Hallo,
hier die Logs von Antivir:
Erster Suchlauf mit Fund: Code:
Avira Free Antivirus
Erstellungsdatum der Reportdatei: Freitag, 14. September 2012 17:01
Es wird nach 4209652 Virenstämmen gesucht.
Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.
Lizenznehmer : Avira AntiVir Personal - Free Antivirus
Seriennummer : ***
Plattform : Windows 7 Home Premium
Windowsversion : (Service Pack 1) [6.1.7601]
Boot Modus : Normal gebootet
Benutzername : SYSTEM
Computername : ***
Versionsinformationen:
BUILD.DAT : 12.0.0.1125 41829 Bytes 02.05.2012 16:34:00
AVSCAN.EXE : 12.3.0.15 466896 Bytes 12.05.2012 10:42:27
AVSCAN.DLL : 12.3.0.15 66256 Bytes 12.05.2012 10:42:27
LUKE.DLL : 12.3.0.15 68304 Bytes 12.05.2012 10:42:28
AVSCPLR.DLL : 12.3.0.14 97032 Bytes 12.05.2012 10:34:45
AVREG.DLL : 12.3.0.17 232200 Bytes 12.05.2012 10:34:41
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06.11.2009 18:18:34
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14.12.2010 09:07:39
VBASE002.VDF : 7.11.19.170 14374912 Bytes 20.12.2011 20:30:15
VBASE003.VDF : 7.11.21.238 4472832 Bytes 01.02.2012 17:16:36
VBASE004.VDF : 7.11.26.44 4329472 Bytes 28.03.2012 14:35:51
VBASE005.VDF : 7.11.34.116 4034048 Bytes 29.06.2012 08:55:56
VBASE006.VDF : 7.11.41.250 4902400 Bytes 06.09.2012 07:31:42
VBASE007.VDF : 7.11.41.251 2048 Bytes 06.09.2012 07:31:42
VBASE008.VDF : 7.11.41.252 2048 Bytes 06.09.2012 07:31:42
VBASE009.VDF : 7.11.41.253 2048 Bytes 06.09.2012 07:31:42
VBASE010.VDF : 7.11.41.254 2048 Bytes 06.09.2012 07:31:42
VBASE011.VDF : 7.11.41.255 2048 Bytes 06.09.2012 07:31:42
VBASE012.VDF : 7.11.42.0 2048 Bytes 06.09.2012 07:31:42
VBASE013.VDF : 7.11.42.1 2048 Bytes 06.09.2012 07:31:42
VBASE014.VDF : 7.11.42.65 203264 Bytes 09.09.2012 07:31:42
VBASE015.VDF : 7.11.42.125 156672 Bytes 11.09.2012 07:31:43
VBASE016.VDF : 7.11.42.171 187904 Bytes 12.09.2012 07:31:43
VBASE017.VDF : 7.11.42.172 2048 Bytes 12.09.2012 07:31:43
VBASE018.VDF : 7.11.42.173 2048 Bytes 12.09.2012 07:31:43
VBASE019.VDF : 7.11.42.174 2048 Bytes 12.09.2012 07:31:43
VBASE020.VDF : 7.11.42.175 2048 Bytes 12.09.2012 07:31:43
VBASE021.VDF : 7.11.42.176 2048 Bytes 12.09.2012 07:31:43
VBASE022.VDF : 7.11.42.177 2048 Bytes 12.09.2012 07:31:43
VBASE023.VDF : 7.11.42.178 2048 Bytes 12.09.2012 07:31:43
VBASE024.VDF : 7.11.42.179 2048 Bytes 12.09.2012 07:31:43
VBASE025.VDF : 7.11.42.180 2048 Bytes 12.09.2012 07:31:43
VBASE026.VDF : 7.11.42.181 2048 Bytes 12.09.2012 07:31:43
VBASE027.VDF : 7.11.42.182 2048 Bytes 12.09.2012 07:31:43
VBASE028.VDF : 7.11.42.183 2048 Bytes 12.09.2012 07:31:43
VBASE029.VDF : 7.11.42.184 2048 Bytes 12.09.2012 07:31:44
VBASE030.VDF : 7.11.42.185 2048 Bytes 12.09.2012 07:31:44
VBASE031.VDF : 7.11.42.214 77312 Bytes 13.09.2012 07:31:44
Engineversion : 8.2.10.158
AEVDF.DLL : 8.1.2.10 102772 Bytes 08.08.2012 12:42:51
AESCRIPT.DLL : 8.1.4.48 459130 Bytes 13.09.2012 07:31:47
AESCN.DLL : 8.1.8.2 131444 Bytes 27.01.2012 16:09:40
AESBX.DLL : 8.2.5.12 606578 Bytes 20.06.2012 07:31:45
AERDL.DLL : 8.1.9.15 639348 Bytes 08.09.2011 21:16:06
AEPACK.DLL : 8.3.0.34 811383 Bytes 13.09.2012 07:31:47
AEOFFICE.DLL : 8.1.2.42 201083 Bytes 08.08.2012 12:42:50
AEHEUR.DLL : 8.1.4.96 5267830 Bytes 13.09.2012 07:31:46
AEHELP.DLL : 8.1.23.2 258422 Bytes 29.06.2012 09:23:17
AEGEN.DLL : 8.1.5.36 434549 Bytes 24.08.2012 07:31:38
AEEXP.DLL : 8.1.0.86 90484 Bytes 13.09.2012 07:31:47
AEEMU.DLL : 8.1.3.2 393587 Bytes 08.08.2012 12:42:48
AECORE.DLL : 8.1.27.4 201078 Bytes 08.08.2012 12:42:47
AEBB.DLL : 8.1.1.0 53618 Bytes 01.09.2011 21:46:01
AVWINLL.DLL : 12.3.0.15 27344 Bytes 12.05.2012 10:42:27
AVPREF.DLL : 12.3.0.15 51920 Bytes 12.05.2012 10:42:27
AVREP.DLL : 12.3.0.15 179208 Bytes 12.05.2012 10:34:44
AVARKT.DLL : 12.3.0.15 211408 Bytes 12.05.2012 10:42:27
AVEVTLOG.DLL : 12.3.0.15 169168 Bytes 12.05.2012 10:42:27
SQLITE3.DLL : 3.7.0.1 398288 Bytes 12.05.2012 10:42:28
AVSMTP.DLL : 12.3.0.15 63440 Bytes 12.05.2012 10:42:27
NETNT.DLL : 12.3.0.15 17104 Bytes 12.05.2012 10:42:28
RCIMAGE.DLL : 12.3.0.15 4447952 Bytes 12.05.2012 10:42:27
RCTEXT.DLL : 12.3.0.15 98512 Bytes 12.05.2012 10:42:27
Konfiguration für den aktuellen Suchlauf:
Job Name..............................: AVGuardAsyncScan
Konfigurationsdatei...................: C:\ProgramData\Avira\AntiVir Desktop\TEMP\AVGUARD_5052e388\guard_slideup.avp
Protokollierung.......................: standard
Primäre Aktion........................: interaktiv
Sekundäre Aktion......................: quarantäne
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: aus
Durchsuche aktive Programme...........: ein
Durchsuche Registrierung..............: aus
Suche nach Rootkits...................: aus
Integritätsprüfung von Systemdateien..: aus
Datei Suchmodus.......................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: vollständig
Beginn des Suchlaufs: Freitag, 14. September 2012 17:01
Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'avscan.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'Setup.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'FlashPlayerPlugin_11_4_402_265.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'FlashPlayerPlugin_11_4_402_265.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'plugin-container.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'Traktor.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'AdobeARM.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'firefox.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'GoogleToolbarNotifier.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'SDWinSec.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'PsiService_2.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'eEBSVC.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '1' Modul(e) wurden durchsucht
Der Suchlauf über die ausgewählten Dateien wird begonnen:
Beginne mit der Suche in 'C:\Users\***\Desktop\AutoCad\support\CADManager\Program Files\Autodesk\CAD Manager Tools\AdPMXML.dll'
C:\Users\***\Desktop\AutoCad\support\CADManager\Program Files\Autodesk\CAD Manager Tools\AdPMXML.dll
[FUND] Ist das Trojanische Pferd TR/Spy.Banker.Gen
Beginne mit der Desinfektion:
C:\Users\***\Desktop\AutoCad\support\CADManager\Program Files\Autodesk\CAD Manager Tools\AdPMXML.dll
[FUND] Ist das Trojanische Pferd TR/Spy.Banker.Gen
[WARNUNG] Die Datei wurde ignoriert.
Ende des Suchlaufs: Freitag, 14. September 2012 17:03
Benötigte Zeit: 00:00 Minute(n)
Der Suchlauf wurde vollständig durchgeführt.
0 Verzeichnisse wurden überprüft
17 Dateien wurden geprüft
1 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
0 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
16 Dateien ohne Befall
0 Archive wurden durchsucht
1 Warnungen
0 Hinweise
Die Suchergebnisse werden an den Guard übermittelt.
Zweiter Fund: Code:
Avira Free Antivirus
Erstellungsdatum der Reportdatei: Freitag, 14. September 2012 17:05
Es wird nach 4209652 Virenstämmen gesucht.
Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.
Lizenznehmer : Avira AntiVir Personal - Free Antivirus
Seriennummer : ***
Plattform : Windows 7 Home Premium
Windowsversion : (Service Pack 1) [6.1.7601]
Boot Modus : Normal gebootet
Benutzername : ***
Computername : ***
Versionsinformationen:
BUILD.DAT : 12.0.0.1125 Bytes 02.05.2012 16:34:00
AVSCAN.EXE : 12.3.0.15 466896 Bytes 12.05.2012 10:42:27
AVSCAN.DLL : 12.3.0.15 66256 Bytes 12.05.2012 10:42:27
LUKE.DLL : 12.3.0.15 68304 Bytes 12.05.2012 10:42:28
AVSCPLR.DLL : 12.3.0.14 97032 Bytes 12.05.2012 10:34:45
AVREG.DLL : 12.3.0.17 232200 Bytes 12.05.2012 10:34:41
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06.11.2009 18:18:34
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14.12.2010 09:07:39
VBASE002.VDF : 7.11.19.170 14374912 Bytes 20.12.2011 20:30:15
VBASE003.VDF : 7.11.21.238 4472832 Bytes 01.02.2012 17:16:36
VBASE004.VDF : 7.11.26.44 4329472 Bytes 28.03.2012 14:35:51
VBASE005.VDF : 7.11.34.116 4034048 Bytes 29.06.2012 08:55:56
VBASE006.VDF : 7.11.41.250 4902400 Bytes 06.09.2012 07:31:42
VBASE007.VDF : 7.11.41.251 2048 Bytes 06.09.2012 07:31:42
VBASE008.VDF : 7.11.41.252 2048 Bytes 06.09.2012 07:31:42
VBASE009.VDF : 7.11.41.253 2048 Bytes 06.09.2012 07:31:42
VBASE010.VDF : 7.11.41.254 2048 Bytes 06.09.2012 07:31:42
VBASE011.VDF : 7.11.41.255 2048 Bytes 06.09.2012 07:31:42
VBASE012.VDF : 7.11.42.0 2048 Bytes 06.09.2012 07:31:42
VBASE013.VDF : 7.11.42.1 2048 Bytes 06.09.2012 07:31:42
VBASE014.VDF : 7.11.42.65 203264 Bytes 09.09.2012 07:31:42
VBASE015.VDF : 7.11.42.125 156672 Bytes 11.09.2012 07:31:43
VBASE016.VDF : 7.11.42.171 187904 Bytes 12.09.2012 07:31:43
VBASE017.VDF : 7.11.42.172 2048 Bytes 12.09.2012 07:31:43
VBASE018.VDF : 7.11.42.173 2048 Bytes 12.09.2012 07:31:43
VBASE019.VDF : 7.11.42.174 2048 Bytes 12.09.2012 07:31:43
VBASE020.VDF : 7.11.42.175 2048 Bytes 12.09.2012 07:31:43
VBASE021.VDF : 7.11.42.176 2048 Bytes 12.09.2012 07:31:43
VBASE022.VDF : 7.11.42.177 2048 Bytes 12.09.2012 07:31:43
VBASE023.VDF : 7.11.42.178 2048 Bytes 12.09.2012 07:31:43
VBASE024.VDF : 7.11.42.179 2048 Bytes 12.09.2012 07:31:43
VBASE025.VDF : 7.11.42.180 2048 Bytes 12.09.2012 07:31:43
VBASE026.VDF : 7.11.42.181 2048 Bytes 12.09.2012 07:31:43
VBASE027.VDF : 7.11.42.182 2048 Bytes 12.09.2012 07:31:43
VBASE028.VDF : 7.11.42.183 2048 Bytes 12.09.2012 07:31:43
VBASE029.VDF : 7.11.42.184 2048 Bytes 12.09.2012 07:31:44
VBASE030.VDF : 7.11.42.185 2048 Bytes 12.09.2012 07:31:44
VBASE031.VDF : 7.11.42.214 77312 Bytes 13.09.2012 07:31:44
Engineversion : 8.2.10.158
AEVDF.DLL : 8.1.2.10 102772 Bytes 08.08.2012 12:42:51
AESCRIPT.DLL : 8.1.4.48 459130 Bytes 13.09.2012 07:31:47
AESCN.DLL : 8.1.8.2 131444 Bytes 27.01.2012 16:09:40
AESBX.DLL : 8.2.5.12 606578 Bytes 20.06.2012 07:31:45
AERDL.DLL : 8.1.9.15 639348 Bytes 08.09.2011 21:16:06
AEPACK.DLL : 8.3.0.34 811383 Bytes 13.09.2012 07:31:47
AEOFFICE.DLL : 8.1.2.42 201083 Bytes 08.08.2012 12:42:50
AEHEUR.DLL : 8.1.4.96 5267830 Bytes 13.09.2012 07:31:46
AEHELP.DLL : 8.1.23.2 258422 Bytes 29.06.2012 09:23:17
AEGEN.DLL : 8.1.5.36 434549 Bytes 24.08.2012 07:31:38
AEEXP.DLL : 8.1.0.86 90484 Bytes 13.09.2012 07:31:47
AEEMU.DLL : 8.1.3.2 393587 Bytes 08.08.2012 12:42:48
AECORE.DLL : 8.1.27.4 201078 Bytes 08.08.2012 12:42:47
AEBB.DLL : 8.1.1.0 53618 Bytes 01.09.2011 21:46:01
AVWINLL.DLL : 12.3.0.15 27344 Bytes 12.05.2012 10:42:27
AVPREF.DLL : 12.3.0.15 51920 Bytes 12.05.2012 10:42:27
AVREP.DLL : 12.3.0.15 179208 Bytes 12.05.2012 10:34:44
AVARKT.DLL : 12.3.0.15 211408 Bytes 12.05.2012 10:42:27
AVEVTLOG.DLL : 12.3.0.15 169168 Bytes 12.05.2012 10:42:27
SQLITE3.DLL : 3.7.0.1 398288 Bytes 12.05.2012 10:42:28
AVSMTP.DLL : 12.3.0.15 63440 Bytes 12.05.2012 10:42:27
NETNT.DLL : 12.3.0.15 17104 Bytes 12.05.2012 10:42:28
RCIMAGE.DLL : 12.3.0.15 4447952 Bytes 12.05.2012 10:42:27
RCTEXT.DLL : 12.3.0.15 98512 Bytes 12.05.2012 10:42:27
Konfiguration für den aktuellen Suchlauf:
Job Name..............................: ShlExt
Konfigurationsdatei...................: C:\Users\***\AppData\Local\Temp\01e399c1.avp
Protokollierung.......................: standard
Primäre Aktion........................: interaktiv
Sekundäre Aktion......................: ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:,
Durchsuche aktive Programme...........: aus
Durchsuche Registrierung..............: aus
Suche nach Rootkits...................: aus
Integritätsprüfung von Systemdateien..: aus
Datei Suchmodus.......................: Intelligente Dateiauswahl
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert
Beginn des Suchlaufs: Freitag, 14. September 2012 17:05
Der Suchlauf über die ausgewählten Dateien wird begonnen:
Beginne mit der Suche in 'C:\Users\***\Desktop\AutoCad'
C:\Users\***\Desktop\AutoCad\support\CADManager\Program Files\Autodesk\CAD Manager Tools\AdPMXML.dll
[FUND] Ist das Trojanische Pferd TR/Spy.Banker.Gen
Beginne mit der Desinfektion:
C:\Users\***\Desktop\AutoCad\support\CADManager\Program Files\Autodesk\CAD Manager Tools\AdPMXML.dll
[FUND] Ist das Trojanische Pferd TR/Spy.Banker.Gen
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '5696e5ae.qua' verschoben!
Ende des Suchlaufs: Freitag, 14. September 2012 17:07
Benötigte Zeit: 00:49 Minute(n)
Der Suchlauf wurde vollständig durchgeführt.
157 Verzeichnisse wurden überprüft
39329 Dateien wurden geprüft
1 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
1 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
39328 Dateien ohne Befall
74 Archive wurden durchsucht
0 Warnungen
1 Hinweise
Und der dritte und damit auch letzte: Code:
Avira Free Antivirus
Erstellungsdatum der Reportdatei: Freitag, 14. September 2012 18:36
Es wird nach 4217448 Virenstämmen gesucht.
Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.
Lizenznehmer : Avira AntiVir Personal - Free Antivirus
Seriennummer : ***
Plattform : Windows 7 Home Premium
Windowsversion : (Service Pack 1) [6.1.7601]
Boot Modus : Normal gebootet
Benutzername : ***
Computername : ***
Versionsinformationen:
BUILD.DAT : 12.0.0.1125 41829 Bytes 02.05.2012 16:34:00
AVSCAN.EXE : 12.3.0.15 466896 Bytes 12.05.2012 10:42:27
AVSCAN.DLL : 12.3.0.15 66256 Bytes 12.05.2012 10:42:27
LUKE.DLL : 12.3.0.15 68304 Bytes 12.05.2012 10:42:28
AVSCPLR.DLL : 12.3.0.14 97032 Bytes 12.05.2012 10:34:45
AVREG.DLL : 12.3.0.17 232200 Bytes 12.05.2012 10:34:41
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06.11.2009 18:18:34
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14.12.2010 09:07:39
VBASE002.VDF : 7.11.19.170 14374912 Bytes 20.12.2011 20:30:15
VBASE003.VDF : 7.11.21.238 4472832 Bytes 01.02.2012 17:16:36
VBASE004.VDF : 7.11.26.44 4329472 Bytes 28.03.2012 14:35:51
VBASE005.VDF : 7.11.34.116 4034048 Bytes 29.06.2012 08:55:56
VBASE006.VDF : 7.11.41.250 4902400 Bytes 06.09.2012 07:31:42
VBASE007.VDF : 7.11.41.251 2048 Bytes 06.09.2012 07:31:42
VBASE008.VDF : 7.11.41.252 2048 Bytes 06.09.2012 07:31:42
VBASE009.VDF : 7.11.41.253 2048 Bytes 06.09.2012 07:31:42
VBASE010.VDF : 7.11.41.254 2048 Bytes 06.09.2012 07:31:42
VBASE011.VDF : 7.11.41.255 2048 Bytes 06.09.2012 07:31:42
VBASE012.VDF : 7.11.42.0 2048 Bytes 06.09.2012 07:31:42
VBASE013.VDF : 7.11.42.1 2048 Bytes 06.09.2012 07:31:42
VBASE014.VDF : 7.11.42.65 203264 Bytes 09.09.2012 07:31:42
VBASE015.VDF : 7.11.42.125 156672 Bytes 11.09.2012 07:31:43
VBASE016.VDF : 7.11.42.171 187904 Bytes 12.09.2012 07:31:43
VBASE017.VDF : 7.11.42.235 141312 Bytes 13.09.2012 15:15:54
VBASE018.VDF : 7.11.42.236 2048 Bytes 13.09.2012 15:15:54
VBASE019.VDF : 7.11.42.237 2048 Bytes 13.09.2012 15:15:55
VBASE020.VDF : 7.11.42.238 2048 Bytes 13.09.2012 15:15:55
VBASE021.VDF : 7.11.42.239 2048 Bytes 13.09.2012 15:15:55
VBASE022.VDF : 7.11.42.240 2048 Bytes 13.09.2012 15:15:55
VBASE023.VDF : 7.11.42.241 2048 Bytes 13.09.2012 15:15:55
VBASE024.VDF : 7.11.42.242 2048 Bytes 13.09.2012 15:15:55
VBASE025.VDF : 7.11.42.243 2048 Bytes 13.09.2012 15:15:55
VBASE026.VDF : 7.11.42.244 2048 Bytes 13.09.2012 15:15:55
VBASE027.VDF : 7.11.42.245 2048 Bytes 13.09.2012 15:15:55
VBASE028.VDF : 7.11.42.246 2048 Bytes 13.09.2012 15:15:55
VBASE029.VDF : 7.11.42.247 2048 Bytes 13.09.2012 15:15:55
VBASE030.VDF : 7.11.42.248 2048 Bytes 13.09.2012 15:15:55
VBASE031.VDF : 7.11.43.20 64512 Bytes 14.09.2012 15:15:55
Engineversion : 8.2.10.162
AEVDF.DLL : 8.1.2.10 102772 Bytes 08.08.2012 12:42:51
AESCRIPT.DLL : 8.1.4.52 459131 Bytes 14.09.2012 15:15:58
AESCN.DLL : 8.1.8.2 131444 Bytes 27.01.2012 16:09:40
AESBX.DLL : 8.2.5.12 606578 Bytes 20.06.2012 07:31:45
AERDL.DLL : 8.1.9.15 639348 Bytes 08.09.2011 21:16:06
AEPACK.DLL : 8.3.0.36 811382 Bytes 14.09.2012 15:15:58
AEOFFICE.DLL : 8.1.2.42 201083 Bytes 08.08.2012 12:42:50
AEHEUR.DLL : 8.1.4.100 5280120 Bytes 14.09.2012 15:15:57
AEHELP.DLL : 8.1.23.2 258422 Bytes 29.06.2012 09:23:17
AEGEN.DLL : 8.1.5.36 434549 Bytes 24.08.2012 07:31:38
AEEXP.DLL : 8.1.0.86 90484 Bytes 13.09.2012 07:31:47
AEEMU.DLL : 8.1.3.2 393587 Bytes 08.08.2012 12:42:48
AECORE.DLL : 8.1.27.4 201078 Bytes 08.08.2012 12:42:47
AEBB.DLL : 8.1.1.0 53618 Bytes 01.09.2011 21:46:01
AVWINLL.DLL : 12.3.0.15 27344 Bytes 12.05.2012 10:42:27
AVPREF.DLL : 12.3.0.15 51920 Bytes 12.05.2012 10:42:27
AVREP.DLL : 12.3.0.15 179208 Bytes 12.05.2012 10:34:44
AVARKT.DLL : 12.3.0.15 211408 Bytes 12.05.2012 10:42:27
AVEVTLOG.DLL : 12.3.0.15 169168 Bytes 12.05.2012 10:42:27
SQLITE3.DLL : 3.7.0.1 398288 Bytes 12.05.2012 10:42:28
AVSMTP.DLL : 12.3.0.15 63440 Bytes 12.05.2012 10:42:27
NETNT.DLL : 12.3.0.15 17104 Bytes 12.05.2012 10:42:28
RCIMAGE.DLL : 12.3.0.15 4447952 Bytes 12.05.2012 10:42:27
RCTEXT.DLL : 12.3.0.15 98512 Bytes 12.05.2012 10:42:27
Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Suche nach Rootkits und aktiver Malware
Konfigurationsdatei...................: C:\ProgramData\Avira\AntiVir Desktop\PROFILES\rootkit.avp
Protokollierung.......................: standard
Primäre Aktion........................: interaktiv
Sekundäre Aktion......................: ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Datei Suchmodus.......................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: vollständig
Beginn des Suchlaufs: Freitag, 14. September 2012 18:36
Der Suchlauf nach versteckten Objekten wird begonnen.
Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'avscan.exe' - '79' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmplayer.exe' - '121' Modul(e) wurden durchsucht
Durchsuche Prozess 'Traktor.exe' - '81' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '123' Modul(e) wurden durchsucht
Durchsuche Prozess 'AdobeARM.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '77' Modul(e) wurden durchsucht
Durchsuche Prozess 'GoogleToolbarNotifier.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'SDWinSec.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'PsiService_2.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '73' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'eEBSVC.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '42' Modul(e) wurden durchsucht
Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '3374' Dateien ).
Der Suchlauf über die ausgewählten Dateien wird begonnen:
Beginne mit der Suche in 'C:' <Boot>
C:\$RECYCLE.BIN\S-1-5-21-3287205929-1968251382-2339449275-1006\$RVBD2B0.zip
[WARNUNG] Mögliche Archivbombe: die Maximale Entpackgrösse wurde überschritten.
C:\Program Files\Auto_CAD_2006\AutoCAD2006.rar
[0] Archivtyp: RAR
--> AutoCAD2006\support\CADManager\Program Files\Autodesk\CAD Manager Tools\AdPMXML.dll
[FUND] Ist das Trojanische Pferd TR/Spy.Banker.Gen
C:\Program Files (x86)\WinRAR\rarnew.dat
[WARNUNG] Das Archiv ist unbekannt oder defekt
C:\ProgramData\Microsoft\WLSetup\CabLogs\Logs.CAB
[WARNUNG] Einige Dateien dieses Archives sind auf mehrere Teilarchive verteilt (multiple volume)
C:\ProgramData\Microsoft\WLSetup\CabLogs\Logs2.CAB
[WARNUNG] Einige Dateien dieses Archives sind auf mehrere Teilarchive verteilt (multiple volume)
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2540Z59D\OOo_3.3.0_Win_x86_install-wJRE_de[1].exe
[WARNUNG] Unerwartetes Dateiende erreicht
Beginne mit der Desinfektion:
C:\Program Files\Auto_CAD_2006\AutoCAD2006.rar
[FUND] Ist das Trojanische Pferd TR/Spy.Banker.Gen
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '57b0d615.qua' verschoben!
Ende des Suchlaufs: Freitag, 14. September 2012 20:04
Benötigte Zeit: 1:27:59 Stunde(n)
Der Suchlauf wurde vollständig durchgeführt.
41121 Verzeichnisse wurden überprüft
783017 Dateien wurden geprüft
1 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
1 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
783016 Dateien ohne Befall
18327 Archive wurden durchsucht
5 Warnungen
1 Hinweise
871672 Objekte wurden beim Rootkitscan durchsucht
0 Versteckte Objekte wurden gefunden
Und noch ein aktueller OTL Log:***
OTL Logfile: Code:
OTL logfile created on: 17.09.2012 17:12:27 - Run 5
OTL by OldTimer - Version 3.2.61.5 Folder = C:\Users\***\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,49 Gb Total Physical Memory | 1,87 Gb Available Physical Memory | 53,48% Memory free
6,98 Gb Paging File | 5,36 Gb Available in Paging File | 76,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 890,41 Gb Total Space | 814,81 Gb Free Space | 91,51% Space Free | Partition Type: NTFS
Drive D: | 40,00 Gb Total Space | 12,88 Gb Free Space | 32,21% Space Free | Partition Type: NTFS
Computer Name: *** | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Christian\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe (SEIKO EPSON CORPORATION)
========== Modules (No Company Name) ==========
========== Services (SafeList) ==========
SRV:64bit: - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (PSI_SVC_2) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ABBYY.Licensing.FineReader.Sprint.9.0) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)
SRV - (EpsonBidirectionalService) -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe (SEIKO EPSON CORPORATION)
========== Driver Services (SafeList) ==========
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (dc3d) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (amd_sata) -- C:\Windows\SysNative\drivers\amd_sata.sys (Advanced Micro Devices)
DRV:64bit: - (amd_xata) -- C:\Windows\SysNative\drivers\amd_xata.sys (Advanced Micro Devices)
DRV:64bit: - (a2djavs) -- C:\Windows\SysNative\drivers\a2djavs.sys (Native Instruments GmbH)
DRV:64bit: - (a2djusb_svc) -- C:\Windows\SysNative\drivers\a2djusb.sys (Native Instruments GmbH)
DRV:64bit: - (NuidFltr) -- C:\Windows\SysNative\drivers\nuidfltr.sys (Microsoft Corporation)
DRV:64bit: - (FTDIBUS) -- C:\Windows\SysNative\drivers\ftdibus.sys (FTDI Ltd.)
DRV:64bit: - (FTSER2K) -- C:\Windows\SysNative\drivers\ftser2k.sys (FTDI Ltd.)
DRV:64bit: - (amdxhc) -- C:\Windows\SysNative\drivers\amdxhc.sys (Advanced Micro Devices, INC.)
DRV:64bit: - (amdhub30) -- C:\Windows\SysNative\drivers\amdhub30.sys (Advanced Micro Devices, INC.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV:64bit: - (RTL8192su) -- C:\Windows\SysNative\drivers\RTL8192su.sys (Realtek Semiconductor Corporation )
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (TuneUpUtilitiesDrv) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV:64bit: - (wsvd) -- C:\Windows\SysNative\drivers\wsvd.sys (CyberLink)
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3287205929-1968251382-2339449275-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
IE - HKU\S-1-5-21-3287205929-1968251382-2339449275-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3287205929-1968251382-2339449275-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com
IE - HKU\S-1-5-21-3287205929-1968251382-2339449275-1006\..\SearchScopes,DefaultScope = {E4A79384-057F-4A7F-8EA0-2F55358BE7B2}
IE - HKU\S-1-5-21-3287205929-1968251382-2339449275-1006\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-3287205929-1968251382-2339449275-1006\..\SearchScopes\{E4A79384-057F-4A7F-8EA0-2F55358BE7B2}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNE_enDE393
IE - HKU\S-1-5-21-3287205929-1968251382-2339449275-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: battlefieldheroespatcher@ea.com:5.0.127.0
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
[2011.10.03 16:02:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2012.07.25 18:39:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\yjlq9d5x.default\extensions
[2011.11.27 14:05:29 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\yjlq9d5x.default\extensions\battlefieldheroespatcher@ea.com
[2012.07.25 18:39:52 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\yjlq9d5x.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
O1 HOSTS File: ([2012.05.05 19:04:15 | 000,442,891 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 15215 more lines...
O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3:64bit: - HKU\S-1-5-21-3287205929-1968251382-2339449275-1006\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3287205929-1968251382-2339449275-1006..\Run: [Epson Stylus SX620FW(Netzwerk)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGBE.EXE /FU "C:\Users\CHRIST~1\AppData\Local\Temp\E_S2230.tmp" /EF "HKCU" File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O9:64bit: - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9:64bit: - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E402F878-83D6-4346-B616-4923CEF8C0AC}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\bonus.screenshotreader.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27:64bit: - HKLM IFEO\dspreadme.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27:64bit: - HKLM IFEO\eprojmanager.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27:64bit: - HKLM IFEO\fufaxcnt.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27:64bit: - HKLM IFEO\isoviewer.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27:64bit: - HKLM IFEO\Power2Go.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27:64bit: - HKLM IFEO\power2goexpress.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27:64bit: - HKLM IFEO\sprint.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\bonus.screenshotreader.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\dspreadme.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\eprojmanager.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\fufaxcnt.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\isoviewer.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\Power2Go.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\power2goexpress.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\sprint.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (ʁ)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.09.16 17:40:49 | 000,600,064 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2012.09.15 13:08:42 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{16A4449A-CBCB-4224-BD15-6A3245D5BC4C}
[2012.09.14 17:15:35 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Diagnostics
[2012.09.14 16:57:30 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\WinRAR
[2012.09.14 16:57:30 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.09.14 16:57:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.09.14 16:57:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2012.09.13 09:10:21 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{BF722B94-3AB1-43A9-B130-C264553459B1}
[2012.09.12 21:09:58 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{26107EE2-8DD5-40E9-89CB-4F4FC592C962}
[2012.09.12 10:59:41 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012.09.12 10:59:41 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2012.09.12 10:59:40 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012.09.12 10:59:40 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012.09.10 20:29:08 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{C1729003-CCCD-47F7-AC26-BC4FF716282E}
[2012.09.09 14:36:29 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{A300A8DB-52AE-4715-BB4D-DE728661F6C6}
[2012.09.06 15:32:48 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{5FCE7F01-B9E8-46B6-9AF7-38C8AB37B473}
[2012.09.04 17:55:47 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{3557B9A6-49EA-4924-AD98-FE79459D9E6B}
[2012.09.04 17:52:14 | 042,356,040 | ---- | C] (Native Instruments Software Synthesis GmbH) -- C:\Users\Christian\Desktop\Traktor.exe
[2012.09.03 20:32:32 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{F0F4392A-0E28-4C1A-97AB-A8D3D176557C}
[2012.09.03 19:13:50 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Native Instruments
[2012.09.03 18:55:29 | 000,000,000 | -H-D | C] -- C:\ProgramData\{319ED009-B56A-47C2-A1CA-7E991F389039}
[2012.09.03 18:55:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Native Instruments
[2012.09.03 18:55:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
[2012.09.03 18:55:28 | 000,000,000 | ---D | C] -- C:\Program Files\Native Instruments
[2012.09.03 16:16:48 | 000,000,000 | R--D | C] -- C:\Users\***\Desktop\Neuer Ordner (2)
[2012.09.03 16:03:39 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Neuer Ordner
[2012.08.27 19:54:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CadStd
[2012.08.27 19:54:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apperson
[2012.08.27 19:29:42 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\FreeCAD
[2012.08.27 19:29:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeCAD 0.12
[2012.08.27 19:29:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreeCAD0.12
[2012.08.27 19:25:04 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{2EF87A52-16FE-4AE8-ACA5-50438853DE7C}
[2012.08.26 13:54:22 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{DB7CC0A8-2B58-406D-97C0-11622F74A15E}
[2012.08.24 16:39:47 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{54D7604F-2CAA-4686-8E54-50B275F0551F}
[2012.08.23 16:07:05 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{A33B1A95-7E04-4F6E-9513-8366AE5B6610}
[2012.08.21 20:07:50 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{FE71B6D1-7C68-4AAD-BD89-95C5BF6B4963}
[2012.08.20 17:29:33 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{430FF61B-35E3-4C9C-96FA-E9A425D9F665}
[2012.08.18 17:52:20 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{67D5D8ED-F761-4694-B3B9-7E725A9EA101}
[2012.08.18 17:52:09 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{9FA23649-1286-4FFC-9B42-5FEB7A1EB01B}
[2007.08.13 17:46:00 | 000,102,912 | ---- | C] (Albert L Faber) -- C:\Program Files (x86)\CDRip.dll
[2007.01.18 21:09:53 | 000,623,616 | ---- | C] (Ivan Bischof ©2003 - 2005) -- C:\Program Files (x86)\No23 Recorder.exe
[2006.12.11 19:13:12 | 000,013,872 | ---- | C] (Un4seen Developments) -- C:\Program Files (x86)\basscd.dll
[2006.12.11 19:13:11 | 000,097,336 | ---- | C] (Un4seen Developments) -- C:\Program Files (x86)\bass.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.09.17 16:33:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.09.17 07:58:54 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.17 07:58:54 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.17 07:51:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.17 07:51:23 | 2812,383,232 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.16 17:40:51 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2012.09.15 18:54:31 | 000,000,000 | ---- | M] () -- C:\Users\***\defogger_reenable
[2012.09.15 18:53:21 | 000,050,477 | ---- | M] () -- C:\Users\***\Desktop\Defogger.exe
[2012.09.15 12:56:17 | 001,540,102 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.09.15 12:56:17 | 000,673,440 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.09.15 12:56:17 | 000,624,336 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.09.15 12:56:17 | 000,136,986 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.09.15 12:56:17 | 000,112,326 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.09.14 18:03:55 | 000,001,484 | ---- | M] () -- C:\Program Files (x86)\RecConfig.xml
[2012.09.09 14:54:20 | 000,010,720 | ---- | M] () -- C:\Users\***\Desktop\Ausgaben2.ods
[2012.09.08 22:49:24 | 000,052,233 | ---- | M] () -- C:\Users\***\Desktop\duplex_tabelle_2.jpg
[2012.09.08 18:11:01 | 000,189,258 | ---- | M] () -- C:\Users\***\Desktop\20023_halter_jbp_002.jpg
[2012.09.03 20:50:25 | 000,161,439 | ---- | M] () -- C:\Users\***\Desktop\X1-SPREMBERGKRUGSTANDARD.tsi
[2012.09.03 19:15:49 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_a2djusb_01009.Wdf
[2012.08.27 19:54:32 | 000,001,118 | ---- | M] () -- C:\Users\Public\Desktop\CadStd.lnk
[2012.08.24 16:36:31 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.08.24 16:36:31 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.08.22 20:12:40 | 000,376,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012.08.22 20:12:33 | 000,288,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012.08.20 17:34:14 | 000,253,924 | ---- | M] () -- C:\Users\***\Desktop\1280_3239333266393163.jpg
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.09.15 18:54:31 | 000,000,000 | ---- | C] () -- C:\Users\***\defogger_reenable
[2012.09.15 18:53:20 | 000,050,477 | ---- | C] () -- C:\Users\***\Desktop\Defogger.exe
[2012.09.14 18:03:55 | 000,001,484 | ---- | C] () -- C:\Program Files (x86)\RecConfig.xml
[2012.09.08 22:49:23 | 000,052,233 | ---- | C] () -- C:\Users\***\Desktop\duplex_tabelle_2.jpg
[2012.09.08 18:10:54 | 000,189,258 | ---- | C] () -- C:\Users\***\Desktop\20023_halter_jbp_002.jpg
[2012.09.03 20:50:24 | 000,161,439 | ---- | C] () -- C:\Users\***\Desktop\X1-SPREMBERGKRUGSTANDARD.tsi
[2012.09.03 19:15:49 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_a2djusb_01009.Wdf
[2012.08.27 19:54:32 | 000,001,118 | ---- | C] () -- C:\Users\Public\Desktop\CadStd.lnk
[2012.08.20 17:34:12 | 000,253,924 | ---- | C] () -- C:\Users\***\Desktop\1280_3239333266393163.jpg
[2012.04.23 17:46:41 | 000,007,602 | ---- | C] () -- C:\Users\***\AppData\Local\Resmon.ResmonCfg
[2012.04.07 12:55:44 | 000,000,034 | ---- | C] () -- C:\Windows\cdplayer.ini
[2012.01.22 16:01:59 | 000,000,089 | ---- | C] () -- C:\Users\Christian\AppData\Local\msmathematics.qat.Christian
[2011.11.27 14:21:32 | 000,270,240 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.11.27 14:21:30 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.07.08 08:37:28 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.06.28 20:26:39 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.06.27 23:01:38 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2007.08.13 17:46:00 | 000,155,136 | ---- | C] () -- C:\Program Files (x86)\lame_enc.dll
[2005.08.23 22:34:05 | 000,029,184 | ---- | C] () -- C:\Program Files (x86)\no23xwrapper.dll
[2005.03.25 19:14:24 | 001,015,808 | ---- | C] () -- C:\Program Files (x86)\vorbisenc.dll
[2005.03.25 19:13:50 | 000,077,824 | ---- | C] () -- C:\Program Files (x86)\vorbisfile.dll
[2005.03.25 19:13:32 | 001,163,264 | ---- | C] () -- C:\Program Files (x86)\vorbis.dll
[2005.03.25 19:09:38 | 000,057,344 | ---- | C] () -- C:\Program Files (x86)\ogg.dll
========== LOP Check ==========
[2011.11.22 20:41:20 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Ableton
[2011.10.03 16:01:32 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Epson
[2012.08.27 19:29:42 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FreeCAD
[2011.10.16 15:28:21 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenOffice.org
[2011.10.23 14:16:43 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TuneUp Software
[2011.10.24 17:39:59 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Windows Live Writer
[2011.10.25 13:38:21 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Epson
[2011.09.30 12:02:40 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenOffice.org
[2011.10.22 16:59:34 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TuneUp Software
[2011.10.28 17:56:30 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Windows Live Writer
[2012.08.25 19:16:50 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Epson
[2011.10.11 10:38:14 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenOffice.org
[2011.10.22 20:50:28 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TuneUp Software
[2012.06.21 16:29:45 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Windows Live Writer
[2012.05.05 15:01:52 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Ableton
[2012.03.27 10:23:04 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Avery
[2011.09.30 13:12:49 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Epson
[2011.10.19 10:38:52 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenOffice.org
[2011.10.25 10:15:58 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TuneUp Software
[2011.10.18 10:29:58 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Windows Live Writer
[2012.06.19 11:10:01 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report > --- --- ---
Und die Extras:
OTL Logfile: Code:
OTL Extras logfile created on: 17.09.2012 17:12:27 - Run 5
OTL by OldTimer - Version 3.2.61.5 Folder = C:\Users\***\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,49 Gb Total Physical Memory | 1,87 Gb Available Physical Memory | 53,48% Memory free
6,98 Gb Paging File | 5,36 Gb Available in Paging File | 76,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 890,41 Gb Total Space | 814,81 Gb Free Space | 91,51% Space Free | Partition Type: NTFS
Drive D: | 40,00 Gb Total Space | 12,88 Gb Free Space | 32,21% Space Free | Partition Type: NTFS
Computer Name: *** | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-21-3287205929-1968251382-2339449275-1006\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0897A024-C939-43E1-8FBC-7B133AD044F4}" = lport=139 | protocol=6 | dir=in | app=system |
"{189D059C-638B-4EE5-992E-E02991C20513}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1C020665-A438-4ABB-9773-045AA640B1CE}" = lport=138 | protocol=17 | dir=in | app=system |
"{36FC5547-639D-4989-A6EF-2306CD2E51D7}" = rport=139 | protocol=6 | dir=out | app=system |
"{408EE2D0-62D6-48C1-BCCA-D800119607CD}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{41F238D7-6F46-4493-9809-A44702E1999F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5888A49E-5309-4FEB-88FF-D489F1BC94BF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{619009A8-133A-4447-B825-801C0A5010E1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{64B4D7F5-E0A8-43FF-BB1F-5B76302A206F}" = lport=10243 | protocol=6 | dir=in | app=system |
"{6B4664B4-D0DE-435E-9B17-91A1BA844196}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{83A7B532-4A8C-4918-B91B-56FFB8586E94}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{8856DD31-45F8-4A9A-8FDF-76CDF35704C7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8A23438C-3E1F-426F-9E05-225B146A29BC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A26F5FF1-3EC4-4780-A5C5-249AA95099AF}" = rport=10243 | protocol=6 | dir=out | app=system |
"{A610651F-E00C-455D-9F4E-46FDF15A92D8}" = rport=138 | protocol=17 | dir=out | app=system |
"{B2C4528B-497E-41E6-9975-D859A07175C3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{B9F3473E-66B5-4C14-B1AF-84E4F888E2EF}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{BA4B1090-5D43-469D-8640-2E6E558FD95D}" = rport=137 | protocol=17 | dir=out | app=system |
"{CE94B2D2-CBD8-478F-803F-39CDD6F36B60}" = lport=2869 | protocol=6 | dir=in | app=system |
"{CFC87E19-5D98-47F4-B539-D8FBDA2365E4}" = rport=445 | protocol=6 | dir=out | app=system |
"{D57666EB-D2FE-4884-AE44-60BC98DA2964}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D8F244EB-54FE-4DEA-B41A-34B7A6FD0999}" = lport=445 | protocol=6 | dir=in | app=system |
"{E691DDF2-B2E6-4E14-86E6-58BC177E8BA1}" = lport=137 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00835C0A-F9FA-4EFD-8896-A9CCC0A975AB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0C69C506-D83D-4A67-808A-73036C560AEF}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{14924065-090C-4339-8BF5-0966317D1709}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{16207F27-E370-4AFD-A963-EEA943D13737}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{21FCBD23-F07B-4E9F-B7F2-45A6F2BF3838}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{2DF7FF6D-99A9-499B-8D75-25FD430BA108}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{30C5A64E-D09B-4AF9-B031-411DD93EC596}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{454D045A-0094-49E7-95FE-ED573A023E78}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4ED45014-D1EB-439D-B562-FEE7E1451BF8}" = protocol=6 | dir=out | app=system |
"{5127B4AD-8ED4-4FF0-A965-F13D1211F996}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{554412FB-433C-4D44-AB52-41C165D54F1E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{59F219B8-7462-46C9-8E55-0EE5FBFF2C2E}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{5E61172D-FEA0-42BF-8B4D-3ADE2D806FD2}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{6B64C18B-9DBA-4393-8412-8F9D1AE5B905}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7078BA39-7702-4977-808B-F380D6A8ABEC}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{91B82021-A21D-4AB9-BFBE-2298E8B00BD6}" = protocol=17 | dir=in | app=c:\program files (x86)\epsonnet\epsonnet setup\tool10\eneasyapp.exe |
"{A2589D29-8012-49E4-8495-C62EA853390D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A5D02DFB-D2D3-476D-B3BF-42996628F632}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{ACCB7DE2-2E62-40E8-8686-0436E5782A1F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{BFDCE2E2-58C0-4FFD-AF6F-DBD7B4199378}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C7767280-36D0-466F-AF75-0F235601C0AA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DB8A52B0-A599-4BA0-848A-EFDD023865B7}" = protocol=6 | dir=in | app=c:\program files (x86)\epsonnet\epsonnet setup\tool10\eneasyapp.exe |
"{F0C14895-5F98-4CC8-BF32-072308153EA1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F8BA434F-3751-4264-BB64-81A691281D5C}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"TCP Query User{A841A9CA-8A2B-4079-AB90-49613A3D7207}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"UDP Query User{C5B887A0-9FE6-4342-B293-147320A9D0E0}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{23A66953-369C-4d22-A189-C6E403D4A19F}" = Native Instruments Audio 2 DJ
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{26A24AE4-039D-4CA4-87B4-2F86416026FF}" = Java(TM) 6 Update 26 (64-bit)
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{3BFAF653-4B91-2C87-82FE-DAF4C0F7BF18}" = AMD Drag and Drop Transcoding
"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{51DDB4F9-7FFF-4970-AED4-DB3C22A5C522}" = Corel Graphics - Windows Shell Extension 64 Bit
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources
"{8836C1BC-29E8-6A94-9D8F-F2D5FDC6F865}" = ATI AVIVO64 Codecs
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{9184BC0D-EC76-3910-E813-BFC3ED0DBCB1}" = ccc-utility64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{B72CAB06-4420-F4D1-AFBB-AF9093D3D237}" = ATI Catalyst Install Manager
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources
"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E0DF4F3F-629F-B9E2-C80C-CBA0A0305537}" = AMD Media Foundation Decoders
"{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}" = Microsoft Mathematics (64-Bit)
"{EE483CF3-AE65-E262-268A-493B8A91D920}" = AMD Fuel
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources
"EPSON SX620FW Series" = Druckerdeinstallation für EPSON SX620FW Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}" = CorelDRAW Essentials X5 - Extra Content
"_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}" = Corel Graphics - Windows Shell Extension
"_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}" = CorelDRAW Essentials X5
"{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh
"{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}" = Epson Event Manager
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{0565E7DD-8930-8F67-9D25-5D1DCC033DF0}" = CCC Help Swedish
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}" = Epson FAX Utility
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail
"{109D0519-2F01-0D66-C43A-55BFEDEDF2DD}" = CCC Help Danish
"{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{1571CDD5-B5BC-94E9-A745-D3E3A215316C}" = CCC Help Spanish
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{241E7104-937A-4366-AD57-8FDDDB003939}" = Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{298BE2A8-908F-C904-20E7-C13CD1CBB44A}" = CCC Help English
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger
"{2F14F550-0FFC-4285-B673-880744D428A3}" = CorelDRAW Essentials X5 - Custom Data
"{2F54E453-8C93-4B3B-936A-233C909E6CAC}" = Windows Live Messenger
"{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources
"{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}" = CyberLink WaveEditor
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34809713-7886-4F6A-B9D5-CC74DBC1C77E}" = CorelDRAW Essentials X5 - Redist
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39F58DDB-B2B8-4B86-AF20-4706A80EB30D}" = Epson Easy Photo Print 2
"{3B1EF0C5-8855-416F-A6F4-5CC5FCF267CA}" = CorelDRAW Essentials X5 - WT
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{4433CEC6-DA32-4D7B-BA95-B47C68498287}" = CorelDRAW Essentials X5 - Connect
"{443B561F-DE1B-4DEF-ADD9-484B684653C7}" = Windows Live Messenger
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = CyberLink PowerRecover
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4B744C85-DBB1-4038-B989-4721EB22C582}" = Windows Live Messenger
"{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}" = OpenOffice.org 3.4
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{57220148-3B2B-412A-A2E0-82B9DF423696}" = Windows Live Mesh ActiveX-objekt til fjernforbindelser
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}" = CorelDRAW Essentials X5 - Extra Content
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5D4C60AA-84E6-4E1A-8A68-69970D387BE1}" = TuneUp Utilities Language Pack (de-DE)
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail
"{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{666D7CED-12E0-4BA3-B594-5681961E7B02}" = CorelDRAW Essentials X5 - IPM
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69143066-1887-30B9-CBC4-BF91626AB643}" = CCC Help Japanese
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6DE61FFB-8ADC-4A09-B3DC-5DA15CAE48A0}" = CorelDRAW Essentials X5 - DE
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
"{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer
"{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7BDA08C6-D3A1-4E2A-83F6-BBE15060DF80}" = CorelDRAW Essentials X5 - IT
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{81ABC4A0-DE63-11DE-8A39-0800200C9A66}" = FreeCAD 0.12
"{81FC1973-09F4-8ADE-0CC5-9FBEF8B7E064}" = CCC Help German
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
"{834F4E2F-E9DF-4FA9-8499-FF6B91012898}" = CorelDRAW Essentials X5
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{85E8F38F-0303-401E-A518-0302DF88EB07}" = CorelDRAW Essentials X5 - Draw
"{89BA6E81-B60A-49BC-B283-80560A9E60DF}" = CorelDRAW Essentials X5 - PHOTO-PAINT
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E5E0BB7-2604-72C4-EB4F-FDE56037CA73}" = CCC Help Dutch
"{8FF3891F-01B5-4A71-BFCD-20761890471C}" = Windows Live Messenger
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{98ACB7E6-3FEA-A8DD-832B-D1F540811E1D}" = Catalyst Control Center InstallProxy
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A68B8A41-A5D1-DC7E-B496-F90F4DA45D0C}" = CCC Help French
"{A7056D45-C63A-4FE4-A69D-FB54EF9B21BB}" = Windows Live Messenger
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AC726FD7-1766-F446-EF0A-7C988A5F7755}" = CCC Help Italian
"{AC76BA86-7AD7-5464-3428-A00000000004}" = Spelling Dictionaries Support For Adobe Reader X
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.3) MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
"{B2E90616-C50D-4B89-A40D-92377AC669E5}" = Windows Live Messenger
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B525C699-B111-377C-857A-4419F5A5094F}" = CCC Help Finnish
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}" = Corel Graphics - Windows Shell Extension
"{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C9D8A041-2963-4B31-8FFC-1500F3DB9293}" = EpsonNet Setup 3.3
"{CA227A9D-09BE-4BFB-9764-48FED2DA5454}" = Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D0BEB150-2046-4F94-AE7B-EA76772592F6}" = CorelDRAW Essentials X5 - Common
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{D7AAEF77-5094-AEDA-C940-110C00FB6823}" = AMD VISION Engine Control Center
"{D7E60152-6C65-4982-8840-B6D28BF881BD}" = CorelDRAW Essentials X5 - FR
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"{E4BE9367-168B-4B30-B198-EE37C99FB147}" = CorelDRAW Essentials X5 - Filters
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E7BE4D1A-B529-448B-8407-889705B65185}" = CorelDRAW Essentials X5 - ES
"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{E9AD2143-26D5-4201-BED1-19DCC03B407D}" = Windows Live Messenger
"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}" = CorelDRAW Essentials X5 - Setup Files
"{F0781699-4AA9-1ADA-3E2E-315A139C78F4}" = Catalyst Control Center Localization All
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}" = Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις
"{F77F8226-DA60-1CC1-02FA-76E8F4B07FF5}" = CCC Help Norwegian
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F82C6574-AD88-4B40-A432-970BC77F1BD2}" = DesignPro 5
"{F9000000-0018-0000-0000-074957833700}" = ABBYY FineReader 9.0 Sprint
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA6AF809-9A80-423A-A57A-C7D726A04E4C}" = CorelDRAW Essentials X5 - EN
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"ABBYY FineReader 9.0 Sprint" = ABBYY FineReader 9.0 Sprint
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Ashampoo Burning Studio_is1" = Ashampoo Burning Studio
"Ashampoo Photo Commander_is1" = Ashampoo Photo Commander
"Ashampoo Photo Optimizer_is1" = Ashampoo Photo Optimizer
"Ashampoo Snap_is1" = Ashampoo Snap
"Avira AntiVir Desktop" = Avira Free Antivirus
"CadStd" = CadStd
"EPSON PC-FAX Driver 2" = Epson PC-FAX Driver
"EPSON SX620FW Series Manual" = EPSON SX620FW Series Handbuch
"EPSON SX620FW Series Network Guide" = EPSON SX620FW Series Netzwerk-Handbuch
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema
"InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}" = CyberLink WaveEditor
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = CyberLink PowerRecover
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}" = DesignPro 5
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Native Instruments Audio 2 DJ" = Native Instruments Audio 2 DJ
"Operation Flashpoint" = Operation Flashpoint (Uninstall via Start Menu shortcut)
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-bit)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3287205929-1968251382-2339449275-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"Mixxx (1.10.0)" = Mixxx 1.10.0
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 31.08.2012 09:32:51 | Computer Name = *** | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\spybot - search & destroy\DelZip179.dll" in Zeile 8. Der
Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 04.09.2012 12:43:39 | Computer Name = *** | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\spybot - search & destroy\DelZip179.dll" in Zeile 8. Der
Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 05.09.2012 10:36:25 | Computer Name = *** | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\spybot - search & destroy\DelZip179.dll" in Zeile 8. Der
Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 06.09.2012 09:58:53 | Computer Name = *** | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\spybot - search & destroy\DelZip179.dll" in Zeile 8. Der
Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 07.09.2012 12:34:21 | Computer Name = *** | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\spybot - search & destroy\DelZip179.dll" in Zeile 8. Der
Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 08.09.2012 06:36:25 | Computer Name = *** | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\spybot - search & destroy\DelZip179.dll" in Zeile 8. Der
Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 11.09.2012 13:13:55 | Computer Name = *** | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\spybot - search & destroy\DelZip179.dll" in Zeile 8. Der
Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 12.09.2012 12:39:37 | Computer Name = *** | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\spybot - search & destroy\DelZip179.dll" in Zeile 8. Der
Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 13.09.2012 14:21:07 | Computer Name = *** | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\spybot - search & destroy\DelZip179.dll" in Zeile 8. Der
Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 14.09.2012 05:09:08 | Computer Name = *** | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\spybot - search & destroy\DelZip179.dll" in Zeile 8. Der
Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 15.09.2012 08:58:05 | Computer Name = *** | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\spybot - search & destroy\DelZip179.dll" in Zeile 8. Der
Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
[ System Events ]
Error - 17.09.2012 02:00:29 | Computer Name = *** | Source = Service Control Manager | ID = ***
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%1058
Error - 17.09.2012 02:00:29 | Computer Name = *** | Source = Service Control Manager | ID = ***
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%1058
Error - 17.09.2012 02:33:35 | Computer Name = *** | Source = volsnap | ID = 393230
Description = Die Schattenkopien von Volume "C:" wurden aufgrund eines E/A-Fehlers
auf Volume "C:" abgebrochen.
Error - 17.09.2012 04:06:14 | Computer Name = *** | Source = Service Control Manager | ID = ***
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%1058
Error - 17.09.2012 04:06:16 | Computer Name = *** | Source = Service Control Manager | ID = ***
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%1058
Error - 17.09.2012 04:06:18 | Computer Name = *** | Source = Service Control Manager | ID = ***
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%1058
Error - 17.09.2012 10:22:32 | Computer Name = *** | Source = Service Control Manager | ID = ***
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%1058
Error - 17.09.2012 10:33:34 | Computer Name = *** | Source = Service Control Manager | ID = ***
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%1058
Error - 17.09.2012 10:33:41 | Computer Name = *** | Source = Service Control Manager | ID = ***
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%1058
Error - 17.09.2012 10:33:41 | Computer Name = *** | Source = Service Control Manager | ID = ***
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%1058
< End of report > --- --- ---
Gruß |