app=c:\program files\autodesk\backburner\manager.exe |
"{931E510E-0385-4290-9015-1A05D2A94E0F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpzwiz01.exe |
"{970E2153-184F-482B-9B86-B46EAE130CBB}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{9F4341BF-F16F-44C2-8E08-10B9314832AC}" = protocol=6 | dir=in | app=c:\program files\autodesk\backburner\server.exe |
"{A5A42F72-BB21-4A40-B82B-E259C1E6CED8}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{A8233CF2-CAAD-4B41-A95E-62ADF6B4089A}" = protocol=17 | dir=in | app=c:\users\jenny\appdata\roaming\dropbox\bin\dropbox.exe |
"{B098FDAA-B8EF-41A9-B3DA-DE9E10CE9B39}" = protocol=6 | dir=in | app=c:\program files\3dsmax\mentalimages\satellite\raysat_3dsmax2011_32server.exe |
"{B3D45A7D-8AD2-4E2C-8D15-B27610520A8F}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{B5F70D68-3AF0-49BE-8EE1-008C314E2422}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{BA1EE302-8125-4E4E-8B73-FEAC23C3F9EA}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposfx08.exe |
"{BEEEEE1F-50B1-48DF-B05F-7ACE0E6D17B3}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{BFFCA3C9-3B96-4A2F-AB3E-EB8B021F0602}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{C67B2A5E-7B01-4D17-AF42-8111E9881A22}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe |
"{C89FFB57-F7D2-43D9-B3E9-816A9A45D866}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe |
"{D0E50ACD-136C-4D0C-99A9-4E4DBADBE0B0}" = protocol=17 | dir=in | app=c:\program files\autodesk\backburner\manager.exe |
"{D351F1A2-CD85-4A0F-BDFE-5887CB0D9CDF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{D50664DD-ECC8-4F91-A336-133D57FD409C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{D610B657-85EF-43E0-9B11-4AF8A0911D53}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{D8C63FD1-5080-40C1-81C5-C9C50F79250C}" = protocol=17 | dir=in | app=c:\program files\autodesk\backburner\server.exe |
"{D9277855-0A29-4403-87C3-88B0F208C0D7}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{E4447BF4-83FE-4B2F-8D0D-CEA7B40F5103}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\adobe version cue cs3\server\bin\versioncuecs3.exe |
"{EB5E3053-93A1-4ED7-ACEC-56BCBC7A7E62}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2011\mentalimages\satellite\raysat_3dsmax2011_32.exe |
"{ECD3ADF2-C36E-41C7-8E2E-7A8069B8290A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{F379E883-67C7-49F2-8958-99E77B830FD4}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{F43D50A6-552F-4C8E-882A-C1545396EA2E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{F7D4A726-BB20-4E35-AE4D-ADB61B8E03DA}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2011\mentalimages\satellite\raysat_3dsmax2011_32.exe |
"{F9AB76AD-8DF8-48E5-8F91-D061ACF73245}" = protocol=6 | dir=in | app=c:\windows\system32\lxbkcoms.exe |
"{FA2ECDDF-BEE2-4314-8042-55BD183D8352}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\pmvservice.exe |
"{FC5D96DE-DC96-46EA-BF95-D6913E392B95}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{FCBB9AB1-EE62-4319-AD18-7FE994F6B25D}" = dir=in | app=d:\programme\powerdirector\powerdirector\pdr.exe |
"{FD95881C-1730-44A6-8ECE-F3EFA94F8085}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxbkpswx.exe |
"TCP Query User{28C89E53-407E-4F82-9AAF-E031AA7AC942}D:\spiele\secondlifeviewer2\slvoice.exe" = protocol=6 | dir=in | app=d:\spiele\secondlifeviewer2\slvoice.exe |
"TCP Query User{2ACC8F31-027B-4DD0-88A2-919855AF0B28}C:\program files\rhinoceros 4.0\system\rhino4.exe" = protocol=6 | dir=in | app=c:\program files\rhinoceros 4.0\system\rhino4.exe |
"TCP Query User{3904D328-5B4D-4846-8BDF-E4050CAAA929}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{56A72E0D-2DFE-40F1-BB84-8D515BC1C0CE}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{5DD841DE-8109-4FA8-8549-E4EDA6F3BC5B}C:\users\jenny\desktop\scitysetup_19235222.exe" = protocol=6 | dir=in | app=c:\users\jenny\desktop\scitysetup_19235222.exe |
"TCP Query User{6CD73801-AA15-418E-A8DB-B6F272A42BD0}C:\programdata\asgvis\drspawner\drspawner.exe" = protocol=6 | dir=in | app=c:\programdata\asgvis\drspawner\drspawner.exe |
"TCP Query User{8E9F7AC9-4CD8-4C70-8CC1-D4FABCA565A6}D:\programme\kaspersky\setup.exe" = protocol=6 | dir=in | app=d:\programme\kaspersky\setup.exe |
"TCP Query User{8FCC004E-88E9-4D3A-9155-52AF6C668E35}D:\programme\winamp\winamp.exe" = protocol=6 | dir=in | app=d:\programme\winamp\winamp.exe |
"TCP Query User{90056987-C9AE-419D-96D7-5FB7189A10C0}C:\users\jenny\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\jenny\appdata\local\akamai\netsession_win.exe |
"TCP Query User{9E03B506-EBE3-45BC-A021-897E7C7D1CAE}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{A7ECC04B-A9ED-42D1-B021-73C8EC71B456}D:\programme\musicbrainz picard\picard.exe" = protocol=6 | dir=in | app=d:\programme\musicbrainz picard\picard.exe |
"TCP Query User{BBCCDE66-35B7-4B19-A6CA-EC3DE8A9E794}D:\programme\icq\icq6.5\icq.exe" = protocol=6 | dir=in | app=d:\programme\icq\icq6.5\icq.exe |
"TCP Query User{C0138E9F-7D71-4FEA-AC87-90D72D923183}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{C5236DDA-48EB-4C0A-9DA4-B8758E3424BA}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{D3B4D646-6E9B-459D-B57F-DEF0F41248A7}D:\spiele\spore\eadm\core.exe" = protocol=6 | dir=in | app=d:\spiele\spore\eadm\core.exe |
"TCP Query User{F73FAEF9-AAA5-481F-85E7-98BB08F4B40D}C:\program files\dgs\dgsnetd.exe" = protocol=6 | dir=in | app=c:\program files\dgs\dgsnetd.exe |
"UDP Query User{192570D0-446D-400D-8DCD-0984BED180CA}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{1DF102CB-4124-4E1F-B8F2-809F2201A2B5}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{29DE9ED9-D40C-4EDE-AC9D-A1F7C58BD65C}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{2BF9BCCC-7E76-4EEF-A889-A3B1793589D0}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{398360B7-0871-4AC0-B0C0-B2CA6C728D9B}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{445F0964-0074-4B59-A59C-8F21ABE70022}C:\users\jenny\desktop\scitysetup_19235222.exe" = protocol=17 | dir=in | app=c:\users\jenny\desktop\scitysetup_19235222.exe |
"UDP Query User{51059E3C-8AC8-4A9F-9B5E-EABA4AE3775B}C:\programdata\asgvis\drspawner\drspawner.exe" = protocol=17 | dir=in | app=c:\programdata\asgvis\drspawner\drspawner.exe |
"UDP Query User{8DC30B06-87DF-452C-8F3D-A5FBF3048230}D:\spiele\spore\eadm\core.exe" = protocol=17 | dir=in | app=d:\spiele\spore\eadm\core.exe |
"UDP Query User{9B5E1074-6FCF-42E3-BE9C-82E27C864B83}D:\programme\icq\icq6.5\icq.exe" = protocol=17 | dir=in | app=d:\programme\icq\icq6.5\icq.exe |
"UDP Query User{A3335517-B7F2-43E3-A9BF-988CF3AAD971}D:\spiele\secondlifeviewer2\slvoice.exe" = protocol=17 | dir=in | app=d:\spiele\secondlifeviewer2\slvoice.exe |
"UDP Query User{A7CC504C-D2D7-4645-97A6-BCF004CC657A}C:\program files\rhinoceros 4.0\system\rhino4.exe" = protocol=17 | dir=in | app=c:\program files\rhinoceros 4.0\system\rhino4.exe |
"UDP Query User{B4A6FB27-E861-487B-BBD1-976261AF1DE4}D:\programme\musicbrainz picard\picard.exe" = protocol=17 | dir=in | app=d:\programme\musicbrainz picard\picard.exe |
"UDP Query User{C6E3F91F-D1F6-451A-BED3-6C2BD3F1B938}D:\programme\winamp\winamp.exe" = protocol=17 | dir=in | app=d:\programme\winamp\winamp.exe |
"UDP Query User{D8F48742-8BDA-4C4D-B3F9-BF9538239B4A}C:\users\jenny\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\jenny\appdata\local\akamai\netsession_win.exe |
"UDP Query User{E5E79DF0-0D00-4547-869D-39E49301D009}D:\programme\kaspersky\setup.exe" = protocol=17 | dir=in | app=d:\programme\kaspersky\setup.exe |
"UDP Query User{F9D449BE-AC3E-4599-A138-B56330A9DA7E}C:\program files\dgs\dgsnetd.exe" = protocol=17 | dir=in | app=c:\program files\dgs\dgsnetd.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01521746-02A6-4A72-00BD-A285DF6B80C6}" = Die Sims 2: Wilde Campus-Jahre
"{02602409-9189-4567-BC07-562605243B69}" = Windows Live Remote Client Resources
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.6400
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{10F498FF-5392-4DF3-8F73-FE172A9F3800}" = Winbond CIR Device Drivers
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}" = LG PC Suite II
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1D58229F-C505-45CA-8223-F35F3A34B963}" = Adobe Version Cue CS3 Server
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{342F5437-C87D-4BB5-89B9-B23E16C6A395}" = Microsoft Visual C++ 8.0 Support DLLs
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}" = Windows Live Remote Service Resources
"{3AF8C37F-696E-871C-0851-CDE980FD665E}" = Bamboo Dock
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1
"{3EB6F78A-66E3-434f-BD0E-76C7D078DB5E}" = 4500G510af_Software_Min
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{40625DE4-DCDB-44FE-84B5-E65F1365BF44}" = V-Ray for Rhinoceros
"{411E0CC3-587A-468C-B461-95FAFD05E4DE}" = Adobe InDesign CS3
"{4393DE35-AD67-4F37-95E4-30F06EA0FDB2}" = Adobe Creative Suite 3 Design Premium
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4817189D-1785-4627-A33C-39FD90919300}" = Die Sims™ 2 Haustiere
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4AA5B8A5-BEEF-4AD8-B11D-4443A042EA4F}" = Adobe Dreamweaver CS3
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{50A76A32-8D75-4839-815C-93054CFD436B}" = V-Ray for Rhinoceros
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5518E08A-2053-4A3E-85B2-F912D4666C9F}" = Adobe Setup
"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{579F16AF-AFA0-488C-BE83-71F4C92EC216}" = V-Ray for Rhinoceros
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5B63A470-9334-44D1-AF61-6CE2DB565AE9}" = Orion
"{5C2CBFFD-FC3B-4AA9-993B-CE2B8DA25B87}" = Rhinoceros 4.0
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6522C636-B04C-4333-9BEB-9E0C0B6350D6}" = Die Sims™ 2 Küchen- und Bad-Einrichtungs-Accessoires
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{67574624-BF0F-0407-AF6D-19FBD86FF7F7}" = Autodesk 3ds Max 2011 32-Bit
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6E0C3C3D-CF8A-4AEC-AD6C-B4486A96BE8E}" = Bamboo Tablets Tutorial
"{6E17F9751-F056-4335-B718-8AF1B1092AFB}" = Die Sims™ 2 IKEA® Home-Accessoires
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = Die Sims 2
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{762EBEC5-7ADC-48DC-ADDE-882616730050}" = TransType Pro
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7C32C567-DC0F-4C80-B06C-7873850A2E06}" = Die Sims - Tierisch gut drauf
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{8058F9B8-68C6-4769-A1F2-994C4529B2C6}" = V-Ray for Rhinoceros
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}" = Bricks of Egypt
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110322783}" = Big Kahuna Reef
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}" = Chuzzle
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}" = Mystery Case Files - Huntsville
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111324990}" = Kick N Rush
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111543617}" = Backspin Billiards
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111692950}" = Mahjongg Artifacts
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}" = Mystery Solitaire - Secret Island
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111872660}" = Diner Dash Flo on the Go
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112531267}" = Chicken Invaders 3
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}" = Agatha Christie Death on the Nile
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}" = Turbo Pizza
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}" = Azada
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}" = Die Sims™ 2 H&M®-Fashion-Accessoires
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}" = Die Sims™ 2 Freizeit-Spaß
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B9F50F9-BA6F-47c5-990B-76A74A1C68B0}" = 4500G510af
"{8C640345-AF96-4ABA-A697-97D2A0B8C6DB}" = Adobe Flash CS3
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92A51949-EE4C-466D-AAF0-99E74A49A63F}" = DocMgr
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{99E862CC-6F69-4D39-99AA-DBF71BF3B585}" = OpenOffice.org 3.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}" = Autodesk Material Library 2011
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam 2.0.8
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A8DF8593-F619-47DE-AD27-BCABF233433A}" = STOIK Video Converter 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-1033-F400-7760-000000000003}" = Adobe Acrobat 8 Professional - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B1899CD8-9584-4DC5-00AE-48F47CF81183}" = Die Sims 2 HomeCrafter Plus
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B6F5B704-06D3-4687-90F3-6195304AD755}" = Die Sims™ 2 Apartment-Leben
"{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3
"{BCEDD813-269C-4D8F-A4BA-01FDC66254D3}" = Adobe Flash Video Encoder
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C167A588-87AA-47BF-A88E-5B0F9A14480D}" = InterVideo DVDCopy5
"{C175D5B0-ED04-42C9-B23F-D8BD406173E7}" = 4500_G510af_Help
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C7DDA8E7-AD3D-4F51-AC1E-B0FF57002192}" = Microsoft IntelliPoint 6.3
"{C8D7A672-F697-4572-AC62-C856053A8DBC}" = Adobe Illustrator CS3
"{C98517B6-DCE9-49B7-B19E-E384178D3986}" = HP Officejet 4500 G510a-f
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CCBC3666-5199-4702-B052-2C58FCA6EFF9}" = Rhinoceros 4.0 SR4b
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe  1.4.142.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFCA7747-0813-AEBA-886F-732E1CBD79EA}" = MoodTuner
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"{D3C605D8-3A5E-4BAD-965D-2C61441BF2AC}" = Adobe Photoshop CS3
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D57F1897-D0F5-4E5F-99BA-80815B43283A}" = Rhinoceros 4.0 SR4
"{D7960C39-E3FD-4B46-8E97-A1E9D128F913}" = Rhinoceros 4.0 SR3
"{D9FE1AFC-8C6D-484F-B3FD-E50780153234}" = Evernote
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = Die Sims™ 2 Vier Jahreszeiten
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4A0225B-A975-416C-8CF7-C1C025FD32D6}" = YP-U1
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EAA38532-7AD0-4f78-918A-4F4F02096ECE}" = Die Sims™ 2 Party-Accessoires
"{ECCD28B2-8798-4D16-8126-625D728294A1}" = SPBA 5.8
"{ECEE0279-785F-4CB3-9F28-E69813234BF8}" = SPORE™ Labor Basisversion
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EF5B1E83-1403-4F0E-A8E6-C169DF0CCE8C}" = LG PC Suite II
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F248ADFA-64E0-4b03-8A83-059078BED6A0}" = Die Sims™ 2 Gute Reise
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F7529650-B9DB-481B-0089-A2AC3C2821C1}" = Die Sims 2: Nightlife
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA52513B-03C2-4631-BE42-03ACF9226179}" = Tablett
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 4.65
"Acer Acer Bio Protection 6.0.00.17" = Acer Bio Protection

AAU 6.0.00.17
"Acer GameZone Console_is1" = Acer GameZone Console 2.0.1.1
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_061850775b1c6d22bf2a145678e05e0" = Adobe Creative Suite 3 Design Premium hinzufügen oder entfernen
"Akamai" = Akamai NetSession Interface Service
"Autodesk FBX Plug-in 2011.1 - 3ds Max 2011" = Autodesk FBX Plug-in 2011.1 - 3ds Max 2011
"Avira AntiVir Desktop" = Avira Free Antivirus
"Bamboo Dock" = Bamboo Dock
"CamStudio" = CamStudio
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon RAW Codec" = Canon RAW Codec
"CCleaner" = CCleaner
"CEP - Colour Enable Packages_is1" = CEP - Color Enable Package
"CloneDVD2" = CloneDVD2
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"com.gugga.radiomini" = MoodTuner
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dark and Light1.0.14.01" = Dark and Light
"DGS Portrait2" = DGS Portrait2
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup" = DivX-Setup
"dm Fotowelt" = dm Fotowelt
"dm-Fotowelt" = dm-Fotowelt
"DPP" = Canon Utilities Digital Photo Professional 3.1
"EADM" = EA Download Manager
"EOS 20D WIA Driver" = EOS 20D WIA Driver
"EOS Utility" = Canon Utilities EOS Utility
"ESET Online Scanner" = ESET Online Scanner v3
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Flamingo 1.1" = Flamingo 1.1
"Flamingo 1.1 for Rhino 4.0" = Flamingo 1.1 for Rhino 4.0
"FoxyTunesForFirefox" = FoxyTunes for Firefox
"Fraps" = Fraps (remove only)
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free FLV Converter_is1" = Free FLV Converter V 6.98.0
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 7.0
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.14.1206
"Freez FLV to AVI/MPEG/WMV Converter v1.6_is1" = Freez FLV to AVI/MPEG/WMV Converter
"GameWiz32" = GameWiz32
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"GridVista" = Acer GridVista
"Guild Wars" = GUILD WARS
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"IcoFX_is1" = IcoFX 1.6.4
"Id3Sort Version 1.3.0.13_is1" = Id3Sort Version, 1.3.0.13
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"InstallShield_{FA52513B-03C2-4631-BE42-03ACF9226179}" = Tablett
"Lexmark X1100 Series" = Lexmark X1100 Series
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 15.0 (x86 de)" = Mozilla Firefox 15.0 (x86 de)
"Mozilla Firefox 4.0.1 (x86 de)" = Mozilla Firefox 4.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.49
"MusicBrainz Picard" = MusicBrainz Picard
"MyDefrag v4.3.1_is1" = MyDefrag v4.3.1
"myGamersCam" = myGamersCam 1.2
"NVIDIA Drivers" = NVIDIA Drivers
"Nvu_is1" = Nvu 1.0
"ODSK" = Canon Utilities Original Data Security Tools
"Pen Tablet Driver" = Bamboo
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"Ramsete III" = Ramsete III
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"Rhino RDK" = Rhino RDK
"Rhinoceros 3.0" = Rhinoceros 3.0
"RocketDock_is1" = RocketDock 1.3.5
"Shop for HP Supplies" = Shop for HP Supplies
"ST6UNST #1" = Ramsete 2.70
"Surf & E-Mail-Stick" = Surf & E-Mail-Stick
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Tomb Raider: Anniversary Demo" = Tomb Raider: Anniversary Demo 1.0
"T-Splines for Rhino" = T-Splines for Rhino
"Uninstall_is1" = Uninstall 1.0.0.1
"uTorrent" = µTorrent
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1" = Bamboo Dock
"WFTK" = Canon Utilities WFT-E1/E2/E3 Utility
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Wisdom-soft Set up ASR 3.1 Pro" = Wisdom-soft Set up ASR 3.1 Pro
"Word8.0" = Microsoft Word 97
"Zoo Tycoon 1.0" = Zoo Tycoon-Erweiterungen
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Dropbox" = Dropbox
"World of Warcraft Trial" = Probeversion von World of Warcraft
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 31.08.2012 04:18:29 | Computer Name = Kessy | Source = WinMgmt | ID = 10
Description =
 
Error - 01.09.2012 05:06:29 | Computer Name = Kessy | Source = WinMgmt | ID = 10
Description =
 
Error - 01.09.2012 05:27:04 | Computer Name = Kessy | Source = WinMgmt | ID = 10
Description =
 
Error - 01.09.2012 05:58:50 | Computer Name = Kessy | Source = WinMgmt | ID = 10
Description =
 
Error - 01.09.2012 06:38:34 | Computer Name = Kessy | Source = WinMgmt | ID = 10
Description =
 
Error - 02.09.2012 04:57:40 | Computer Name = Kessy | Source = WinMgmt | ID = 10
Description =
 
Error - 02.09.2012 05:19:53 | Computer Name = Kessy | Source = WinMgmt | ID = 10
Description =
 
Error - 02.09.2012 07:19:47 | Computer Name = Kessy | Source = WinMgmt | ID = 10
Description =
 
Error - 02.09.2012 19:03:57 | Computer Name = Kessy | Source = Application Hang | ID = 1002
Description = Programm Explorer.EXE, Version 6.0.6002.18005 arbeitet nicht mehr
mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
 "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen
über das Problem zu suchen.  Prozess-ID: f2c  Anfangszeit: 01cd88fcb88ffe9c  Zeitpunkt
 der Beendigung: 30
 
Error - 03.09.2012 04:08:54 | Computer Name = Kessy | Source = WinMgmt | ID = 10
Description =
 
[ System Events ]
Error - 01.02.2009 07:11:54 | Computer Name = Kessy | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
 \Device\NetBT_Tcpip_{58F6CE43-4FE6-4393-8EC7-B3A4A2B65993} vom Serverdienst nicht
 gebunden werden. Der Serverdienst konnte nicht gestartet werden.
 
Error - 01.02.2009 07:11:54 | Computer Name = Kessy | Source = netbt | ID = 4321
Description = Der Name "KESSY          :20" konnte nicht auf der Schnittstelle mit
 IP-Adresse 192.168.2.2  registriert werden. Der Computer mit IP-Adresse 192.168.2.3
 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.
 
Error - 01.02.2009 07:11:57 | Computer Name = Kessy | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
 \Device\NetBT_Tcpip_{58F6CE43-4FE6-4393-8EC7-B3A4A2B65993} vom Serverdienst nicht
 gebunden werden. Der Serverdienst konnte nicht gestartet werden.
 
Error - 01.02.2009 07:11:57 | Computer Name = Kessy | Source = netbt | ID = 4321
Description = Der Name "KESSY          :0" konnte nicht auf der Schnittstelle mit
 IP-Adresse 192.168.2.2  registriert werden. Der Computer mit IP-Adresse 192.168.2.3
 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.
 
Error - 01.02.2009 07:11:57 | Computer Name = Kessy | Source = netbt | ID = 4321
Description = Der Name "KESSY          :0" konnte nicht auf der Schnittstelle mit
 IP-Adresse 192.168.2.2  registriert werden. Der Computer mit IP-Adresse 192.168.2.3
 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.
 
Error - 01.02.2009 07:11:57 | Computer Name = Kessy | Source = netbt | ID = 4321
Description = Der Name "KESSY          :20" konnte nicht auf der Schnittstelle mit
 IP-Adresse 192.168.2.2  registriert werden. Der Computer mit IP-Adresse 192.168.2.3
 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.
 
Error - 01.02.2009 13:32:46 | Computer Name = Kessy | Source = HTTP | ID = 15016
Description =
 
Error - 02.02.2009 15:21:13 | Computer Name = Kessy | Source = HTTP | ID = 15016
Description =
 
Error - 03.02.2009 11:12:35 | Computer Name = Kessy | Source = HTTP | ID = 15016
Description =
 
Error - 03.02.2009 16:11:26 | Computer Name = Kessy | Source = HTTP | ID = 15016
Description =
 
 
< End of report >

Linya 03.09.2012 15:04
OTL Logfile:
Code:
OTL logfile created on: 03.09.2012 15:30:02 - Run 3
OTL by OldTimer - Version 3.2.59.1    Folder = C:\Users\Jenny\Desktop\Programme
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19298)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,99 Gb Total Physical Memory | 0,90 Gb Available Physical Memory | 29,97% Memory free
6,19 Gb Paging File | 2,91 Gb Available in Paging File | 47,07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 56,97 Gb Free Space | 39,55% Space Free | Partition Type: NTFS
Drive D: | 140,50 Gb Total Space | 6,06 Gb Free Space | 4,31% Space Free | Partition Type: NTFS
Drive G: | 495,00 Mb Total Space | 11,91 Mb Free Space | 2,41% Space Free | Partition Type: FAT32
Drive I: | 465,76 Gb Total Space | 236,58 Gb Free Space | 50,79% Space Free | Partition Type: NTFS
 
Computer Name: KESSY | User Name: Jenny | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.09.02 11:19:13 | 000,204,800 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\Jenny\AppData\Local\Temp\RtkBtMnt.exe
PRC - [2012.08.31 10:27:08 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Jenny\Desktop\Programme\OTL.exe
PRC - [2012.08.27 18:09:13 | 001,807,560 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
PRC - [2012.08.25 03:59:03 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2012.08.10 18:59:52 | 004,440,896 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Jenny\AppData\Local\Akamai\netsession_win.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.16 18:22:21 | 000,186,832 | ---- | M] (Google Inc.) -- C:\Programme\Google\Update\1.3.21.115\GoogleCrashHandler.exe
PRC - [2012.01.31 09:56:34 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.01.31 09:56:05 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.01.31 09:55:48 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.01.31 09:55:48 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.12.25 11:49:21 | 000,225,792 | ---- | M] () -- C:\Programme\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe
PRC - [2011.09.27 05:45:40 | 000,646,232 | ---- | M] () -- C:\Programme\Bamboo Dock\BambooCore.exe
PRC - [2011.09.08 17:48:34 | 005,554,552 | ---- | M] (Wacom Technology, Corp.) -- C:\Programme\Tablet\Pen\Pen_Tablet.exe
PRC - [2011.09.08 17:48:34 | 003,281,272 | ---- | M] (Wacom Technology, Corp.) -- C:\Programme\Tablet\Pen\Pen_TouchUser.exe
PRC - [2011.09.08 17:48:34 | 001,485,176 | ---- | M] (Wacom Technology, Corp.) -- C:\Programme\Tablet\Pen\Pen_TabletUser.exe
PRC - [2011.09.08 17:48:34 | 000,451,960 | ---- | M] (Wacom Technology, Corp.) -- C:\Programme\Tablet\Pen\Pen_TouchService.exe
PRC - [2011.03.28 20:31:16 | 000,193,920 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2011.03.28 20:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2010.09.02 16:55:28 | 001,045,256 | ---- | M] (Acresso Software Inc.) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2010.04.01 11:02:42 | 000,086,016 | ---- | M] () -- C:\Programme\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe
PRC - [2009.09.04 12:26:19 | 000,446,976 | ---- | M] () -- C:\Programme\DGS\dgsnetd.exe
PRC - [2009.04.11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.01.07 21:46:56 | 001,468,296 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft IntelliPoint\ipoint.exe
PRC - [2008.10.28 14:30:27 | 003,520,512 | ---- | M] (Arachnoid Biometrics Identification Group Corp.) -- C:\Programme\Acer\Acer Bio Protection\CompPtcVUI.exe
PRC - [2008.10.28 14:30:19 | 003,602,432 | ---- | M] () -- C:\Programme\Acer\Acer Bio Protection\BASVC.exe
PRC - [2008.08.01 10:51:42 | 000,405,504 | ---- | M] (Acer Inc.) -- C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe
PRC - [2008.07.24 16:54:18 | 000,167,936 | ---- | M] (CyberLink) -- C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
PRC - [2008.07.24 16:54:10 | 000,147,456 | ---- | M] (CyberLink Corp.) -- C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
PRC - [2008.07.20 11:45:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008.07.20 11:45:06 | 000,182,808 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008.07.18 17:04:36 | 000,167,936 | ---- | M] (Acer Corp.) -- C:\Programme\Acer Arcade Deluxe\PlayMovie\PMVService.exe
PRC - [2008.06.04 14:03:36 | 000,817,672 | ---- | M] (Dritek System Inc.) -- C:\Programme\Launch Manager\QtZgAcer.EXE
PRC - [2008.06.02 10:25:40 | 000,024,576 | ---- | M] () -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe
PRC - [2008.05.30 12:24:30 | 000,544,768 | ---- | M] (Acer Incorporated) -- C:\Programme\Acer\Empowering Technology\eAudio\eAudio.exe
PRC - [2008.05.14 17:05:30 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008.05.14 17:05:22 | 000,526,896 | ---- | M] (Egis Incorporated) -- C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
PRC - [2008.05.07 10:19:26 | 006,139,904 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.04.23 12:22:38 | 001,624,616 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2008.04.23 12:22:38 | 000,727,592 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008.03.25 16:25:06 | 000,050,952 | ---- | M] (UPEK Inc.) -- C:\Programme\Common Files\SPBA\upeksvr.exe
PRC - [2008.02.19 09:12:18 | 000,537,256 | ---- | M] ( ) -- C:\Windows\System32\lxbkcoms.exe
PRC - [2008.01.21 04:25:32 | 000,198,656 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\ink\InputPersonalization.exe
PRC - [2008.01.16 19:35:02 | 000,081,504 | ---- | M] () -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
PRC - [2008.01.10 18:03:00 | 000,233,472 | ---- | M] (Acer Incorporated) -- C:\Programme\Acer\Acer VCM\RS_Service.exe
PRC - [2007.12.06 16:15:28 | 000,110,592 | ---- | M] () -- C:\ACER\Mobility Center\MobilityService.exe
PRC - [2007.10.23 11:56:18 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2007.09.02 14:58:52 | 000,495,616 | ---- | M] () -- D:\Programme\RocketDock\RocketDock.exe
PRC - [2007.04.03 07:09:18 | 044,814,336 | ---- | M] (Adobe Systems, Incorporated) -- D:\Programme\CS3\Adobe Photoshop CS3\Photoshop.exe
PRC - [2007.03.26 21:27:00 | 003,758,240 | ---- | M] (Adobe Systems Incorporated) -- D:\Programme\CS3\Adobe InDesign CS3\InDesign.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.08.27 18:09:13 | 009,813,704 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_4_402_265.dll
MOD - [2012.08.25 03:59:17 | 002,242,528 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2012.06.15 10:53:01 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8bbcd31ecc8edc7d1f9cdd83ef2bb2d3\System.ServiceProcess.ni.dll
MOD - [2012.06.15 10:50:42 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll
MOD - [2012.06.15 10:50:32 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll
MOD - [2012.05.14 11:13:46 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll
MOD - [2012.05.14 10:35:28 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012.05.14 10:35:15 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
MOD - [2011.12.25 11:49:21 | 000,225,792 | ---- | M] () -- C:\Programme\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe
MOD - [2011.09.27 05:45:40 | 000,646,232 | ---- | M] () -- C:\Programme\Bamboo Dock\BambooCore.exe
MOD - [2011.09.27 05:45:40 | 000,060,504 | ---- | M] () -- C:\Programme\Bamboo Dock\BambooWinTab.dll
MOD - [2011.09.08 17:48:36 | 000,962,936 | ---- | M] () -- C:\Programme\Tablet\Pen\libxml2.dll
MOD - [2010.03.15 11:28:22 | 000,141,824 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2009.09.05 00:15:06 | 000,067,872 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009.09.04 12:26:19 | 000,446,976 | ---- | M] () -- C:\Programme\DGS\dgsnetd.exe
MOD - [2008.10.28 14:17:21 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3009.0__3036420f80dd6947\Framework.Library.dll
MOD - [2008.10.28 14:17:21 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3009.0__4df5dcab8860d239\Framework.Utility.dll
MOD - [2008.10.28 14:17:21 | 000,009,216 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3009.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll
MOD - [2008.07.24 16:54:20 | 000,757,760 | ---- | M] () -- C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMediaLibrary.dll
MOD - [2008.07.24 16:54:16 | 000,007,680 | ---- | M] () -- C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvcPS.dll
MOD - [2008.06.11 10:21:46 | 000,204,800 | ---- | M] () -- C:\Windows\System32\SysHook.dll
MOD - [2008.05.14 17:05:10 | 000,227,888 | ---- | M] () -- C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll
MOD - [2007.10.23 11:56:18 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
MOD - [2007.09.02 14:58:52 | 000,495,616 | ---- | M] () -- D:\Programme\RocketDock\RocketDock.exe
MOD - [2007.09.02 14:57:36 | 000,069,632 | ---- | M] () -- D:\Programme\RocketDock\RocketDock.dll
MOD - [2007.04.03 07:10:00 | 002,342,912 | ---- | M] () -- D:\Programme\CS3\Adobe Photoshop CS3\Photoshop.dll
MOD - [2007.04.03 07:09:18 | 000,049,152 | ---- | M] () -- D:\Programme\CS3\Adobe Photoshop CS3\QuickTimeGlue.dll
MOD - [2007.04.03 07:09:14 | 000,393,216 | ---- | M] () -- D:\Programme\CS3\Adobe Photoshop CS3\AdobeXMP.dll
MOD - [2007.03.26 00:10:46 | 001,601,536 | ---- | M] () -- D:\Programme\CS3\Adobe InDesign CS3\Plug-Ins\Filters\Sangam Readers\Reader For QuarkXPress.smrd
MOD - [2007.03.26 00:10:46 | 000,880,640 | ---- | M] () -- D:\Programme\CS3\Adobe InDesign CS3\Plug-Ins\Filters\Sangam Readers\Reader for XLSX.smrd
MOD - [2007.03.26 00:10:46 | 000,872,448 | ---- | M] () -- D:\Programme\CS3\Adobe InDesign CS3\Plug-Ins\Filters\Sangam Readers\Reader for DOCX.smrd
MOD - [2007.03.26 00:10:46 | 000,770,048 | ---- | M] () -- D:\Programme\CS3\Adobe InDesign CS3\Plug-Ins\Filters\Sangam Readers\Reader For PageMaker.smrd
MOD - [2007.03.26 00:10:44 | 000,589,824 | ---- | M] () -- D:\Programme\CS3\Adobe InDesign CS3\boost_regex-vc80-mt-1_33.dll
MOD - [2007.03.26 00:10:44 | 000,139,264 | ---- | M] () -- D:\Programme\CS3\Adobe InDesign CS3\aldfs32CJK.dll
MOD - [2007.03.26 00:10:44 | 000,039,424 | ---- | M] () -- D:\Programme\CS3\Adobe InDesign CS3\aldvm32CJK.dll
MOD - [2007.03.26 00:10:42 | 000,929,792 | ---- | M] () -- D:\Programme\CS3\Adobe InDesign CS3\SangamML.dll
MOD - [2007.03.26 00:10:40 | 000,126,976 | ---- | M] () -- D:\Programme\CS3\Adobe InDesign CS3\PMFileReader.dll
MOD - [2007.03.26 00:10:38 | 000,798,720 | ---- | M] () -- D:\Programme\CS3\Adobe InDesign CS3\HaleyRulesSPruntime.dll
MOD - [2007.03.26 00:10:38 | 000,389,120 | ---- | M] () -- D:\Programme\CS3\Adobe InDesign CS3\AdobeXMP.dll
MOD - [2007.03.26 00:10:38 | 000,039,936 | ---- | M] () -- D:\Programme\CS3\Adobe InDesign CS3\HaleyRulesSPclient4runtime.dll
MOD - [2007.03.26 00:10:38 | 000,035,840 | ---- | M] () -- D:\Programme\CS3\Adobe InDesign CS3\HScommon.dll
MOD - [2007.03.26 00:10:38 | 000,021,504 | ---- | M] () -- D:\Programme\CS3\Adobe InDesign CS3\HScommonRBtreeThreadSafe.dll
MOD - [2007.03.26 00:10:38 | 000,005,120 | ---- | M] () -- D:\Programme\CS3\Adobe InDesign CS3\HaleyRulesSPini4runtime.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2012.08.30 21:57:58 | 004,537,664 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_5891ae0.dll -- (Akamai)
SRV - [2012.08.25 03:59:11 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.01.31 09:56:05 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.01.31 09:55:48 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.11.16 18:23:44 | 000,377,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2011.09.08 17:48:34 | 005,554,552 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Programme\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen)
SRV - [2011.09.08 17:48:34 | 000,451,960 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Programme\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen)
SRV - [2011.07.20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2011.03.28 20:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.09.22 17:33:04 | 000,051,040 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.09.02 16:55:28 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Running] -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.04.01 11:02:42 | 000,086,016 | ---- | M] () [Auto | Running] -- C:\Programme\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe -- (mi-raysat_3dsmax2011_32)
SRV - [2009.09.04 12:26:19 | 000,446,976 | ---- | M] () [Auto | Running] -- C:\Programme\DGS\dgsnetd.exe -- (DGSnetd)
SRV - [2008.10.28 14:30:19 | 003,602,432 | ---- | M] () [Auto | Running] -- C:\Programme\Acer\Acer Bio Protection\BASVC.exe -- (IGBASVC)
SRV - [2008.07.20 11:45:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2008.06.02 10:25:40 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV - [2008.05.14 17:05:30 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008.02.19 09:12:18 | 000,537,256 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxbkcoms.exe -- (lxbk_device)
SRV - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.16 19:35:02 | 000,081,504 | ---- | M] () [Auto | Running] -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService)
SRV - [2008.01.10 18:03:00 | 000,233,472 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2007.12.06 16:15:28 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\ACER\Mobility Center\MobilityService.exe -- (MobilityService)
SRV - [2007.03.20 17:41:24 | 000,153,792 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Programme\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3)
SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\WacomVKHid.sys -- (WacomVKHid)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\Spiele\setups\MastelaRO Full Client\npkcrypt.sys -- (npkcrypt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012.07.25 11:23:41 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2012.01.31 09:56:33 | 000,137,416 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.01.31 09:56:33 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.09.16 17:08:07 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011.09.08 18:49:24 | 000,014,120 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2010.10.21 10:45:18 | 000,025,216 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2010.10.21 10:45:16 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2010.10.21 10:45:16 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2010.09.27 17:42:16 | 000,238,208 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\akshasp.sys -- (akshasp)
DRV - [2010.09.27 17:42:14 | 000,588,800 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\hardlock.sys -- (hardlock)
DRV - [2010.09.27 17:42:14 | 000,016,384 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\aksusb.sys -- (aksusb)
DRV - [2010.05.12 13:23:04 | 000,016,896 | ---- | M] (Danish Wireless Design A/S) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\FlashUSB.sys -- (FlashUSB)
DRV - [2009.12.07 19:53:18 | 000,103,168 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.10.08 17:55:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008.12.20 02:08:28 | 000,030,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\point32k.sys -- (Point32)
DRV - [2008.10.28 14:30:15 | 000,042,608 | ---- | M] (Alfa Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AlfaFF.sys -- (AlfaFF)
DRV - [2008.10.06 11:53:24 | 000,015,656 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV - [2008.07.18 18:23:00 | 007,545,824 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008.07.18 17:05:10 | 000,061,424 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Programme\Acer Arcade Deluxe\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})
DRV - [2008.06.25 07:05:06 | 000,044,064 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008.05.19 18:23:00 | 000,047,104 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1E60x86.sys -- (L1E)
DRV - [2008.05.05 03:05:00 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32)
DRV - [2008.01.16 19:35:08 | 000,122,368 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys -- (NTIPPKernel)
DRV - [2007.10.19 00:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007.03.28 07:51:40 | 000,043,008 | ---- | M] (Winbond Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winbondcir.sys -- (winbondcir)
DRV - [2007.02.16 11:12:36 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2007.01.26 08:32:18 | 000,069,632 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2005.11.16 16:42:48 | 000,045,056 | ---- | M] (InterVideo) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\iviVD.sys -- (iviVD)
DRV - [2001.04.09 20:45:00 | 000,008,138 | ---- | M] (Wacom Technology Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\penclass.sys -- (PenClass)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\..\SearchScopes,DefaultScope =
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7GGLL_de
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {6e764c17-863a-450f-bdd0-6772bd5aaa18}:1.0.3
FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.5
FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.12.2.44079
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: tineye@ideeinc.com:1.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: D:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10: C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.09.13 17:41:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.03.01 18:42:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.08.29 15:46:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.09.01 12:12:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\version4\components [2011.06.14 17:04:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\version4\plugins [2012.09.01 12:12:59 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.09.13 17:41:53 | 000,000,000 | ---D | M]
 
[2009.01.27 22:58:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jenny\AppData\Roaming\mozilla\Extensions
[2012.09.02 11:16:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jenny\AppData\Roaming\mozilla\Firefox\Profiles\743hbu9z.default\extensions
[2010.04.30 22:55:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jenny\AppData\Roaming\mozilla\Firefox\Profiles\743hbu9z.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.08.31 23:38:06 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Jenny\AppData\Roaming\mozilla\Firefox\Profiles\743hbu9z.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011.07.20 21:43:50 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Jenny\AppData\Roaming\mozilla\Firefox\Profiles\743hbu9z.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.03.29 21:42:53 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Jenny\AppData\Roaming\mozilla\Firefox\Profiles\743hbu9z.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.08.19 21:09:48 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Jenny\AppData\Roaming\mozilla\Firefox\Profiles\743hbu9z.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(147)
[2010.08.19 21:09:49 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Jenny\AppData\Roaming\mozilla\Firefox\Profiles\743hbu9z.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(148)
[2011.02.17 00:34:07 | 000,000,000 | ---D | M] (TinEye Reverse Image Search) -- C:\Users\Jenny\AppData\Roaming\mozilla\Firefox\Profiles\743hbu9z.default\extensions\tineye@ideeinc.com
[2012.08.28 21:44:50 | 000,001,056 | ---- | M] () -- C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\743hbu9z.default\searchplugins\icqplugin.xml
[2012.08.29 15:46:53 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.05.01 00:11:48 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\version4\extensions
[2011.05.01 00:11:48 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\version4\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012.08.31 23:21:26 | 000,527,328 | ---- | M] () (No name found) -- C:\USERS\JENNY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\743HBU9Z.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
[2011.10.29 21:09:53 | 000,434,392 | ---- | M] () (No name found) -- C:\USERS\JENNY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\743HBU9Z.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
[2012.08.25 04:00:05 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.12.09 12:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012.08.25 04:49:52 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.25 04:49:52 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.08.25 04:49:52 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.08.25 04:49:52 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.08.25 04:49:52 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.08.25 04:49:52 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.83\pdf.dll
CHR - plugin:  (Enabled) = C:\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\kolgnaidildmdbfgdnoapjdianbpajne\1.0.5_0\chromeNPAPI.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: WacomTabletPlugin (Enabled) = C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll
CHR - plugin:  Wacom Dynamic Link Library (Enabled) = C:\Program Files\TabletPlugins\npwacom.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Foxkeh Theme = C:\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdfmcddmngjdmjmhhpcnbnmnkdhpjhef\0.0.5_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Programme\CS3\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Programme\CS3\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Programme\CS3\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe_ID0EYTHM] C:\Programme\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)
O4 - HKLM..\Run: [BambooCore] C:\Programme\Bamboo Dock\BambooCore.exe ()
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [ePower_DMC] C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4 - HKLM..\Run: [eRecoveryService]  File not found
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartDGSnetd] C:\Programme\DGS\dgsnetd.exe ()
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Jenny\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [RocketDock] D:\Programme\RocketDock\RocketDock.exe ()
O4 - Startup: C:\Users\Jenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Local security authentication server.lnk =  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O8 - Extra context menu item: An vorhandenes PDF anfügen - D:\Programme\CS3\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - D:\Programme\CS3\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - D:\Programme\CS3\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - D:\Programme\CS3\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - D:\Programme\CS3\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Jenny\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: In Adobe PDF konvertieren - D:\Programme\CS3\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - D:\Programme\CS3\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - D:\Programme\CS3\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programme\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programme\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - D:\Programme\icq\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - D:\Programme\icq\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 10.5.0)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 1.7.0_05)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{58F6CE43-4FE6-4393-8EC7-B3A4A2B65993}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\base64 - No CLSID value found
O18 - Protocol\Handler\chrome - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\prox - No CLSID value found
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - (C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll) - C:\Programme\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)
O20 - Winlogon\Notify\spba: DllName - (C:\Program Files\Common Files\SPBA\homefus2.dll) - C:\Programme\Common Files\SPBA\homefus2.dll (UPEK Inc.)
O24 - Desktop WallPaper: C:\Users\Jenny\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Jenny\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.01.02 22:51:48 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - Unable to obtain root file information for disk I:\
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.09.03 13:04:24 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{E26D1630-14A1-4254-BCE9-BFDBDD6B6A52}
[2012.09.03 00:48:10 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Roaming\FloodLightGames
[2012.09.02 23:09:31 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{49DBB4BF-B7E6-4B5C-87C2-DC0D3C81C70B}
[2012.09.02 11:09:12 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{31F36D40-0C12-4DA2-8AF2-4CFAD51BD8F9}
[2012.09.01 23:08:56 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{45735C3F-401F-4CC3-B46D-F002431B2F69}
[2012.09.01 11:54:20 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.09.01 11:43:46 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2012.09.01 11:08:36 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{B128F32D-7D48-4D9A-80C0-977CA7D2C7C0}
[2012.08.31 23:04:28 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{A36FFF7C-69B7-439D-B515-AF947C1E9647}
[2012.08.31 10:22:05 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{E375D325-143A-43A7-A519-61A1C9D500B4}
[2012.08.30 22:21:48 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{FC05CAF2-DDD5-4271-B1F1-ABAEE7AEF83A}
[2012.08.30 13:35:32 | 000,000,000 | ---D | C] -- C:\Users\Jenny\Desktop\Profiles
[2012.08.30 13:08:30 | 000,000,000 | ---D | C] -- C:\Users\Jenny\Desktop\743hbu9z.default
[2012.08.30 10:21:31 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{75513B9D-D703-4963-86DD-443587B5B92D}
[2012.08.29 15:12:23 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{628E1020-0280-4559-822A-56639F0EC5A1}
[2012.08.28 11:42:12 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{A301DAB2-8D8F-4C17-83DE-F1B635D1426D}
[2012.08.27 18:08:15 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{56ECC2C0-F7FD-4E7D-8129-C97D628F6822}
[2012.08.26 19:16:27 | 000,000,000 | ---D | C] -- C:\Users\Jenny\Desktop\Neuer Ordner
[2012.08.26 09:17:46 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{F60A620D-CBA8-45CB-818D-3889C6594C09}
[2012.08.25 13:28:04 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{1E19FFD3-EF94-40D9-9A1D-12F15A50D8DE}
[2012.08.24 16:47:47 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{FC6CED50-E4BE-42D3-B2BD-473B94E3170F}
[2012.08.23 22:51:11 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{4A4EB1BB-6349-4C66-A3AE-D0BD2F5B4993}
[2012.08.23 10:50:50 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{28FB832A-91CD-48EE-BCF9-8850A31DCF5E}
[2012.08.22 10:15:52 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{8E8C1E43-278D-43D2-81F2-1B25559C3B0F}
[2012.08.21 15:21:25 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{C4F497D5-AEDD-4AE5-A7C3-4AD7CCC35962}
[2012.08.20 22:52:24 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{DDD14536-F76F-4A3F-966A-DA1B4EB7897B}
[2012.08.20 11:07:46 | 002,047,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.08.20 11:01:33 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.08.20 11:01:33 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.08.20 11:01:30 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.08.20 11:01:30 | 000,629,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.08.20 11:01:30 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2012.08.20 11:01:29 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012.08.20 11:01:29 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012.08.20 11:01:29 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012.08.20 11:01:29 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.08.20 11:01:29 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012.08.20 11:01:29 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012.08.20 11:01:29 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012.08.20 11:01:29 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012.08.20 11:01:29 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012.08.20 11:01:28 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.08.20 11:01:28 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012.08.20 11:01:28 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.08.20 11:01:28 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012.08.20 10:52:08 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{33541514-8C76-43D3-A30E-94E8599DC555}
[2012.08.19 19:55:45 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{D727D75B-CA0D-457B-B127-6205A6E544F1}
[2012.08.18 20:46:19 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{E68A5A6B-232B-4959-9392-2C2D01D5C5B3}
[2012.08.18 20:46:10 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{1ACEAB98-F114-4743-8BA5-6E718CF7F6E0}
[2012.08.17 16:08:34 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{C9D6317B-E179-4DE7-9F60-6FB1A50194E9}
[2012.08.17 16:08:29 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{3E260075-0AC8-411B-8760-2375BC11689B}
[2012.08.16 21:58:17 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{10C3ABE8-0035-4D27-A8C1-0A843606DA31}
[2012.08.16 09:58:00 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{985ABF91-167C-445D-A4DE-E0AB14E9BADD}
[2012.08.16 09:57:52 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{22783D17-7C37-48F8-9B8A-A38FE8D92C1B}
[2012.08.15 18:14:31 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{9CBD5DCB-6D5F-4055-B4EA-E516E0CC44E8}
[2012.08.15 18:14:28 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{4AC2238A-A41B-4200-B0EF-6113ACCE1FC8}
[2012.08.14 14:24:59 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{9A770879-7A13-4685-9686-525AD1987F36}
[2012.08.14 14:24:55 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{DC85DFCC-0DE1-46EE-96FB-80E1E1D05918}
[2012.08.13 19:48:51 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{8C606F86-FB55-48C5-9AF4-5A60423F5F4E}
[2012.08.13 19:48:47 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{EAB836C9-5D9D-42DB-AE85-EA2192E82A99}
[2012.08.13 07:48:21 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{1CA72312-D287-4210-B24F-1EDA7AEB2FBB}
[2012.08.13 07:48:11 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{ED896EE9-A3AC-43A7-9BE5-FE93E2A2BA25}
[2012.08.12 12:49:36 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{D89DCEFA-1351-4F58-97AE-0203DC3CA376}
[2012.08.12 12:49:31 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{EF1C9239-4DD0-4B34-B9A2-C00972C16096}
[2012.08.11 14:49:06 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{E9C74C1F-03D7-4543-A0D7-5F43F4927DF9}
[2012.08.11 14:49:03 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{1779E30E-C28C-4838-9B86-46435243D126}
[2012.08.10 17:38:15 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{B485E729-89A1-40EC-9D5C-C5BADD87FB24}
[2012.08.10 17:38:11 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{04C0137A-5BF1-4326-BE44-3EA97C5A9687}
[2012.08.09 16:13:27 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{F08F020C-1F6B-4277-B913-4FEFD912DC1C}
[2012.08.09 16:13:21 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{6538CCE4-5C76-40DB-903C-6F3198ADAB30}
[2012.08.08 16:38:32 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{7A260BEF-FD13-4865-9AA9-C80617C7FF34}
[2012.08.08 16:38:27 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{58C146BD-AA54-4F15-A340-AC69371FBA87}
[2012.08.07 21:32:48 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2012.08.07 16:47:09 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{5B2D35CB-0C5A-4952-BE52-5E175C01E43F}
[2012.08.07 16:47:05 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{80C55C10-E0C6-4A1F-9CFD-E19C5B3DCDCF}
[2012.08.06 13:06:59 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{E5ACFDF6-FF99-4258-8BD0-016094979E28}
[2012.08.06 13:06:54 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{FF6E6317-2E4F-4C1B-8D56-9903781CFCD8}
[2012.08.05 15:26:55 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{B851BA96-7EB4-4B17-ACE7-095C724C37B1}
[2012.08.05 15:26:44 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{1953354E-6BF2-46E0-BB62-746703108C7A}
[1 C:\Users\Jenny\Documents\*.tmp files -> C:\Users\Jenny\Documents\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.09.03 15:14:20 | 000,130,172 | ---- | M] () -- C:\Users\Jenny\Desktop\serk.jpg
[2012.09.03 14:16:00 | 000,000,974 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2012.09.03 14:07:36 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.03 14:07:36 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.03 13:46:00 | 000,628,992 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.09.03 13:46:00 | 000,596,246 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.09.03 13:46:00 | 000,126,704 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.09.03 13:46:00 | 000,104,320 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.09.03 10:11:08 | 000,069,885 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012.09.03 10:08:00 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2012.09.03 10:07:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.03 10:07:18 | 3215,839,232 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.03 01:04:40 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.09.03 01:03:16 | 000,069,885 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012.09.01 12:34:30 | 000,008,806 | ---- | M] () -- C:\Users\Jenny\Desktop\cc_20120901_123348.reg
[2012.08.30 14:03:29 | 000,314,008 | ---- | M] () -- C:\Users\Jenny\Desktop\bookmarks.html
[2012.08.30 13:09:57 | 000,121,230 | ---- | M] () -- C:\Users\Jenny\Desktop\bookmarks-2012-08-30.json
[2012.08.29 19:03:09 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.08.29 19:03:09 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.08.26 22:09:36 | 000,220,160 | ---- | M] () -- C:\Users\Jenny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.08.23 17:00:27 | 000,000,680 | ---- | M] () -- C:\Users\Jenny\AppData\Local\d3d9caps.dat
[2012.08.21 15:16:29 | 002,543,872 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.08.13 10:08:36 | 000,007,962 | ---- | M] () -- C:\cc_20120813_100832.reg
[2012.08.13 09:57:34 | 000,002,299 | ---- | M] () -- C:\Users\Jenny\AppData\Roaming\acervcmtmp.ini
[1 C:\Users\Jenny\Documents\*.tmp files -> C:\Users\Jenny\Documents\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.09.03 15:08:55 | 000,130,172 | ---- | C] () -- C:\Users\Jenny\Desktop\serk.jpg
[2012.09.01 12:34:18 | 000,008,806 | ---- | C] () -- C:\Users\Jenny\Desktop\cc_20120901_123348.reg
[2012.09.01 12:12:59 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012.08.30 14:03:29 | 000,314,008 | ---- | C] () -- C:\Users\Jenny\Desktop\bookmarks.html
[2012.08.30 13:09:57 | 000,121,230 | ---- | C] () -- C:\Users\Jenny\Desktop\bookmarks-2012-08-30.json
[2012.08.13 10:08:35 | 000,007,962 | ---- | C] () -- C:\cc_20120813_100832.reg
[2011.12.28 22:42:43 | 000,153,936 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2011.12.26 22:42:10 | 000,000,783 | ---- | C] () -- C:\Windows\NTIWVEDT.INI
[2011.12.23 01:03:57 | 000,032,256 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2011.12.21 20:27:57 | 000,758,018 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011.12.21 20:27:57 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011.12.21 20:27:56 | 008,676,883 | ---- | C] () -- C:\Windows\System32\NCMedia2.dll
[2011.09.06 22:41:28 | 000,000,314 | ---- | C] () -- C:\Windows\wininit.ini
[2011.07.26 14:35:22 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011.06.23 17:31:10 | 000,000,275 | ---- | C] () -- C:\Users\Jenny\AppData\Local\HamsterVideoConverterSettings.cfg
[2011.02.06 15:16:59 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
[2011.02.06 15:16:59 | 000,002,413 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
[2011.01.20 23:23:44 | 000,200,704 | ---- | C] () -- C:\Windows\System32\BongoSDK.10.v40.dll
[2011.01.04 10:56:56 | 001,630,700 | ---- | C] () -- C:\Program Files\dgs_install.zip
[2011.01.04 10:56:12 | 000,022,376 | -H-- | C] () -- C:\Users\Jenny\.sw-main934
[2011.01.04 10:56:12 | 000,002,560 | -H-- | C] () -- C:\Users\Jenny\.sw-recents
[2010.09.13 17:31:10 | 000,197,053 | ---- | C] () -- C:\Windows\hpwins27.dat
[2010.08.29 21:36:18 | 000,000,093 | ---- | C] () -- C:\Users\Jenny\AppData\Local\fusioncache.dat
[2009.12.29 03:06:59 | 000,000,680 | ---- | C] () -- C:\Users\Jenny\AppData\Local\d3d9caps.dat
[2009.02.01 13:33:46 | 000,220,160 | ---- | C] () -- C:\Users\Jenny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.01.30 21:06:56 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009.01.27 19:11:27 | 000,002,299 | ---- | C] () -- C:\Users\Jenny\AppData\Roaming\acervcmtmp.ini
[2009.01.27 18:15:05 | 000,069,885 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.01.27 18:12:48 | 000,069,885 | ---- | C] () -- C:\ProgramData\nvModes.dat
 
========== LOP Check ==========
 
[2009.02.07 01:05:03 | 000,000,000 | -HSD | M] -- C:\Users\Jenny\AppData\Roaming\.#
[2009.02.17 22:25:49 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Acer
[2008.07.30 04:10:28 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Acer GameZone Console
[2011.10.29 20:40:26 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Atari
[2011.01.30 21:58:04 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Autodesk
[2010.01.30 13:01:10 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Blender Foundation
[2011.12.25 13:04:25 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\com.gugga.radiomini
[2012.07.25 11:31:47 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\DAEMON Tools Lite
[2012.08.13 09:57:19 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Dropbox
[2011.12.22 01:22:50 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\DVDVideoSoft
[2011.07.20 21:43:41 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\DVDVideoSoftIEHelpers
[2009.01.27 18:16:29 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\eSobi
[2012.09.03 00:48:10 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\FloodLightGames
[2011.06.23 23:02:57 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\FreeFLVConverter
[2010.08.25 14:45:53 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\GetRightToGo
[2011.11.06 23:03:06 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\IcoFX
[2011.08.21 00:51:13 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\ICQ
[2009.08.30 16:45:27 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\LG Electronics
[2010.01.29 00:06:56 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Morpheus Software
[2011.10.29 23:24:11 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Mp3tag
[2011.10.29 23:11:33 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\MusicBrainz
[2011.08.13 00:21:35 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Nvu
[2009.10.14 20:36:24 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\OpenOffice.org
[2010.08.22 11:52:58 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\PlayFirst
[2010.04.01 13:05:30 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\SecondLife
[2009.08.25 00:37:43 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\SPORE Creature Creator
[2010.02.04 11:06:57 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\STOIK
[2010.05.10 22:09:07 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\TS3Client
[2010.08.29 21:53:54 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Turbine
[2012.07.24 22:09:58 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\uTorrent
[2011.12.25 11:50:07 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Wacom
[2011.12.25 11:56:55 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
[2010.10.08 12:42:01 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Windows Live Writer
[2012.09.03 01:04:44 | 000,032,530 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 101 bytes -> C:\ProgramData\Temp:8AB6C1D7

< End of report >
--- --- ---

kira 03.09.2012 15:12
** Lass dein System in der nächste Zeit noch unter Beobachtung!
wenn alles gut verlaufen ist und dein System läuft stabil,mache folgendes:

1.
Zitat:
Achtung wichtig!:
Falls Du selber im Logfile Änderungen vorgenommen hast, musst Du durch die Originalbezeichnung ersetzen und so in Script einfügen! sonst funktioniert nicht!
(Benutzerordner, dein Name oder sonstige Änderungen durch X, Stern oder andere Namen ersetzt)
Fixen mit OTL
  • Starte die OTL.exe.
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Kopiere folgendes Skript - (also beginnend mit :OTL und am Ende [emptytemp]), alles was in der Codebox steht (ohne "code"!) :
Code:
:OTL
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7GGLL_de
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
O4 - Startup: C:\Users\Jenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Local security authentication server.lnk =  File not found
[2012.09.03 14:16:00 | 000,000,974 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
@Alternate Data Stream - 101 bytes -> C:\ProgramData\Temp:8AB6C1D7

:Files
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
Zitat:
Achtung Mitleser!:
Jedes einzelne OTL-Script wird individuell auf den Benutzer abgestimmt! Diese Anleitung gilt nur auf dem hier betroffenen Rechner. Anwendung bei anderen Maschinen oder Nutzung von "selbst erstellte Scriptkombination" kann zu ernsthaften Schäden führen!
2.
Programme deinstallieren/entfernen, die wir verwendet haben und nicht brauchst, bis auf:
Code:
CCleaner
- Zeitweise laufen lassen:-> Anleitung

3.
Tool-Bereinigung mit OTL

Wir werden nun die CleanUp!-Funktion von OTL nutzen, um die meisten Programme, die wir zur Bereinigung installiert haben, wieder von Deinem System zu löschen.
  • Bitte lade Dir (falls noch nicht vorhanden) OTL von OldTimer herunter.
  • Speichere es auf Deinem Desktop.
  • Doppelklick auf OTL.exe um das Programm auszuführen.
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Klicke auf den Button "Bereinigung"
  • OTL fragt eventuell nach einem Neustart.
    Sollte es dies tun, so lasse dies bitte zu.
Anmerkung: Nach dem Neustart werden OTL und andere Helferprogramme, die Du im Laufe der Bereinigung heruntergeladen hast, nicht mehr vorhanden sein. Sie wurden entfernt. Es ist daher Ok, wenn diese Programme nicht mehr vorhanden sind. Sollten noch welche übrig geblieben sein, lösche sie manuell.

4.
Windows legt beispielsweise regelmäßig Schattenkopien an (mindestens einmal täglich), die im Notfall zur Wiederherstellung des Systems und zum Zugriff auf ältere Dateiversionen dienen. Diese Funktion belegt sehr viel Speicherplatz. Standardmäßig beträgt der für Schattenkopien reservierte Speicherplatz 15 % der Volumegröße, so dass die Systemleistung auch beeinträchtigt wird. Außerdem gelöschte und ev. schädliche Objekte, die in der Systemwiederherstellung sitzen, müssen auch entfernt werden:
Also mach bitte folgendes: also zuerst deaktivieren-> dann aktivieren - also am Ende soll wieder "aktiviert" sein!

5.
Ich würde Dir vorsichtshalber raten, dein Passwort zu ändern (man sollte alle 3-4 Monate machen)
z.B. Login-, Mail- oder Website-Passwörter
Tipps:
Die sichere Passwort-Wahl - (sollte man eigentlich regelmäßigen Abständen ca. alle 3-5 Monate ändern)
auch noch hier unter: Sicheres Kennwort (Password)

6.
► Schaue bitte nach, ob für Windows neue Update gibt?!:-> - Microsoft Update hält Ihren Computer auf dem neuesten Stand!
Internet Explorer aktualisieren: - Version 9 ist aktuell!
Du kannst gleich Windows Internet Explorer 9 installieren, um die vorhandene Version von Internet Explorer zu ersetzen:-> Internet Explorer 9
Software wie Betriebssysteme, Browser und E-Mail Clients werden laufend weiterentwickelt. Gleichzeitig arbeiten jedoch auch Hacker daran, ständig neue Sicherheitslücken zu finden und auszunutzen. Was heute noch keine Schlupflücke für Viren und Würmer ist, kann morgen bereits zur Gefahr werden, wenn der entsprechende Schädling programmiert wurde. Das führt dazu, dass es relativ häufig zu Meldungen über neue Sicherheitsanfälligkeiten kommt, auch wenn diese noch nicht durch Hacker entdeckt wurden. Denn selbstverständlich suchen auch Sicherheitsspezialisten nach potenziellen Angriffsmöglichkeiten. Updates der Softwareentwickler sorgen dafür, dass der User immer die aktuellste und sicherste Version des Betriebssystems und der installierten Software nutzen kann.


Lesestoff Nr.1:
Gib Kriminellen Handlungen keine Chance!
Zitat:
Sichere regelmäßig deine Daten (Bilder Musik, Dokumente, Mails (als Textdatei), im Browser Lesezeichen usw) auf CD/DVD, USB-Sticks oder externe Festplatten! Am besten 2x an verschiedenen Orten sichern!
  • Wie erstelle ich ein eingeschränktes Benutzerkonto?
  • Software immer auf dem neuesten Stand halten!:
    ALLE auf dem System installierten Programme und Treiber, sollten regelmäßig upgedatet werden um Sicherheitslücken zu vermeiden und um das reibungslose Arbeitsabläufe zu erreichen!
  • Firefox - FirefoxWiki/Einstellungen - Erweiterungen für Firefox
  • Sichere eMail Clients z.B. Thunderbird-->Erweiterungen für Mozilla Thunderbird
    - Unbekannten E-Mail-Anhang NICHT öffnen!
    - Mails besonders mit Anhang, nicht anklicken, sondern als Text oder in Druckversion anzeigen lassen
  • Sichere Paswort - Die sichere Passwort-Wahl - (sollte man eigentlich regelmäßigen Abständen ca. alle 3-5 Monate ändern)
    auch noch hier unter: Sicheres Kennwort (Password)
    Die fünf häufigsten Passwort-Fehler
  • "Never accept software from strangers" - Installiere grundsätzlich immer nur Programme, die Du auch wirklich benötigst und von denen Du überzeugt bist, dass sie seriös sind.
    Du hast die Wahl!, welche zusätzlichen Komponenten noch installiert werden sollen? -> Während der Installation immer mitlesen, Sponsoren und Partnerprogramme, Toolbars oder eventuell noch andere extra angebotene Programme möglichst abwählen!
    so wird oft Art von Adware/Spyware mitinstalliert!
  • NICHT irgendwelche Programme aus dem Netz laden, wenn nicht zu 100% fest steht, dass es sich dabei um saubere Software handelt. Nette Versprechen der Hersteller garantieren noch lange keine einwandfreie Funktionsweise, also vorher blättere die Seiten bei GOOGLE, da kannst Du Dir wertvolle Informationen holen!!!
  • Programme und Treiber:
    Nur vom Hersteller!
  • Onlinebanking:
    Gib deine Passwörter niemals preis!
    Seriöse Bankinstitute, E- Mail- Provider oder Online- Shops versenden grundsätzlich keine E- Mails, in denen Kunden aufgefordert werden, vertrauliche Daten wie Passwörter, Verfügernummer, PINs oder TANs preiszugeben. Bei dieser Art von E- Mails handelt es sich immer um Betrugsversuche, weshalb entsprechende Anfragen nicht beantwortet werden sollten. Sobald der Verdacht auf Betrug entsteht, melde deinen Verdacht der jeweiligen Bank- Hotline.
  • Computer, anderen (Gästen/Freunden) zur Nutzung überlassen überlassen - Nutze nur vertrauenswürdige Computer!
    Vergewissere dich, dass nur Personen deines Vertrauens deinen Computer nutzen oder verwalten und wickel niemals Bankgeschäfte über nicht vertrauenswürdige Computer - beispielsweise aus einem Internetcafé während des Urlaubs - ab
  • Wichtige Daten Regelmäßig sichern! - aber denk daran: dein Hauptsystem ist doch kein Lagerhalle!
  • Vorsicht bei der Nutzung fremder Computer und anschliessbare Externe Speichermedien wie Festplatte, USB Sticks, Speicherkarten usw![/color] - auch zeitweise anschließen und scannen lassen (sehe unter `kostenlose Online-Viren-Scanner`)
  • Webseiten ohne Gültiges Impressum nicht besuchen
    - Externe Geräte (Festplatte USB-Stick) nicht ständig am PC anschließen, sondern nur kurzfristig während Du etwas sichern möchtest
  • Lizenzkosten sparen? - Vorsicht bei Dateien/Programmen aus nicht vertrauenswürdigen Quellen! - "full Keygen, Crack, Serial, Warez, keygenerators" etc.
    Sind immer verseucht mit diverse Malware/Schadprogramme/Code, es gibt keine seite wo Viren frei ist. (Man sollte nicht absitlich der Teufel holen;)) Eine weitere höchst unsichere Quelle ist das File-Sharing der sog. (Musik-)Tauschbörse.
    ► Ausserdem machst Du dich damit strafbar!
  • Nur eine Firewall sowie ein Antiviren Programm verwenden, welche sich immer auf dem aktuellsten Stand befinden sollten!
    Das Installieren von `zuviel` Software beeinträchtigt die Systemleistung und Sicherheit, verlangsamt den Start-Vorgang enorm und belastet den Arbeitsspeicher (weil laufen ja die Programme nebeneinander gleichzeitig, die viel Performance fressen, aber wenig Qualität bringen). Im Laufe der Zeit wird der rechner durch zu viel unnötigen Ballast immer langsamer, und unsicherer. Um so mehr Programme installiert sind, um so häufiger treten Probleme auf, die dann unter Umständen nur schwer lösen können. Dazu kommt noch, das einige Programme große Sicherheitsrisiken mit sich bringen;)
  • Virenscanner
  • BSI für Bürger
  • SETI@home - [Sicherheit] Sicherheitskonzept

** Der gesunde Menschenverstand, Windows und Internet-Software sicher konfigurieren ist der beste Weg zur Sicherheit im Webverkehr ist !!
Zitat:
Da der Bestand der Datenbank wird täglich ergänzt und erweitert bzw werden mit der aktuellen Virendefinition die Informationen über den betroffenen Virus aufgenommen, empfehle ich dir mindestens einmal pro Woche (später genügt es sicherlich einmal im Monat) dein System Online Scannen lassen (immer mit einen anderen Scanner), um eine zweite Meinung einzuholen - Die auf dem Speichermedium gesicherten Daten sollten auch mit einbezogen werden!
(benutzen meist ActiveX und/oder Java): Kostenlose Online Scanner -
Lesestoff Nr.2:
► Kann sich auf Dauer eine Menge Datenmüll ansammeln, sich Fehlermeldungen häufen, der PC ist wahrscheinlich nicht mehr so schnell, wie früher:wünsch Dir alles Gute:)

Wenn Du uns unterstützen möchtest→ Spendekonto

gruß
kira

Linya 04.09.2012 10:17
Ganz lieben Dank für die Hilfe :bussi:

Scheint alles stabil zu laufen.

Code:
All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
C:\Users\Jenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Local security authentication server.lnk moved successfully.
C:\Windows\Tasks\Google Software Updater.job moved successfully.
ADS C:\ProgramData\Temp:8AB6C1D7 deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\Jenny\Desktop\Programme\cmd.bat deleted successfully.
C:\Users\Jenny\Desktop\Programme\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Jenny
->Temp folder emptied: 733778 bytes
->Temporary Internet Files folder emptied: 18672230 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 56133248 bytes
->Google Chrome cache emptied: 27823791 bytes
->Flash cache emptied: 58385 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 8526847 bytes
RecycleBin emptied: 4092242 bytes
 
Total Files Cleaned = 111,00 mb
 
 
OTL by OldTimer - Version 3.2.59.1 log created on 09042012_103805

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\hlktmp scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...


Alle Zeitangaben in WEZ +1. Es ist jetzt 15:36 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131