| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Trojaner www.searchqu.com/406Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
14.01.2012, 13:03
| #1 |
| |  Trojaner www.searchqu.com/406 Hallo zusammen. Ich hab ein riesiges Problem! Anscheinend hab ich einen Trojaner und ich weiss nicht, wie ich den losbekommen kann. Meine Startseite bei Mozilla Firefox 9 ist wahrscheinlich ein Trojaner..  Wie oben im Titel erwähnt..Ich hab Windows 7 und mein Antiviren Programm ist Kaspersky 2011. Wie krieg ich den wieder los? Kann mir jemand helfen? GMER stürzt immer mal wieder ab OTL Logfile: OTL EXTRAS Logfile: Code:
ATTFilter OTL logfile created on: 14.01.2012 13:12:15 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Evelyne\Downloads 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy 3,97 Gb Total Physical Memory | 1,86 Gb Available Physical Memory | 46,93% Memory free 7,93 Gb Paging File | 5,42 Gb Available in Paging File | 68,29% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 218,42 Gb Total Space | 65,13 Gb Free Space | 29,82% Space Free | Partition Type: NTFS Drive D: | 14,27 Gb Total Space | 2,36 Gb Free Space | 16,54% Space Free | Partition Type: NTFS Computer Name: EVELYNE-PC | User Name: Evelyne | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.01.14 13:09:46 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Evelyne\Downloads\OTL.exe PRC - [2011.12.29 21:11:27 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2011.12.06 11:17:56 | 001,694,608 | ---- | M] (Bandoo Media, inc) -- C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe PRC - [2011.11.04 14:40:06 | 000,687,400 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe PRC - [2011.06.06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2010.08.30 19:21:56 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe PRC - [2010.05.20 23:52:06 | 011,312,128 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin PRC - [2010.05.20 23:52:04 | 011,318,784 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe PRC - [2010.05.07 11:39:36 | 000,344,736 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe PRC - [2010.04.12 23:46:36 | 001,135,912 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe PRC - [2009.07.23 19:45:52 | 000,128,296 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe PRC - [2009.07.23 10:37:16 | 000,206,120 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe PRC - [2009.05.08 09:35:50 | 002,780,432 | ---- | M] () -- C:\Programme\Logitech\Logitech WebCam Software\LWS.exe PRC - [2009.05.08 09:34:08 | 000,559,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe PRC - [2009.04.30 15:01:12 | 000,125,464 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe PRC - [2009.04.30 13:39:30 | 005,472,016 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe PRC - [2008.09.16 12:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe ========== Modules (No Company Name) ========== MOD - [2012.01.11 13:12:11 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\442eed762e21796e8e497fcd14f1295a\System.Runtime.Remoting.ni.dll MOD - [2011.12.29 21:11:27 | 002,124,760 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2011.10.15 14:58:08 | 000,997,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\cc6713be0e405d5a89a2783103f7e771\System.Management.ni.dll MOD - [2011.10.14 11:12:55 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\5672e6b9d976feca51deb06d8dd1df0e\PresentationFramework.Aero.ni.dll MOD - [2011.10.14 11:12:24 | 006,618,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\45a20172acfdcc160ecb6bd358179c31\System.Data.ni.dll MOD - [2011.10.14 11:12:08 | 014,322,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\09e39322b47f9b4e8dd2199ff03acb2e\PresentationFramework.ni.dll MOD - [2011.10.14 11:11:50 | 012,431,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d76221993c2fdfb991b8c12ae50a30eb\System.Windows.Forms.ni.dll MOD - [2011.10.14 11:11:43 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e245eb9c1067cabd5673fe832d28613\System.Drawing.ni.dll MOD - [2011.10.14 11:11:40 | 000,185,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\a3f989a61ab0468876629134c49514b2\UIAutomationTypes.ni.dll MOD - [2011.10.14 11:11:38 | 012,216,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\d2dc021a8311197516e4fa325b292f21\PresentationCore.ni.dll MOD - [2011.10.14 11:11:24 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\3136e12cfb8809d39813e76c766c782c\WindowsBase.ni.dll MOD - [2011.10.14 11:11:15 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\275680f2b9db0501d53c50ea7d7a43f0\System.Xml.ni.dll MOD - [2011.10.14 11:11:11 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e9ebeb7959f1c916ebf6fca8f7077d6c\System.Configuration.ni.dll MOD - [2011.10.14 11:11:10 | 007,949,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\95b9866ab6e4437ef5dc5855ebab4e33\System.ni.dll MOD - [2011.10.14 11:10:59 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll MOD - [2011.09.28 20:42:54 | 006,277,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll MOD - [2011.09.27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011.09.27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2010.05.04 14:36:28 | 000,970,752 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll MOD - [2010.04.14 18:18:00 | 000,101,376 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll MOD - [2010.04.12 23:46:46 | 000,095,528 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll MOD - [2010.04.12 23:46:36 | 001,135,912 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe MOD - [2009.09.04 20:39:39 | 000,249,856 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll MOD - [2009.09.04 20:39:39 | 000,110,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_de_31bf3856ad364e35\PresentationCore.resources.dll MOD - [2009.09.04 20:39:03 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2009.09.04 20:38:58 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll MOD - [2009.07.23 10:37:14 | 000,931,112 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll MOD - [2009.07.15 16:51:04 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll MOD - [2009.07.15 16:51:02 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll MOD - [2009.07.15 16:50:58 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll MOD - [2009.07.15 16:50:56 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll MOD - [2009.07.15 16:50:56 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll MOD - [2009.07.15 16:50:54 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll MOD - [2009.07.15 16:50:52 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll MOD - [2009.07.15 16:50:44 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll MOD - [2009.06.10 22:23:17 | 002,933,248 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll MOD - [2009.05.08 09:35:50 | 002,780,432 | ---- | M] () -- C:\Programme\Logitech\Logitech WebCam Software\LWS.exe MOD - [2009.05.08 09:35:28 | 000,181,520 | ---- | M] () -- C:\Program Files (x86)\Common Files\LogiShrd\LvApi11\LvApi11.dll MOD - [2009.05.08 09:34:08 | 000,559,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe MOD - [2009.04.30 13:39:56 | 000,138,000 | ---- | M] () -- C:\Program Files (x86)\Logitech\Logitech Vid\plugins\imageformats\qjpeg4.dll MOD - [2009.04.30 13:39:56 | 000,035,088 | ---- | M] () -- C:\Program Files (x86)\Logitech\Logitech Vid\plugins\imageformats\qico4.dll MOD - [2009.04.30 13:39:52 | 000,028,944 | ---- | M] () -- C:\Program Files (x86)\Logitech\Logitech Vid\plugins\imageformats\qgif4.dll MOD - [2009.04.30 13:39:08 | 000,027,408 | ---- | M] () -- C:\Program Files (x86)\Logitech\Logitech Vid\SDL.dll MOD - [2009.04.30 13:38:56 | 000,363,792 | ---- | M] () -- C:\Program Files (x86)\Logitech\Logitech Vid\QtXml4.dll MOD - [2009.04.30 13:38:44 | 011,311,888 | ---- | M] () -- C:\Program Files (x86)\Logitech\Logitech Vid\QtWebKit4.dll MOD - [2009.04.30 13:38:34 | 000,199,952 | ---- | M] () -- C:\Program Files (x86)\Logitech\Logitech Vid\QtSql4.dll MOD - [2009.04.30 13:38:22 | 000,968,976 | ---- | M] () -- C:\Program Files (x86)\Logitech\Logitech Vid\QtNetwork4.dll MOD - [2009.04.30 13:38:22 | 000,475,408 | ---- | M] () -- C:\Program Files (x86)\Logitech\Logitech Vid\QtOpenGL4.dll MOD - [2009.04.30 13:38:10 | 007,704,336 | ---- | M] () -- C:\Program Files (x86)\Logitech\Logitech Vid\QtGui4.dll MOD - [2009.04.30 13:37:58 | 002,140,944 | ---- | M] () -- C:\Program Files (x86)\Logitech\Logitech Vid\QtCore4.dll MOD - [2009.04.30 13:37:48 | 000,291,600 | ---- | M] () -- C:\Program Files (x86)\Logitech\Logitech Vid\phonon4.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2010.09.22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:64bit: - [2009.07.22 02:33:00 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\stacsv64.exe -- (STacSV) SRV:64bit: - [2009.07.08 12:49:02 | 000,030,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv) SRV:64bit: - [2009.07.02 22:16:00 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2009.04.30 15:01:00 | 000,190,488 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64) SRV:64bit: - [2009.03.02 22:42:00 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe -- (AESTFilters) SRV - [2011.11.04 14:40:06 | 000,687,400 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) SRV - [2011.06.06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2010.05.07 11:39:36 | 000,344,736 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe -- (AVP) SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.01.31 19:56:41 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010.01.04 19:03:42 | 000,238,328 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.02.22 11:00:00 | 000,129,584 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc) SRV - [2008.09.16 12:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor7.0) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011.08.02 17:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2011.07.13 13:59:54 | 000,072,240 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVol.sys -- (NBVol) DRV:64bit: - [2011.07.13 13:59:54 | 000,015,920 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVolUp.sys -- (NBVolUp) DRV:64bit: - [2011.03.11 07:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 07:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.09.22 23:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2010.05.07 11:28:02 | 000,560,216 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF) DRV:64bit: - [2010.05.06 23:19:14 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2) DRV:64bit: - [2010.05.06 23:19:10 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1) DRV:64bit: - [2010.04.22 18:07:36 | 000,027,736 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6) DRV:64bit: - [2010.03.31 02:58:04 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2009.11.02 19:27:10 | 000,022,544 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt) DRV:64bit: - [2009.08.25 00:45:21 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:64bit: - [2009.07.22 02:33:00 | 000,487,936 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA) DRV:64bit: - [2009.07.21 04:39:00 | 000,140,712 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR) DRV:64bit: - [2009.07.15 00:16:00 | 000,273,456 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam) DRV:64bit: - [2009.07.14 00:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2009.07.13 23:31:00 | 000,233,472 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2009.07.08 12:49:08 | 000,030,008 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt) DRV:64bit: - [2009.07.08 12:48:50 | 000,041,272 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer) DRV:64bit: - [2009.07.02 22:51:00 | 006,036,480 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:64bit: - [2009.06.29 19:17:00 | 000,070,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\enecir.sys -- (enecir) DRV:64bit: - [2009.06.29 18:00:00 | 000,116,752 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:64bit: - [2009.06.10 22:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92) DRV:64bit: - [2009.06.10 22:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac) DRV:64bit: - [2009.06.10 22:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA) DRV:64bit: - [2009.06.10 22:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem) DRV:64bit: - [2009.06.10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2009.06.10 21:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7) DRV:64bit: - [2009.06.10 21:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2009.05.01 00:03:08 | 006,377,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64) Logitech Webcam 250(UVC) DRV:64bit: - [2009.05.01 00:01:36 | 000,327,576 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64) DRV:64bit: - [2009.04.30 23:59:24 | 000,271,640 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvpopf64.sys -- (lvpopf64) DRV:64bit: - [2009.04.30 14:59:48 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon) DRV:64bit: - [2009.04.30 14:59:48 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64) DRV:64bit: - [2009.04.29 07:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV - [2009.07.23 19:45:28 | 000,146,928 | ---- | M] (CyberLink Corp.) [2009/08/25 02:14:27] [Kernel | Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49}) DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_CH&c=94&bd=Pavilion&pf=cnnb IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_CH&c=94&bd=Pavilion&pf=cnnb IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_CH&c=94&bd=Pavilion&pf=cnnb IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_CH&c=94&bd=Pavilion&pf=cnnb IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_CH&c=94&bd=Pavilion&pf=cnnb IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.searchqu.com/406 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Search Results" FF - prefs.js..browser.search.order.1: "Search Results" FF - prefs.js..browser.search.selectedEngine: "Search Results" FF - prefs.js..browser.startup.homepage: "hxxp://www.searchqu.com/406" FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:11.0.0.232 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5 FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.5 FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.1 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: KavAntiBanner@Kaspersky.ru:11.0.0.232 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.7 FF - prefs.js..keyword.URL: "hxxp://dts.search-results.com/sr?src=ffb&appid=119&systemid=406&sr=0&q=" FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.775: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.775: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.775: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\Evelyne\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.08.30 19:22:40 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.09.02 18:25:59 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.12.29 21:11:28 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.10.31 17:14:04 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.09.02 18:25:59 | 000,000,000 | ---D | M] [2012.01.13 11:41:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Evelyne\AppData\Roaming\mozilla\Extensions [2010.02.03 21:15:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Evelyne\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org [2012.01.13 11:41:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Evelyne\AppData\Roaming\mozilla\Firefox\Profiles\xj0jfy4r.default\extensions [2012.01.13 11:41:17 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Users\Evelyne\AppData\Roaming\mozilla\Firefox\Profiles\xj0jfy4r.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} [2011.02.25 18:43:25 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Evelyne\AppData\Roaming\mozilla\Firefox\Profiles\xj0jfy4r.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.11.14 23:30:03 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Evelyne\AppData\Roaming\mozilla\Firefox\Profiles\xj0jfy4r.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2012.01.12 01:00:39 | 000,000,000 | ---D | M] (Facemoods) -- C:\Users\Evelyne\AppData\Roaming\mozilla\Firefox\Profiles\xj0jfy4r.default\extensions\ffxtlbr@Facemoods.com [2012.01.13 11:41:09 | 000,002,519 | ---- | M] () -- C:\Users\Evelyne\AppData\Roaming\Mozilla\Firefox\Profiles\xj0jfy4r.default\searchplugins\Search_Results.xml [2012.01.13 11:41:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011.11.19 22:37:28 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011.03.29 15:11:54 | 000,000,000 | ---D | M] (Kaspersky Anti-Banner) -- C:\Program Files (x86)\mozilla firefox\extensions\KavAntiBanner@Kaspersky.ru [2011.03.29 15:11:54 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files (x86)\mozilla firefox\extensions\linkfilter@kaspersky.ru () (No name found) -- C:\USERS\EVELYNE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XJ0JFY4R.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI () (No name found) -- C:\USERS\EVELYNE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XJ0JFY4R.DEFAULT\EXTENSIONS\{EF4E370E-D9F0-4E00-B93E-A4F274CFDD5A}.XPI [2011.12.29 21:11:27 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.10.18 22:32:30 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2010.01.01 09:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.01.01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2010.01.01 09:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.01.12 01:00:40 | 000,002,048 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml [2010.01.01 09:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.01.13 11:41:09 | 000,002,519 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml [2010.01.01 09:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2010.01.01 09:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\ievkbd.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\WI3C8A~1\Datamngr\x64\BROWSE~1.DLL (Bandoo Media, inc) O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO) O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll (facemoods.com BHO) O2 - BHO: (AOL Toolbar BHO) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC) O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll () O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\WI3C8A~1\Datamngr\BROWSE~1.DLL (Bandoo Media, inc) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll () O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll (facemoods.com) O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC) O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC) O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe () O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [DATAMNGR] C:\PROGRA~2\WI3C8A~1\Datamngr\DATAMN~1.EXE (Bandoo Media, inc) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS) O4 - HKLM..\Run: [facemoods] C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe (facemoods.com) O4 - HKLM..\Run: [HPCam_Menu] c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe () O4 - HKLM..\Run: [NBAgent] C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe (Nero AG) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKCU..\Run: [Logitech Vid] C:\Program Files (x86)\Logitech\Logitech Vid\vid.exe (Logitech Inc.) O4 - HKCU..\Run: [Spotify] C:\Users\Evelyne\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) O4 - Startup: C:\Users\Evelyne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0 O8:64bit: - Extra context menu item: &AOL Toolbar-Suche - C:\ProgramData\AOL\ieToolbar\resources\de-CH\local\search.html () O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Evelyne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm () O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: &AOL Toolbar-Suche - C:\ProgramData\AOL\ieToolbar\resources\de-CH\local\search.html () O8 - Extra context menu item: Free YouTube Download - C:\Users\Evelyne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm () O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O9:64bit: - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO) O9:64bit: - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14) O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{07ED934A-BC15-451B-AED4-03721B56A870}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A071C040-9CE7-4A7A-BF97-3CE0D539368F}: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll C:\PROGRA~2\KASPER~1\KASPER~2\x64\sbhook64.dll) - File not found O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~2\x64\kloehk.dll) - C:\PROGRA~2\KASPER~1\KASPER~2\x64\kloehk.dll (Kaspersky Lab ZAO) O20 - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\datamngr.dll C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll C:\PROGRA~2\KASPER~1\KASPER~2\mzvkbd3.dll) - File not found O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~2\sbhook.dll) -C:\PROGRA~2\KASPER~1\KASPER~2\sbhook.dll (Kaspersky Lab ZAO) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{6b397257-4a9b-11e0-a048-00269e8cddd9}\Shell - "" = AutoRun O33 - MountPoints2\{6b397257-4a9b-11e0-a048-00269e8cddd9}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012.01.13 11:42:15 | 000,000,000 | ---D | C] -- C:\Users\Evelyne\AppData\Local\Ilivid Player [2012.01.13 11:42:00 | 000,000,000 | -H-D | C] -- C:\ProgramData\~0 [2012.01.13 11:41:10 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess [2012.01.13 11:41:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows iLivid Toolbar [2012.01.13 11:40:42 | 000,000,000 | ---D | C] -- C:\Users\Evelyne\AppData\Local\PackageAware [2012.01.12 01:01:24 | 000,000,000 | ---D | C] -- C:\Users\Evelyne\JDownloader [2012.01.12 01:00:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\facemoods.com [2012.01.12 00:58:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader [2012.01.12 00:06:08 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll [2012.01.12 00:06:08 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll [2012.01.12 00:06:08 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll [2012.01.12 00:06:07 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll [2012.01.12 00:05:39 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.01.12 00:05:39 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.01.12 00:05:11 | 001,739,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2012.01.12 00:04:43 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll [2012.01.12 00:04:43 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll [2012.01.06 21:50:26 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll [2012.01.06 21:50:26 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll [2012.01.06 21:50:25 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll [2012.01.06 21:50:25 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll [2012.01.06 21:50:24 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll [2012.01.06 20:37:11 | 000,000,000 | ---D | C] -- C:\Users\Evelyne\AppData\Local\Nero_AG [2012.01.06 20:34:08 | 000,000,000 | ---D | C] -- C:\Users\Evelyne\Documents\NeroVideo [2012.01.06 20:34:02 | 000,000,000 | ---D | C] -- C:\Users\Evelyne\AppData\Local\Nero [2012.01.06 20:31:31 | 000,000,000 | ---D | C] -- C:\Users\Evelyne\AppData\Roaming\Nero [2012.01.06 20:02:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero [2012.01.06 20:02:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero [2012.01.06 20:02:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero [2012.01.06 13:32:37 | 000,015,920 | ---- | C] (Nero AG) -- C:\Windows\SysNative\drivers\NBVolUp.sys [2012.01.06 13:32:30 | 000,072,240 | ---- | C] (Nero AG) -- C:\Windows\SysNative\drivers\NBVol.sys [2012.01.06 13:32:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero [2012.01.06 12:50:43 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll [2012.01.06 12:49:11 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll [2012.01.06 12:47:54 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll [2012.01.06 12:46:22 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll [2012.01.06 12:44:59 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll [2012.01.06 12:43:25 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll [2012.01.04 19:58:47 | 000,000,000 | ---D | C] -- C:\Users\Evelyne\Desktop\Weihnachten 2011 [2012.01.03 23:05:35 | 000,000,000 | ---D | C] -- C:\Users\Evelyne\AppData\Roaming\Flo & Seb Engineering [2012.01.03 23:05:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kochbuch [2012.01.03 23:05:20 | 000,000,000 | ---D | C] -- C:\Program Files\Flo & Seb Engineering [2011.12.23 19:53:11 | 000,000,000 | ---D | C] -- C:\Users\Evelyne\Desktop\Sum 41 [2011.12.21 15:05:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011.12.21 15:04:57 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2011.12.21 15:04:56 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2011.12.21 15:04:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes ========== Files - Modified Within 30 Days ========== [2012.01.14 13:07:56 | 000,000,000 | ---- | M] () -- C:\Users\Evelyne\defogger_reenable [2012.01.14 12:28:20 | 000,012,440 | ---- | M] () -- C:\Users\Evelyne\Desktop\27341_100001256831833_5014_n.jpg [2012.01.14 10:53:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.01.13 23:55:14 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.01.13 23:55:14 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.01.13 23:44:44 | 3195,420,672 | -HS- | M] () -- C:\hiberfil.sys [2012.01.13 12:20:07 | 197,196,612 | ---- | M] () -- C:\Users\Evelyne\Desktop\1_Staffel.part59.rar [2012.01.13 12:16:40 | 209,715,200 | ---- | M] () -- C:\Users\Evelyne\Desktop\1_Staffel.part58.rar [2012.01.13 12:13:06 | 209,715,200 | ---- | M] () -- C:\Users\Evelyne\Desktop\1_Staffel.part55.rar [2012.01.13 12:08:39 | 209,715,200 | ---- | M] () -- C:\Users\Evelyne\Desktop\1_Staffel.part57.rar [2012.01.13 12:07:30 | 209,715,200 | ---- | M] () -- C:\Users\Evelyne\Desktop\1_Staffel.part56.rar [2012.01.12 01:00:41 | 000,001,966 | ---- | M] () -- C:\Users\Public\Desktop\JDownloader.lnk [2012.01.11 13:09:57 | 001,520,098 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.01.11 13:09:57 | 000,654,242 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.01.11 13:09:57 | 000,616,084 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.01.11 13:09:57 | 000,130,082 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.01.11 13:09:57 | 000,106,464 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.01.06 21:51:08 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.01.06 20:04:48 | 000,002,843 | ---- | M] () -- C:\Users\Public\Desktop\Nero Burning ROM 11.lnk [2011.12.29 21:05:11 | 000,091,152 | ---- | M] () -- C:\Users\Evelyne\207532_10150151424197282_630617281_7019246_3241787_n.jpg [2011.12.29 20:23:16 | 000,009,319 | ---- | M] () -- C:\Users\Evelyne\baby01.jpg [2011.12.29 20:23:09 | 000,020,599 | ---- | M] () -- C:\Users\Evelyne\baby02.jpg [2011.12.23 21:01:42 | 000,030,378 | ---- | M] () -- C:\Users\Evelyne\Desktop\liebelei-555df513d27cb25039ef76aa0b62c679.jpg [2011.12.23 19:26:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForEvelyne.job [2011.12.21 15:05:35 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2011.12.16 00:16:23 | 000,559,456 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT ========== Files Created - No Company Name ========== [2012.01.14 13:07:56 | 000,000,000 | ---- | C] () -- C:\Users\Evelyne\defogger_reenable [2012.01.14 12:28:08 | 000,012,440 | ---- | C] () -- C:\Users\Evelyne\Desktop\27341_100001256831833_5014_n.jpg [2012.01.13 11:51:53 | 209,715,200 | ---- | C] () -- C:\Users\Evelyne\Desktop\1_Staffel.part55.rar [2012.01.13 11:46:55 | 209,715,200 | ---- | C] () -- C:\Users\Evelyne\Desktop\1_Staffel.part56.rar [2012.01.13 11:45:18 | 209,715,200 | ---- | C] () -- C:\Users\Evelyne\Desktop\1_Staffel.part57.rar [2012.01.13 11:44:55 | 209,715,200 | ---- | C] () -- C:\Users\Evelyne\Desktop\1_Staffel.part58.rar [2012.01.13 11:44:09 | 197,196,612 | ---- | C] () -- C:\Users\Evelyne\Desktop\1_Staffel.part59.rar [2012.01.12 01:00:41 | 000,001,966 | ---- | C] () -- C:\Users\Public\Desktop\JDownloader.lnk [2012.01.12 00:59:09 | 000,001,966 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk [2012.01.12 00:59:09 | 000,001,945 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk [2012.01.12 00:59:09 | 000,001,924 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk [2012.01.06 20:04:48 | 000,002,843 | ---- | C] () -- C:\Users\Public\Desktop\Nero Burning ROM 11.lnk [2011.12.29 21:05:10 | 000,091,152 | ---- | C] () -- C:\Users\Evelyne\207532_10150151424197282_630617281_7019246_3241787_n.jpg [2011.12.29 20:23:15 | 000,009,319 | ---- | C] () -- C:\Users\Evelyne\baby01.jpg [2011.12.29 20:23:08 | 000,020,599 | ---- | C] () -- C:\Users\Evelyne\baby02.jpg [2011.12.23 21:01:39 | 000,030,378 | ---- | C] () -- C:\Users\Evelyne\Desktop\liebelei-555df513d27cb25039ef76aa0b62c679.jpg [2011.12.21 15:05:35 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2011.11.06 18:11:32 | 000,004,873 | ---- | C] () -- C:\ProgramData\qjaxlkio.dss [2011.05.17 10:18:17 | 000,819,200 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2011.05.17 10:18:17 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2010.10.04 16:58:21 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll [2010.09.02 18:09:56 | 000,181,767 | ---- | C] () -- C:\Windows\hpoins44.dat [2010.02.12 18:55:03 | 000,000,000 | ---- | C] () -- C:\Users\Evelyne\AppData\Roaming\wklnhst.dat [2010.02.02 22:18:28 | 000,000,016 | ---- | C] () -- C:\Windows\popcinfo.dat [2010.01.31 03:43:47 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [2009.09.04 12:34:16 | 000,009,868 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat [2009.09.04 11:01:12 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2009.07.15 16:50:42 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL [2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 22:59:36 | 001,498,564 | ---- | C] () -- C:\Windows\SysWow64\igkrng400.bin [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.11 10:30:02 | 000,000,586 | ---- | C] () -- C:\Windows\hpomdl44.dat [2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2007.04.27 09:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll ========== LOP Check ========== [2010.12.12 22:05:13 | 000,000,000 | ---D | M] -- C:\Users\Evelyne\AppData\Roaming\Babylon [2011.03.03 20:06:31 | 000,000,000 | ---D | M] -- C:\Users\Evelyne\AppData\Roaming\DVDVideoSoft [2011.02.25 18:43:25 | 000,000,000 | ---D | M] -- C:\Users\Evelyne\AppData\Roaming\DVDVideoSoftIEHelpers [2012.01.03 23:05:35 | 000,000,000 | ---D | M] -- C:\Users\Evelyne\AppData\Roaming\Flo & Seb Engineering [2010.08.25 12:34:52 | 000,000,000 | ---D | M] -- C:\Users\Evelyne\AppData\Roaming\ifolor [2010.04.12 21:02:31 | 000,000,000 | ---D | M] -- C:\Users\Evelyne\AppData\Roaming\Leadertech [2010.10.27 21:43:30 | 000,000,000 | ---D | M] -- C:\Users\Evelyne\AppData\Roaming\LimeWire [2010.06.23 14:18:44 | 000,000,000 | ---D | M] -- C:\Users\Evelyne\AppData\Roaming\MAGIX [2011.11.06 18:14:05 | 000,000,000 | ---D | M] -- C:\Users\Evelyne\AppData\Roaming\MOVAVI [2010.07.22 15:54:31 | 000,000,000 | ---D | M] -- C:\Users\Evelyne\AppData\Roaming\OpenOffice.org [2011.11.05 17:30:25 | 000,000,000 | ---D | M] -- C:\Users\Evelyne\AppData\Roaming\Opera [2011.11.19 22:55:29 | 000,000,000 | ---D | M] -- C:\Users\Evelyne\AppData\Roaming\ProtectDISC [2011.12.08 21:06:25 | 000,000,000 | ---D | M] -- C:\Users\Evelyne\AppData\Roaming\Publish Providers [2011.12.08 21:06:15 | 000,000,000 | ---D | M] -- C:\Users\Evelyne\AppData\Roaming\Sony [2012.01.13 23:45:31 | 000,000,000 | ---D | M] -- C:\Users\Evelyne\AppData\Roaming\Spotify [2010.02.12 18:55:55 | 000,000,000 | ---D | M] -- C:\Users\Evelyne\AppData\Roaming\Template [2010.01.31 03:51:58 | 000,000,000 | ---D | M] -- C:\Users\Evelyne\AppData\Roaming\WildTangent [2011.08.09 01:00:44 | 000,000,000 | ---D | M] -- C:\Users\Evelyne\AppData\Roaming\Windows Live Writer [2010.02.05 14:17:02 | 000,000,000 | ---D | M] -- C:\Users\Evelyne\AppData\Roaming\_MDLogs [2011.10.02 16:14:37 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > --- --- --- OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 14.01.2012 13:12:16 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Evelyne\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
3,97 Gb Total Physical Memory | 1,86 Gb Available Physical Memory | 46,93% Memory free
7,93 Gb Paging File | 5,42 Gb Available in Paging File | 68,29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 218,42 Gb Total Space | 65,13 Gb Free Space | 29,82% Space Free | Partition Type: NTFS
Drive D: | 14,27 Gb Total Space | 2,36 Gb Free Space | 16,54% Space Free | Partition Type: NTFS
Computer Name: EVELYNE-PC | User Name: Evelyne | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{11BA2B00-1495-47B8-BFA8-D08C605AB2CC}" = Windows Live Family Safety
"{16AD84C0-E7A0-F64D-D55A-15D274C4439A}" = ccc-utility64
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1FC18AC7-3F98-45A4-8DB5-69518CE5BBD1}" = HP Officejet Pro 8500 A910 - Grundlegende Software für das Gerät
"{21C069F9-8BC5-4A24-9C8B-7D33E5645E09}" = Studie zur Verbesserung von HP Officejet Pro 8500 A910 Produkten
"{26A24AE4-039D-4CA4-87B4-2F86416014FF}" = Java(TM) 6 Update 14 (64-bit)
"{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = Media Player Classic - Home Cinema v1.5.2.3107 x64
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{7FD7F421-39B2-4CAC-BC41-7D83DDBAB329}" = HP 3D DriveGuard
"{83715090-142B-D305-36EC-7538A007D336}" = ATI Catalyst Install Manager
"{88E60521-1E4E-4785-B9F1-1798A4BD0C30}" = HP MediaSmart SmartMenu
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}" = HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6
"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
"{D4DF3FD3-4467-47EF-8D4A-AF1E691E34F5}" = Logitech Webcam Software
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D600D357-5CB9-4DE9-8FD4-14E208BD1970}" = Nero Backup Drivers
"{D66F0C3C-24F2-4463-9E2F-4381E5C40A26}" = iTunes
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"FFE7D41DF3C645075BB149E21988B63996C34187" = ENE CIR Receiver Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"Kochbuch_is1" = Kochbuch 1.7.4
"lvdrivers_12.0" = Logitech Webcam Software-Treiberpaket
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{0713D1F9-DD77-42C1-8C7D-54D479E2E743}" = Nero SoundTrax 11
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D7A4289-99CF-4B8D-B812-86BE50A54552}" = Nero Video 11
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11
"{13D324E9-9DB1-478D-944C-28BBE1BB80DC}" = HP Officejet Pro 8500 A910 Hilfe
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{266D0EEA-E5A6-4A08-A0EE-5391D4EA44A7}" = Catalyst Control Center - Branding
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{27B0C2FD-9739-8D7D-6552-307C786D9097}" = Catalyst Control Center InstallProxy
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2CA7225D-CB12-462A-9DD1-50319E158BA5}" = Nero 11 PiP Effects Basic
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes
"{320D4FBD-53F7-476B-A4AF-E26A02645918}" = MAGIX Video easy HD
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{38022B5C-0C69-389F-DA48-B87480B5705A}" = CCC Help Turkish
"{390757AA-8830-43DC-AEE0-4E5B6F8439EB}" = Nero SoundTrax 11 Help (CHM)
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3BBBF379-6C7E-0985-18F6-6C60D6C36EC6}" = CCC Help Portuguese
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{4162E4B4-DB62-4719-9921-A59B2671C1CB}" = Nero Recode 11
"{42E2EEB2-D48E-4A47-B181-32ECA031D93B}" = DJ_AIO_06_F2400_SW_Min
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = PowerRecover
"{495A8A3C-8FD0-4C46-9979-95C26181A1AB}" = HP Support Assistant
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4B2F56AC-C043-C84F-3EF1-E6D6F21E934F}" = Catalyst Control Center Graphics Full Existing
"{4F2C2E34-5A3E-0E70-BDFC-A5B1E3C2FFAC}" = Catalyst Control Center Graphics Light
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{532715CE-CFD6-E4F8-53C3-2F1DE31C04DA}" = CCC Help Hungarian
"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)
"{54CC7901-804D-4155-B353-21F0CC9112AB}" = HP Wireless Assistant
"{558CC8A3-F1A2-9C31-7B90-F61E476B8622}" = CCC Help Dutch
"{55C2143E-FBA5-442F-9AFA-726FF068F39D}" = Nero CoverDesigner 11 Help (CHM)
"{57F80ECF-E27C-4EEE-AB58-E971BACE2639}" = Nero Recode 11 Help (CHM)
"{5A212B2D-140D-46F4-B625-2D1CA5A00594}" = Nero 11 Kwik Themes Basic
"{5D76ABD5-262B-6D65-6C13-F38175C7A5AF}" = CCC Help Korean
"{5D92E608-E454-0C8C-D577-7F7C06151117}" = CCC Help Greek
"{5E98FDD6-3672-4DBE-AB8B-2C9A0BED1382}" = Nero 11 Disc Menus 3
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{6AB2427E-A18F-4809-9A12-29F5EBABBB3A}" = Nero BackItUp 11 Help (CHM)
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BAA71B6-8F43-4C72-931A-3354ABB0258A}" = F2400
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{79EECA21-CDFA-6012-5E8B-6CF2623D647A}" = Catalyst Control Center Graphics Full New
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7BE6BC10-6737-CD9D-8363-F919B8D6D917}" = Catalyst Control Center Core Implementation
"{7DF2B5EE-2C16-4E86-9C71-8678068AD805}" = Nero 11 Disc Menus 2
"{8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}" = Nero WaveEditor 11
"{80FBA7A7-ABD1-4910-A916-023075C45593}" = CCC Help Danish
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{8797DE34-22BC-CA33-6B67-A0CC2765B545}" = CCC Help German
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89D1C17B-90DE-650A-073A-A7FA7BC6ECE5}" = CCC Help French
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C664716-FD23-9902-A29E-863D056F46FC}" = CCC Help Russian
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F36B221-F483-B7CE-4DDA-7BDA4D81E306}" = CCC Help English
"{8FB16749-1235-D027-AF25-1D22A9FEC0D5}" = CCC Help Thai
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90850407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9193490D-5229-4FC4-9BB9-A6D63C09574A}" = High-Definition Video Playback
"{91A3A4DE-656A-5C7A-5B61-75FB6D167A6A}" = CCC Help Polish
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9D8491AD-D0D2-4B51-AA4A-A8B67795A553}" = Nero Burning ROM 11
"{9EDB805A-E11C-8842-2393-FDFDA17963AC}" = CCC Help Chinese Traditional
"{A0F34849-D9AB-46DD-B1BE-BB0DB60B1FE8}" = Nero 11 Disc Menus 1
"{A16D1BBD-BE86-0183-4152-2E85FECC31F7}" = CCC Help Finnish
"{A19856E3-C9D7-988E-5B8C-70C87342B8DD}" = Catalyst Control Center Localization All
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2CDC001-F8B3-4C64-9E74-2E3FA0FAC9D9}" = Nero 11 Video Samples
"{A4F6BE36-4826-45BA-A396-04F265A3B61D}" = Nero 11 Kwik Themes 2
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.6
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB2BBC64-8AC8-4E66-BBF3-E22D5EACEECA}" = Nero BackItUp 11
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AD777154-A573-4FCA-C730-D7C33437262C}" = CCC Help Czech
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B160A672-F326-4414-9BB0-A056C61B357C}" = Nero 11 Cliparts
"{B1F69AF3-B5B5-4CA5-ADC5-8A738EB6E574}" = Nero 11 Kwik Themes 1
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B51605BF-6326-4553-AE96-6D7F1813D5F5}" = HP User Guides 0154
"{B53E61D7-7C80-40DF-82D2-CF5390D6D20A}" = HP Advisor
"{B66D2CC9-652D-EBE5-497F-74BBC1029FB4}" = CCC Help Japanese
"{B6A4D07E-725F-07CD-DE49-8AB76939631D}" = CCC Help Norwegian
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}" = Nero Kwik Media Help (CHM)
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BE814218-3919-4EA3-868A-2F60BC135CB4}" = Nero Kwik Media
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11
"{BF930A5D-4F36-5158-C8DA-DECD5B51A78E}" = CCC Help Chinese Standard
"{C00F32D0-898E-4F48-B7E1-79051C279CE7}" = MAGIX Speed burnR (MSI)
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C6FCE95C-0072-40C0-9AB2-3EF88DA6CED9}" = Catalyst Control Center Graphics Previews Common
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{C82C515A-CAE3-44B3-B5CC-81C5E4A92E8F}" = Nero Prerequisite Installer 1.0
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB6075D9-F912-40AE-BEA6-E590DA24F16B}" = Adobe Photoshop Elements 7.0
"{CCE210DF-7EEF-4A76-A63C-3EB091FDB992}" = welcome
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BB}" = WinZip 14.0
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC}" = Nero Express 11 Help (CHM)
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF166A93-835F-DF13-E974-FD73E8D7F4F6}" = CCC Help Swedish
"{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}" = OpenOffice.org 3.2
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E09F7D2B-C1C1-D80B-7775-6FFE9D713C60}" = CCC Help Spanish
"{E10AAE4A-98B8-420A-BD93-E0520C23D624}" = Nero Express 11
"{E26EEBF8-3A50-8095-5877-AE243C8852EF}" = Catalyst Control Center Graphics Previews Vista
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E51BC4B0-EA5E-49CC-AF3B-93B5C627EC22}" = Nero 11 Effects Basic
"{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E755160F-E930-11E0-8B86-F04DA23A5C58}" = Vegas Pro 11.0
"{E9627240-E930-11E0-8690-F04DA23A5C58}" = MSVCRT Redists
"{EB475D31-14C0-4DC3-8E0A-8AE1711399B3}" = Nero 11
"{EB8DED20-A887-4A9C-BB5A-F3E7523DFB44}" = Nero WaveEditor 11 Help (CHM)
"{EC8049FF-B0E3-A963-408C-1B1D8F20DD55}" = CCC Help Italian
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"{F2AF3E5D-9697-485C-A5AC-E2B9468C446A}" = Safari
"{F3743A2C-5D5F-4456-8F98-5DF36A954C50}" = Nero 11 Image Samples
"{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}" = HP Setup
"{F49EF443-B2BD-4F10-8A46-87AFCDB90EDD}" = Nero 11 Disc Menus Basic
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F7CA7716-7CBD-4C03-A2FD-4A0183FDDB71}" = MAGIX Screenshare
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FAC3C37E-EDAB-4F3A-A173-A7C70CC88F09}" = Nero Video 11 Help (CHM)
"{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy
"{FB0C267C-8B4F-4867-8161-A6A3B66D42C1}" = Marketsplash Schnellzugriffe
"{FD1D88FA-E5E0-BA76-73C8-7362E9703842}" = ccc-core-static
"{FF44BCE5-5A18-4051-85F0-BC172D7B4695}" = Nero CoverDesigner 11
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 7" = Adobe Photoshop Elements 7.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AOL Toolbar" = AOL Toolbar 5.0
"DirectVobSub" = DirectVobSub (remove only)
"DivX Setup.divx.com" = DivX-Setup
"EasyBits Magic Desktop" = Magic Desktop
"facemoods" = Facemoods Toolbar
"Free DVD Video Burner_is1" = Free DVD Video Burner version 3.0.1
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 6.2
"Free YouTube Download_is1" = Free YouTube Download version 2.10.31
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ifolor-Designer" = ifolor Designer
"ifolor-OrderClient" = ifolor Bestellsoftware 3.7
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV
"InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"LimeWire" = LimeWire 5.5.16
"MAGIX_MSI_Video_easy_2" = MAGIX Video easy HD
"Movavi Video Converter 11" = Movavi Video Converter 11
"Mozilla Firefox 9.0.1 (x86 de)" = Mozilla Firefox 9.0.1 (x86 de)
"Opera 11.51.1087" = Opera 11.51
"OTH_screensaver" = OTH_screensaver
"RealPlayer 12.0" = RealPlayer
"SUPER ©" = SUPER © Version 2010.bld.38 (May 2, 2010)
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.0.5
"WildTangent hp Master Uninstall" = HP Games
"Windows Searchqu Toolbar" = Windows iLivid Toolbar
"WinLiveSuite" = Windows Live Essentials
"Xvid_is1" = Xvid 1.2.2 final uninstall
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 14.12.2011 07:55:09 | Computer Name = Evelyne-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 14.12.2011 07:55:09 | Computer Name = Evelyne-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6240
Error - 14.12.2011 07:55:09 | Computer Name = Evelyne-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6240
Error - 14.12.2011 07:55:10 | Computer Name = Evelyne-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 14.12.2011 07:55:10 | Computer Name = Evelyne-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 7551
Error - 14.12.2011 07:55:10 | Computer Name = Evelyne-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 7551
Error - 14.12.2011 07:55:11 | Computer Name = Evelyne-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 14.12.2011 07:55:11 | Computer Name = Evelyne-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 8565
Error - 14.12.2011 07:55:11 | Computer Name = Evelyne-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 8565
Error - 15.12.2011 05:45:49 | Computer Name = Evelyne-PC | Source = SideBySide | ID = 16842827
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe". Fehler in Manifest-
oder Richtliniendatei "C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe"
in Zeile 2. Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.
[ System Events ]
Error - 12.01.2012 05:37:14 | Computer Name = Evelyne-PC | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Kaspersky Anti-Virus Service" wurde nicht richtig gestartet.
Error - 12.01.2012 05:37:14 | Computer Name = Evelyne-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
kl2
Error - 12.01.2012 19:25:00 | Computer Name = Evelyne-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?12.?01.?2012 um 13:02:17 unerwartet heruntergefahren.
Error - 12.01.2012 19:26:14 | Computer Name = Evelyne-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
kl2
Error - 13.01.2012 05:28:37 | Computer Name = Evelyne-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Windows Live ID Sign-in Assistant erreicht.
Error - 13.01.2012 05:28:37 | Computer Name = Evelyne-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Live ID Sign-in Assistant" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1053
Error - 13.01.2012 05:29:51 | Computer Name = Evelyne-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
kl2
Error - 13.01.2012 08:20:32 | Computer Name = Evelyne-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?13.?01.?2012 um 13:17:52 unerwartet heruntergefahren.
Error - 13.01.2012 08:23:02 | Computer Name = Evelyne-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
kl2
Error - 13.01.2012 18:47:08 | Computer Name = Evelyne-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
kl2
< End of report >
Geändert von melody1984 (14.01.2012 um 13:32 Uhr) |
| Themen zu Trojaner www.searchqu.com/406 |
| 64-bit, antiviren, bandoo, firefox, install.exe, kaspersky, krieg, microsoft office word, mozilla, mozilla firefox, office 2007, officejet, plug-in, problem, programm, richtlinie, riesiges, schei, searchqu toolbar, security update, seite, spotify, startseite, super, titel, troja, trojaner, version=1.0, video converter, wahrscheinlich, wallpapers, webcheck, windows, windows 7 |
Baum-Darstellung