Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Live Security Platinum Befall

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Alt 27.07.2012, 11:30   #1
Pac11
 
Live Security Platinum Befall - Icon21

Live Security Platinum Befall



Hallo liebe Forengemeinde,

auch bei mir hat sich das hölzerne Pferd "Live Security Platinum" eingeschlichen und mir erstmal einen gehörigen Schreck eingejagt! Die üblichen Probleme und wenig Brauchbares im Netz dazu...lediglich bei Euch fand ich, durch das Lesen der anderen Threads, brauchbare Antworten, so dass ich für einen Blick auf meine Logfiles sehr dankbar wäre!

Logfile von Malwarebytes Anti-Malware:
Quickscan im abgesicherten Modus
Code:
ATTFilter
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.07.26.13

Windows 7 Service Pack 1 x64 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 8.0.7601.17514
Pac :: PAC-PC [Administrator]

26.07.2012 20:24:36
mbam-log-2012-07-26 (20-24-36).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 197295
Laufzeit: 3 Minute(n), 13 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Golden Palace Casino PT (Trojan.DNSChanger) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce|0C1CFAEF000105FC004F66CCF875EF60 (Trojan.LameShield) -> Daten: C:\ProgramData\0C1CFAEF000105FC004F66CCF875EF60\0C1CFAEF000105FC004F66CCF875EF60.exe -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 1
C:\Users\Pac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Security Platinum (Rogue.LiveSecurityPlatinum) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 8
C:\ProgramData\0C1CFAEF000105FC004F66CCF875EF60\0C1CFAEF000105FC004F66CCF875EF60.exe (Trojan.LameShield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Pac\AppData\Local\Temp\msimg32.dll (RootKit.0Access) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Pac\AppData\Local\Temp\sdhttt.exe (Spyware.Zbot) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Pac\AppData\Local\Temp\~!#BE59.tmp (RootKit.0Access) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Pac\AppData\Local\Temp\~!#C28F.tmp (Trojan.Delf) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Pac\AppData\Local\Temp\2F88.tmp (Exploit.Drop.GS) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Pac\Desktop\Live Security Platinum.lnk (Rogue.LiveSecurityPlatinum) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Pac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Security Platinum\Live Security Platinum.lnk (Rogue.LiveSecurityPlatinum) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
         
danach Full Scan im normalen Modus
Code:
ATTFilter
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.07.26.13

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Pac :: PAC-PC [Administrator]

26.07.2012 20:35:41
mbam-log-2012-07-26 (20-35-41).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|H:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 983185
Laufzeit: 2 Stunde(n), 48 Minute(n), 35 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Users\Pac\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\111e5378-1d987b09 (Spyware.Zbot) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
         
dann den ESET Online Scanner laufen lassen, hier das Logfile
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=bb79f862262a654e8835678d837cf20f
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-07-27 12:27:40
# local_time=2012-07-27 02:27:40 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1792 16777215 100 0 10384834 10384834 0 0
# compatibility_mode=5893 16776574 100 94 34557928 94969513 0 0
# compatibility_mode=8192 67108863 100 0 187 187 0 0
# scanned=785643
# found=14
# cleaned=0
# scan_time=9197
C:\Users\Pac\AppData\Local\Temp\casF663.tmp	a variant of Win32/PrimeCasino application (unable to clean)	00000000000000000000000000000000	I
D:\Eigene Dokumente\_Private Ablage\Files\DBox Backup\remote\DBOXremote.exe	probably unknown NewHeur_PE virus (unable to clean)	00000000000000000000000000000000	I
E:\Tools\PDFCreator\Toolbar\pdfforge Toolbar_setup.exe	Win32/Toolbar.Widgi application (unable to clean)	00000000000000000000000000000000	I
F:\Downloads\casinoshare.exe	a variant of Win32/PrimeCasino application (unable to clean)	00000000000000000000000000000000	I
F:\Downloads\PDFCreator-1_2_3_setup.exe	Win32/Toolbar.Widgi application (unable to clean)	00000000000000000000000000000000	I
H:\Backup\So\BD02\LwD\Eigene Dokumente\_Private Ablage\Files\DBox Backup\remote\DBOXremote.exe	probably unknown NewHeur_PE virus (unable to clean)	00000000000000000000000000000000	I
H:\Backup\So\BD02\LwF\Downloads\casinoshare.exe	a variant of Win32/PrimeCasino application (unable to clean)	00000000000000000000000000000000	I
H:\Backup\So\BD02\LwF\Downloads\PDFCreator-1_2_3_setup.exe	Win32/Toolbar.Widgi application (unable to clean)	00000000000000000000000000000000	I
H:\Backup\So\BD03\LwD\Eigene Dokumente\_Private Ablage\Files\DBox Backup\remote\DBOXremote.exe	probably unknown NewHeur_PE virus (unable to clean)	00000000000000000000000000000000	I
H:\Backup\So\BD03\LwF\Downloads\casinoshare.exe	a variant of Win32/PrimeCasino application (unable to clean)	00000000000000000000000000000000	I
H:\Backup\So\BD03\LwF\Downloads\PDFCreator-1_2_3_setup.exe	Win32/Toolbar.Widgi application (unable to clean)	00000000000000000000000000000000	I
H:\Backup\So\LwD\Eigene Dokumente\_Private Ablage\Files\DBox Backup\remote\DBOXremote.exe	probably unknown NewHeur_PE virus (unable to clean)	00000000000000000000000000000000	I
H:\Backup\So\LwF\Downloads\casinoshare.exe	a variant of Win32/PrimeCasino application (unable to clean)	00000000000000000000000000000000	I
H:\Backup\So\LwF\Downloads\PDFCreator-1_2_3_setup.exe	Win32/Toolbar.Widgi application (unable to clean)	00000000000000000000000000000000	I
         
Zum Schluss OTL mit Standarteinstellungen!?
Code:
ATTFilter
OTL logfile created on: 27.07.2012 12:00:27 - Run 1
OTL by OldTimer - Version 3.2.55.0     Folder = C:\Users\Pac\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
6,00 Gb Total Physical Memory | 4,58 Gb Available Physical Memory | 76,33% Memory free
12,00 Gb Paging File | 10,37 Gb Available in Paging File | 86,47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 92,77 Gb Total Space | 40,51 Gb Free Space | 43,66% Space Free | Partition Type: NTFS
Drive D: | 92,77 Gb Total Space | 84,28 Gb Free Space | 90,85% Space Free | Partition Type: NTFS
Drive E: | 117,19 Gb Total Space | 62,23 Gb Free Space | 53,10% Space Free | Partition Type: NTFS
Drive F: | 163,01 Gb Total Space | 92,35 Gb Free Space | 56,65% Space Free | Partition Type: NTFS
Drive H: | 232,88 Gb Total Space | 41,61 Gb Free Space | 17,87% Space Free | Partition Type: NTFS
 
Computer Name: PAC-PC | User Name: Pac | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.07.27 02:36:50 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Pac\Desktop\OTL.exe
PRC - [2012.07.11 13:49:46 | 004,066,816 | ---- | M] (J. Rathlev, IEAP, Uni-Kiel) -- E:\Tools\Personal Backup 5\Persbackup.exe
PRC - [2012.05.09 00:20:07 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.09 00:20:07 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.09 00:20:07 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010.03.08 17:22:18 | 007,283,328 | ---- | M] (ASUSTeK Computer Inc.) -- E:\Tools\EPU-6 Engine\SixEngine.exe
PRC - [2009.09.03 23:17:14 | 003,342,336 | ---- | M] (Electronic Arts) -- E:\Games\EADM\Core.exe
PRC - [2009.05.01 15:35:54 | 000,181,544 | ---- | M] (Seagate Technology LLC) -- E:\Tools\SeagateManager\Sync\FreeAgentService.exe
PRC - [2009.04.02 12:27:26 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2009.09.30 12:33:06 | 000,024,576 | ---- | M] () -- C:\Windows\SysWOW64\AsIO.dll
MOD - [2009.08.27 20:41:46 | 000,565,248 | ---- | M] () -- E:\Tools\EPU-6 Engine\pngio.dll
MOD - [2009.08.27 20:41:46 | 000,053,248 | ---- | M] () -- E:\Tools\EPU-6 Engine\AsSpindownTimeout.dll
MOD - [2009.04.22 21:20:00 | 000,179,712 | ---- | M] () -- E:\Tools\EPU-6 Engine\AsusService.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2012.02.15 05:13:00 | 000,235,520 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.07.18 18:50:44 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.05.09 00:20:07 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.05.09 00:20:07 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.02.18 12:13:08 | 000,481,064 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.08.03 20:08:40 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.03.28 21:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.09.22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.05.01 15:35:54 | 000,181,544 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- E:\Tools\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2009.04.02 12:27:26 | 000,090,112 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -- (AsSysCtrlService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.05.09 00:20:07 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.05.09 00:20:07 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.23 14:32:04 | 000,095,760 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012.02.15 05:48:32 | 010,856,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2012.02.15 05:48:32 | 010,856,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.02.15 04:13:12 | 000,327,680 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.09.16 16:08:07 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.05.13 16:37:54 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 05:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 03:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 03:03:44 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2009.08.23 13:08:10 | 000,056,320 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E)
DRV:64bit: - [2009.07.16 12:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.09 04:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.08 11:08:00 | 000,020,520 | ---- | M] (GARMIN Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\grmnusb.sys -- (grmnusb)
DRV:64bit: - [2005.09.23 23:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-2514236319-2276680423-263640637-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2514236319-2276680423-263640637-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-2514236319-2276680423-263640637-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 02 FE BD 8E 3D 67 CD 01  [binary data]
IE - HKU\S-1-5-21-2514236319-2276680423-263640637-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2514236319-2276680423-263640637-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2514236319-2276680423-263640637-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.spiegel.de|hxxp://www.bild.de|hxxp://www.comdirect.de|hxxp://www.bonusjaeger.de|hxxp://www.fcstpauli.com/index.php"
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_268.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.18 18:50:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.01.25 15:48:14 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.18 18:50:44 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.01.25 15:48:14 | 000,000,000 | ---D | M]
 
[2011.06.23 00:44:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pac\AppData\Roaming\mozilla\Extensions
[2012.06.16 12:11:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pac\AppData\Roaming\mozilla\Firefox\Profiles\ixdclqlm.default\extensions
[2011.08.18 17:21:09 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Pac\AppData\Roaming\mozilla\Firefox\Profiles\ixdclqlm.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2012.06.16 12:11:57 | 000,000,000 | ---D | M] (ColorZilla) -- C:\Users\Pac\AppData\Roaming\mozilla\Firefox\Profiles\ixdclqlm.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
[2011.10.21 11:14:36 | 000,000,000 | ---D | M] (Default Manager) -- C:\Users\Pac\AppData\Roaming\mozilla\Firefox\Profiles\ixdclqlm.default\extensions\DefaultManager@Microsoft
[2012.01.24 09:54:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.02.18 22:30:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.07.18 18:50:44 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012.02.19 13:10:05 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.02.19 13:10:05 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.02.19 13:10:05 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.19 13:10:05 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.19 13:10:05 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.19 13:10:05 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - E:\Tools\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Programme\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2514236319-2276680423-263640637-1000..\Run: [AdobeBridge]  File not found
O4 - HKU\S-1-5-21-2514236319-2276680423-263640637-1000..\Run: [EA Core] E:\Games\EADM\Core.exe (Electronic Arts)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Pac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Persbackup.lnk = E:\Tools\Personal Backup 5\Persbackup.exe (J. Rathlev, IEAP, Uni-Kiel)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - E:\Tools\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - E:\Tools\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E5F7393B-0DB1-4650-8E63-E93ABE7939A4}: NameServer = 192.168.123.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - E:\Tools\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.07.27 02:36:49 | 000,597,504 | ---- | C] (OldTimer Tools) -- C:\Users\Pac\Desktop\OTL.exe
[2012.07.26 23:51:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012.07.26 23:51:10 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Pac\Desktop\esetsmartinstaller_enu.exe
[2012.07.26 23:40:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012.07.26 23:40:08 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012.07.26 23:40:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012.07.26 23:36:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.07.26 23:36:26 | 000,772,592 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012.07.26 23:36:26 | 000,227,824 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012.07.26 23:36:20 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012.07.26 23:36:20 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012.07.26 20:30:06 | 000,000,000 | ---D | C] -- C:\Users\Pac\Desktop\LiveSec
[2012.07.26 20:23:50 | 000,000,000 | ---D | C] -- C:\Users\Pac\AppData\Roaming\Malwarebytes
[2012.07.26 20:23:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.07.26 20:23:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.07.26 20:23:40 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.07.26 20:13:58 | 010,652,120 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Pac\Desktop\mbam-setup-1.62.0.1300.exe
[2012.07.26 01:38:19 | 000,000,000 | ---D | C] -- C:\ProgramData\0C1CFAEF000105FC004F66CCF875EF60
[2012.07.16 21:55:57 | 000,000,000 | ---D | C] -- C:\Users\Pac\AppData\Roaming\dvdcss
[2012.07.12 12:24:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2012.07.11 03:03:48 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2012.07.10 21:43:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012.07.10 21:43:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012.07.10 21:43:03 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012.07.10 21:42:58 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012.07.10 21:42:58 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012.07.10 21:42:51 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012.07.10 21:42:50 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
 
========== Files - Modified Within 30 Days ==========
 
[2012.07.27 11:43:39 | 000,019,968 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.27 11:43:39 | 000,019,968 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.27 11:42:59 | 001,641,292 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.07.27 11:42:59 | 000,707,088 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.07.27 11:42:59 | 000,660,706 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.07.27 11:42:59 | 000,152,680 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.07.27 11:42:59 | 000,124,896 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.07.27 11:37:31 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.27 11:36:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.27 11:36:02 | 536,121,343 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.27 02:38:27 | 000,000,834 | ---- | M] () -- C:\Users\Pac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Persbackup.lnk
[2012.07.27 02:36:50 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Pac\Desktop\OTL.exe
[2012.07.27 02:07:03 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.26 23:51:13 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Pac\Desktop\esetsmartinstaller_enu.exe
[2012.07.26 23:43:07 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.07.26 23:43:07 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.07.26 23:36:17 | 000,772,592 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012.07.26 23:36:17 | 000,687,600 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012.07.26 23:36:17 | 000,227,824 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012.07.26 23:36:17 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012.07.26 23:36:17 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012.07.26 20:23:41 | 000,000,727 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.07.26 20:05:32 | 010,652,120 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Pac\Desktop\mbam-setup-1.62.0.1300.exe
[2012.07.11 08:50:23 | 005,294,608 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.07.03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
 
========== Files Created - No Company Name ==========
 
[2012.07.26 20:23:41 | 000,000,727 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.07.26 01:42:13 | 000,001,712 | ---- | C] () -- C:\Users\Pac\AppData\Local\{ce398f6c-eb8f-12ea-509f-3723abf83f77}\U\00000001.@
[2012.07.02 17:53:32 | 000,054,462 | ---- | C] () -- C:\Users\Pac\Desktop\Half Baked - Fuck You, Fuck You, You're Cool....mp3
[2012.05.02 01:07:30 | 000,000,040 | ---- | C] () -- C:\ProgramData\ra3.ini
[2012.04.17 23:42:40 | 000,003,584 | ---- | C] () -- C:\Users\Pac\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.03.02 15:16:44 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2012.03.02 15:16:44 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2012.02.15 18:32:28 | 000,577,536 | ---- | C] () -- C:\Windows\SysWow64\ChilkatCsv.dll
[2012.02.15 04:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.02.15 04:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.01.31 07:00:24 | 000,016,896 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012.01.11 12:02:18 | 000,002,048 | -HS- | C] () -- C:\Users\Pac\AppData\Local\{ce398f6c-eb8f-12ea-509f-3723abf83f77}\@
[2011.10.25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.07.13 20:49:38 | 000,220,160 | R--- | C] () -- C:\Windows\Printers.exe
[2011.07.13 20:49:38 | 000,026,244 | ---- | C] () -- C:\Windows\SysWow64\PRTmate.dll
[2011.06.30 03:12:38 | 000,000,091 | ---- | C] () -- C:\Users\Pac\AppData\Local\fusioncache.dat
[2011.06.29 19:24:03 | 001,618,250 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.06.23 01:23:28 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2011.06.23 01:23:28 | 000,013,440 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2011.06.22 21:12:00 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2011.06.22 20:47:41 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 1233 bytes -> C:\Users\Pac\AppData\Local\dHmP5f0GyaW:jNAtcAKClfGOtWOxelMvN6kl

< End of report >
         
und die Extras.txt
Code:
ATTFilter
OTL Extras logfile created on: 27.07.2012 12:00:27 - Run 1
OTL by OldTimer - Version 3.2.55.0     Folder = C:\Users\Pac\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
6,00 Gb Total Physical Memory | 4,58 Gb Available Physical Memory | 76,33% Memory free
12,00 Gb Paging File | 10,37 Gb Available in Paging File | 86,47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 92,77 Gb Total Space | 40,51 Gb Free Space | 43,66% Space Free | Partition Type: NTFS
Drive D: | 92,77 Gb Total Space | 84,28 Gb Free Space | 90,85% Space Free | Partition Type: NTFS
Drive E: | 117,19 Gb Total Space | 62,23 Gb Free Space | 53,10% Space Free | Partition Type: NTFS
Drive F: | 163,01 Gb Total Space | 92,35 Gb Free Space | 56,65% Space Free | Partition Type: NTFS
Drive H: | 232,88 Gb Total Space | 41,61 Gb Free Space | 17,87% Space Free | Partition Type: NTFS
 
Computer Name: PAC-PC | User Name: Pac | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-2514236319-2276680423-263640637-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "E:\Tools\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- E:\Tools\aftereffects\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "E:\Tools\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "E:\Tools\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- E:\Tools\aftereffects\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "E:\Tools\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06527E40-71ED-41C8-8D89-60C01641F98E}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{09362BCE-135B-439B-9901-87998D31AF3D}" = rport=445 | protocol=6 | dir=out | app=system | 
"{19B1B22D-9D03-41E2-B01C-96E2A12FA82B}" = rport=139 | protocol=6 | dir=out | app=system | 
"{21A75DB4-E346-403D-B038-25CE5BE2B6F6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{228965E0-F3A3-4709-92E8-D119D796A61E}" = rport=138 | protocol=17 | dir=out | app=system | 
"{22D60A80-3476-44D5-9FA4-C47F8DB7F96E}" = lport=139 | protocol=6 | dir=in | app=system | 
"{41C34A7A-ADBC-477B-87AB-D9BE4903DB31}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{420793B0-C479-4C7A-8484-D364794EB9FC}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{4593F041-EF4C-4B00-B1EF-8F06F4B02569}" = lport=138 | protocol=17 | dir=in | app=system | 
"{4A5D5259-4254-47D3-8D3E-A95184FFBC42}" = lport=137 | protocol=17 | dir=in | app=system | 
"{563459DD-A0A2-4770-ADB2-853F0A7EDF78}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{66852CF8-06BD-433A-B458-82E1DCA9FFB7}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{6C23F9A0-75BE-4236-BDDF-81E3541CB8A8}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{9484A8DE-E64C-49EA-8970-58AA1D4D3F58}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{9B9FBBA3-98A3-4A6C-BCCA-59C744E55054}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{A191FAA9-2E49-4265-BE20-7105334FBE1D}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | 
"{A4C5AA69-04BB-4F83-AE09-8DCDDD4417D0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{A9B9E5A0-9500-4F50-A8A0-701AB9981D26}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | 
"{BE68B136-A530-44E0-86FC-6AB9BCC9E7C2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{C24F646B-7D44-4ADE-AC71-D0F16C6F76E1}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{C6F26E9E-8CA9-4DB8-8BAE-626C58F9F782}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{CF4B7F5B-9A46-469C-BBC2-F60BE116A2CE}" = rport=137 | protocol=17 | dir=out | app=system | 
"{D44B1202-08F0-4B7E-B4B6-D996A5D09551}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{D6D10009-339B-42C0-BAE5-3B79BAB6DDF7}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{E15DAA17-3866-4E5B-BFF8-6E6F6AF9F8E5}" = lport=445 | protocol=6 | dir=in | app=system | 
"{EC82E55B-954E-496A-97BB-D71E4247C600}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{FF330C6C-8E2F-4661-8058-A69353E38D10}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0109D111-7A02-4FE7-9FD7-95966D68402C}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{0AB4BC8F-2C92-49CA-A2C8-705D5A914B51}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{0D23A6F7-E137-4551-9021-D0F89D913A47}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{0D34AAC7-FA83-4E2C-ACBA-BE46FFB6982F}" = protocol=6 | dir=in | name=xampp | 
"{1244E99B-1B5A-40E9-9AFD-2BC08A593515}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{1297CBE9-9CAF-4D77-AACD-9F7185518034}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\hwienbeck@clanland.de\counter-strike source\hl2.exe | 
"{1E486EAA-0878-4B3A-B991-5D9D62D41B7D}" = protocol=17 | dir=in | app=e:\games\colonization\colonization.exe | 
"{1FC5931A-198C-41D0-87C8-26A42A8A2C32}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{2639B830-393F-4130-9D36-515624736F38}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\hwienbeck@clanland.de\counter-strike\hl.exe | 
"{27711DBB-0B9B-4552-B707-182B653AA61A}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{2BBFE37F-59D3-4C62-A65C-F2514CD54A8C}" = protocol=6 | dir=in | app=e:\games\steam\steam.exe | 
"{3A27BD8E-0B55-432A-AE89-325678947CA7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{3C301957-03BC-4C0B-8564-BD9E700FEAC6}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{3FF01D3F-55DC-4348-B16E-E960B6FFC914}" = protocol=17 | dir=in | app=e:\games\steam\steam.exe | 
"{4278B7E5-FC67-402E-94CD-733910182BCD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{427EAF7A-A193-439D-A7BA-94EB99A76CBE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{45CB028C-10DB-41FC-9440-B1F258DB519F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{4658FEC5-D949-45C1-BA59-B6F3DFB1EB14}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{57D35947-246D-4CA1-8633-958BB88C4010}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe | 
"{5988E0A3-8266-4AE9-A185-647988139C85}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{5AB3992F-7FA2-458B-B2EF-7BE6487EB7A1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{67413443-DEF3-4092-825F-265F0D8E8C80}" = protocol=17 | dir=in | app=e:\media\pinnacle15\programs\umi.exe | 
"{67EFE81F-C927-405F-9663-A225D4D4DEEE}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{68B849D6-6318-4951-B246-FA6BFF4CEF77}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | 
"{724442F5-CCCE-40BC-A6BC-DCC2E7CA1177}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\hwienbeck@clanland.de\counterstrike source beta\hl2.exe | 
"{72CDAD08-0F0B-46A6-A28B-26BEF6835EAD}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\hwienbeck@clanland.de\counter-strike\hl.exe | 
"{77E2C97C-D751-427F-847C-D689367CD75E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{7DC22FE7-AF7D-4AF9-A8B6-93751C87EE7F}" = protocol=6 | dir=in | app=e:\games\colonization\colonization.exe | 
"{81D7A321-EBD2-4AB3-BB72-9AD452D9EBBC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{878AFDE4-E896-46F3-96A3-91E91A73A0F4}" = protocol=6 | dir=out | app=system | 
"{92D072B0-F6D1-475C-8272-38286D79F5FB}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{9B502CBF-1341-4393-B1D1-5F284DEC42C5}" = protocol=6 | dir=in | app=e:\media\pinnacle15\programs\umi.exe | 
"{A428C304-5407-4CBD-AC80-8BB5B9639681}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{AE188F4B-55EA-4EA8-946B-A7FAD65E2A62}" = protocol=17 | dir=in | app=e:\media\pinnacle15\programs\studio.exe | 
"{AF466990-7CE3-414A-BD80-91572E027902}" = protocol=6 | dir=in | app=c:\users\pac\appdata\roaming\dropbox\bin\dropbox.exe | 
"{B54A268A-3E71-44F0-BDAC-1A4F90552251}" = dir=in | app=e:\games\command & conquer 3\retailexe\1.0\cnc3game.dat | 
"{BD63F380-04EA-43C2-829E-014A194BBB17}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{C3C1836E-CF6A-4695-B29D-D70A2A5ED497}" = protocol=6 | dir=in | app=e:\media\pinnacle15\programs\studio.exe | 
"{CB25D87E-32EC-44A2-8C61-5FAD14825359}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{CBA5E694-E970-47F1-B05D-FCE5C4714FAC}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\hwienbeck@clanland.de\counterstrike source beta\hl2.exe | 
"{CE76A938-EEB7-4067-9290-3706FFE87AC9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{DAE9E890-F21B-45D6-AC2F-DCBE0BC89C5B}" = protocol=6 | dir=in | app=e:\media\pinnacle15\programs\rm.exe | 
"{E39EFDE2-C436-4242-81FA-A42237C1413C}" = protocol=17 | dir=in | app=e:\media\pinnacle15\programs\rm.exe | 
"{E4943167-05C7-4599-B081-01E442B0AC0A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{E556CD7E-0BA2-4AF8-8CC3-F7F493025EEB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{E57F55E5-9CFB-40E7-BD55-8DF6CC2F32CC}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\hwienbeck@clanland.de\counter-strike source\hl2.exe | 
"{F0E6BCFD-1DE8-4018-B15D-5B2E5AB39DCB}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe | 
"{F46C745D-3598-47DA-8AEE-8F43D1FCCC19}" = protocol=17 | dir=in | app=c:\users\pac\appdata\roaming\dropbox\bin\dropbox.exe | 
"{F46D46B0-95EC-409C-97FB-8B49ED47B7B4}" = dir=in | app=e:\tools\skype\phone\skype.exe | 
"{F7CD70BB-C840-4175-BEAE-3A1FCE6941AD}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | 
"TCP Query User{0D1D5103-C80F-4575-832F-787CD7673714}E:\games\eadm\core.exe" = protocol=6 | dir=in | app=e:\games\eadm\core.exe | 
"TCP Query User{0FA4014E-047C-4723-9134-9235EECF5583}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | 
"TCP Query User{17739065-4943-47E1-876E-F80BCE6771B1}E:\tools\rsync\rsync\rsync.exe" = protocol=6 | dir=in | app=e:\tools\rsync\rsync\rsync.exe | 
"TCP Query User{2D489AB4-106B-48E0-A108-32F2FE4D50A1}E:\games\alarmstufe rot 3\data\ra3_1.12.game" = protocol=6 | dir=in | app=e:\games\alarmstufe rot 3\data\ra3_1.12.game | 
"TCP Query User{2FA91A5C-A48B-4969-88F5-0962F20E41CA}C:\users\pac\appdata\local\temp\electronicarts_patcher_000.exe" = protocol=6 | dir=in | app=c:\users\pac\appdata\local\temp\electronicarts_patcher_000.exe | 
"TCP Query User{443E65CE-57D3-4D6B-BF49-0138966D76AB}D:\projekte\testumgebung\xampp\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=d:\projekte\testumgebung\xampp\mysql\bin\mysqld.exe | 
"TCP Query User{4FCF9B81-5588-48DB-9D4E-C1AB470379F6}F:\gepacktes\aoe2\aoe2\age_of_kings\empires2.exe" = protocol=6 | dir=in | app=f:\gepacktes\aoe2\aoe2\age_of_kings\empires2.exe | 
"TCP Query User{80ED95E6-1268-464B-BA9F-A86F79F193EB}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe | 
"TCP Query User{8227B431-C0F6-45E6-8053-8C22CDED8A3F}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe | 
"TCP Query User{CA9B47CB-B5D1-477A-839B-C0AD3913FDFA}E:\games\eadm\core.exe" = protocol=6 | dir=in | app=e:\games\eadm\core.exe | 
"TCP Query User{DED9BB6F-E5D4-4298-BA9D-0012BE44BB5C}D:\projekte\testumgebung\xampp\apache\bin\httpd.exe" = protocol=6 | dir=in | app=d:\projekte\testumgebung\xampp\apache\bin\httpd.exe | 
"UDP Query User{041A0DF5-7A0D-4357-BF8D-1543950AB4ED}C:\users\pac\appdata\local\temp\electronicarts_patcher_000.exe" = protocol=17 | dir=in | app=c:\users\pac\appdata\local\temp\electronicarts_patcher_000.exe | 
"UDP Query User{22E03189-5B5D-4285-B648-9BC68FB57A1B}F:\gepacktes\aoe2\aoe2\age_of_kings\empires2.exe" = protocol=17 | dir=in | app=f:\gepacktes\aoe2\aoe2\age_of_kings\empires2.exe | 
"UDP Query User{25FDE982-36F1-41DD-9577-E5CEFF903E39}D:\projekte\testumgebung\xampp\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=d:\projekte\testumgebung\xampp\mysql\bin\mysqld.exe | 
"UDP Query User{535A3148-DC7B-4E23-8367-A1598A47F323}E:\games\eadm\core.exe" = protocol=17 | dir=in | app=e:\games\eadm\core.exe | 
"UDP Query User{7B9F7EED-9843-4E3C-B185-48EBF304DAB3}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | 
"UDP Query User{87F6D60E-3031-46C0-BBB9-E2D7CBBA6289}E:\games\alarmstufe rot 3\data\ra3_1.12.game" = protocol=17 | dir=in | app=e:\games\alarmstufe rot 3\data\ra3_1.12.game | 
"UDP Query User{991EF628-D7FA-4387-B5BE-9141213C72AD}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe | 
"UDP Query User{E8BCD15B-39B5-41A5-AAA8-F3D1E692C109}D:\projekte\testumgebung\xampp\apache\bin\httpd.exe" = protocol=17 | dir=in | app=d:\projekte\testumgebung\xampp\apache\bin\httpd.exe | 
"UDP Query User{EF96E7F0-246B-4770-941F-45644E1145A0}E:\games\eadm\core.exe" = protocol=17 | dir=in | app=e:\games\eadm\core.exe | 
"UDP Query User{F052ACDF-8525-4C98-B215-3DDB990CA3DE}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe | 
"UDP Query User{FD81AEB9-15C7-4678-B52E-2CBEEE11EAED}E:\tools\rsync\rsync\rsync.exe" = protocol=17 | dir=in | app=e:\tools\rsync\rsync\rsync.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0C818871-6337-17AC-CA8C-A3942F15D92A}" = AMD Accelerated Video Transcoding
"{11BA2B00-1495-47B8-BFA8-D08C605AB2CC}" = Windows Live Family Safety
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{47F9B7C3-F172-940F-D0C4-203C7914E5D2}" = AMD Catalyst Install Manager
"{495ADF2E-6DDD-7C45-E02A-F9B4AF6F2175}" = AMD Drag and Drop Transcoding
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{54FFD5AC-7350-52B9-FB8F-1A8A6CF1FB5B}" = AMD Media Foundation Decoders
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D6DDB606-CD15-98C7-AA65-6B617EE8CDA5}" = ccc-utility64
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0)
"CrypTool 2" = CrypTool 2.0 (Beta 7b - Build 4481.1)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{030C0401-52A9-BE86-D8A7-52C0DA203275}" = CCC Help Swedish
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0497EAED-70DA-4BBE-BEB3-AF77FD8788EA}" = Adobe Premiere Pro CS5.5
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20B1B020-DEAE-48D1-9960-D4C3185D758B}" = Phase 5 HTML-Editor
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{283153BB-CEE6-EE9C-81E8-4350D73354BA}" = CCC Help Turkish
"{296D8550-CB06-48E4-9A8B-E5034FB64715}" = Command & Conquer™ Alarmstufe Rot 3
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29F05234-DCBB-4FE0-88DC-5160C9250312}" = Adobe Photoshop CS3
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{2ECA81CA-D932-4AD3-AD59-BF5CCF099C83}" = Catalyst Control Center - Branding
"{30D1F3D2-54CF-481D-A005-F94B0E98FEEC}" = Sid Meier's Civilization 4 Complete
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{32E4F0D2-C135-475E-A841-1D59A0D22989}" = Sid Meier's Civilization 4 - Beyond the Sword
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39445575-7D3A-52AA-152B-7F9423D1AE69}" = CCC Help German
"{3C9A3282-9DAE-F492-13F4-6D4D664AC15F}" = CCC Help Spanish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers
"{52210D57-0B1F-4681-90DD-8659DF4BCC40}" = Moorhuhn Remake
"{5236FA8C-4B70-E30E-93EF-F7D3A5E468C7}" = CCC Help Greek
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{56B83336-FBC1-4C46-8613-90A9E3B440D6}" = EPU-6 Engine
"{586F0E27-0BC5-34DE-AA0B-96D14397910E}" = CCC Help Russian
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5AF7EA0B-F009-CC00-E446-C2286AF80471}" = CCC Help Czech
"{5FC116F2-4508-A6FC-15FB-C64F05AB0F26}" = CCC Help Chinese Traditional
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{685ACA56-004C-4F80-2BC0-951BF278C03F}" = CCC Help Chinese Standard
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6C94A234-CA2C-4D3C-81E6-6AAA8069825D}" = Garmin WebUpdater
"{6D1AFFC2-AC60-BC3B-2DC9-0D80A1E9CB16}" = CCC Help Thai
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{79CFDE3C-4602-85B2-ACF6-83D897B8B33A}" = CCC Help Korean
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1" = Hex-Editor MX
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{88B746D6-1956-4D98-BE82-46E45AAA5BC2}" = Garmin Training Center
"{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2
"{8972B1C8-B899-0AA0-8596-BFC9AE3311F1}" = CCC Help Finnish
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISER_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISER_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISER_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISER_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISER_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92BE4E1B-AEFD-DA72-B805-948290A4BB13}" = CCC Help Hungarian
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0081-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9526B61A-1C35-96D1-531B-C8DB1D36C336}" = CCC Help Danish
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A295F81-04C8-FB18-2D1C-A33AA8A442CA}" = CCC Help French
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{A9DCBD16-308D-454E-A563-191673A51D52}" = MAGIX Speed burnR (MSI)
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AEDB01F3-380C-4BF8-BC8A-AB04AB9EB7D9}" = MAGIX Screenshare
"{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}" = Garmin MapSource
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C8C8EF-77E0-1C0D-1CFA-A39E2E898311}" = CCC Help Italian
"{B5AD9952-F716-9862-7ED7-734E0328CF7C}" = Catalyst Control Center
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{C0E69600-E8D1-784D-829C-788D91D65051}" = CCC Help Polish
"{C28DD992-5B7B-D195-6841-4EC57DF512BD}" = Adobe Story
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C37B1C57-DD9B-D1E0-B933-8EA8D56E2222}" = CCC Help Norwegian
"{C496ED25-F3EC-0CBC-37DB-B31C6E6592C9}" = Application Profiles
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{CA3A3F20-566B-ABB1-A541-3D93C0D09EE5}" = CCC Help Japanese
"{CB04D8E1-7B9C-4F35-B2E2-E87CBE520805}" = Adobe After Effects CS5.5
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4C4485B-16EB-31A8-C2DE-D778E8E4628B}" = Catalyst Control Center Localization All
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DCA0A35D-30F1-4ED0-971F-5FFD2F60BB08}" = bcTester 4.8 (de)
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}" = Command & Conquer 3
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0C6F271-FE15-B2D5-FF42-BCA40700DC51}" = CCC Help English
"{E12C6653-1FF0-4686-ADB8-589C13AE761F}" = Citavi
"{E1845F1C-068C-F8F4-D31D-D3540D47C453}" = Adobe Download Assistant
"{E1D0A4DC-97BD-CE37-3E89-87D3337E55CA}" = CCC Help Dutch
"{E3723A04-A894-4036-A78E-282E18F43C0A}_is1" = Tinypic 3.18
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E6F019F1-DFB6-4853-A87D-6E31624755A9}" = Seagate Manager Installer
"{E6FA341F-8840-6B18-5BCE-C7CCEBDFE516}" = Catalyst Control Center Graphics Previews Common
"{E6FCE5FA-B7B7-4B7E-B4FB-A8929BC3FB0F}" = Print Server
"{ED15763E-A6ED-56D2-B0B5-C7D22D4CE248}" = CCC Help Portuguese
"{EF36A836-BF89-4A4F-B079-057B0C68C1E0}" = Sid Meier's Civilization IV Colonization
"{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FB0F05FB-CA0A-4F62-9481-3CCA26A96294}" = Samplitude Music Studio 17
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3
"Avira AntiVir Desktop" = Avira Free Antivirus
"Betfair Poker_is1" = Betfair Poker 1.0.0
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Story
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"EADM" = EA Download Manager
"ElsterFormular 12.4.0.7094p" = ElsterFormular
"ElsterFormular 2007 - 2008 NE 2007-2008" = ElsterFormular 2007 - 2008 NE
"ENTERPRISER" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"FileZilla Client" = FileZilla Client 3.5.1
"Free Studio_is1" = Free Studio version 5.1.5
"FUSSBALL MANAGER 10" = FUSSBALL MANAGER 10
"GSAK_is1" = GSAK 8.1.0.10 (Final)
"InstallShield_{E6F019F1-DFB6-4853-A87D-6E31624755A9}" = Seagate Manager Installer
"MAGIX_MSI_ms17dlx" = Samplitude Music Studio 17
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Personal Backup 5_is1" = Personal Backup 5.3
"PokerStars" = PokerStars
"Steam App 10" = Counter-Strike
"Steam App 220" = Half-Life 2
"Steam App 240" = Counter-Strike: Source
"Steam App 260" = Counter-Strike: Source Beta
"Tunatic" = Tunatic
"VLC media player" = VLC media player 1.1.11
"WinLiveSuite" = Windows Live Essentials
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"xampp" = XAMPP 1.7.4
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-2514236319-2276680423-263640637-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Betfair Casino" = Betfair Casino
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 17.07.2012 19:25:04 | Computer Name = Pac-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: FlashPlayerPlugin_11_3_300_257.exe,
 Version: 11.3.300.257, Zeitstempel: 0x4fc82063  Name des fehlerhaften Moduls: unknown,
 Version: 0.0.0.0, Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 
0xba1f0e00  ID des fehlerhaften Prozesses: 0x8a8  Startzeit der fehlerhaften Anwendung:
 0x01cd643e79077853  Pfad der fehlerhaften Anwendung: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_257.exe
Pfad
 des fehlerhaften Moduls: unknown  Berichtskennung: a2c85409-d066-11e1-b91a-002215f280a8
 
Error - 18.07.2012 13:37:03 | Computer Name = Pac-PC | Source = SideBySide | ID = 16842827
Description = Fehler beim Generieren des Aktivierungskontextes für "E:\Tools\Skype\Toolbars\Internet
 Explorer\SkypeIEPluginBroker.exe". Fehler in Manifest- oder Richtliniendatei "E:\Tools\Skype\Toolbars\Internet
 Explorer\SkypeIEPluginBroker.exe" in Zeile 2.  Mehrere requestedPrivileges-Elemente
 sind nicht im Manifest zulässig.
 
Error - 19.07.2012 05:48:02 | Computer Name = Pac-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: FlashPlayerPlugin_11_3_300_257.exe,
 Version: 11.3.300.257, Zeitstempel: 0x4fc82063  Name des fehlerhaften Moduls: unknown,
 Version: 0.0.0.0, Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 
0x00000000  ID des fehlerhaften Prozesses: 0x9d8  Startzeit der fehlerhaften Anwendung:
 0x01cd658c6eaa5c57  Pfad der fehlerhaften Anwendung: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_257.exe
Pfad
 des fehlerhaften Moduls: unknown  Berichtskennung: d40da06e-d186-11e1-a19f-002215f280a8
 
Error - 19.07.2012 13:38:31 | Computer Name = Pac-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: FlashPlayerPlugin_11_3_300_257.exe,
 Version: 11.3.300.257, Zeitstempel: 0x4fc82063  Name des fehlerhaften Moduls: NPSWF32_11_3_300_257.dll,
 Version: 11.3.300.257, Zeitstempel: 0x4fc821fc  Ausnahmecode: 0xc0000005  Fehleroffset:
 0x000ccb60  ID des fehlerhaften Prozesses: 0xd98  Startzeit der fehlerhaften Anwendung:
 0x01cd65b5095eb482  Pfad der fehlerhaften Anwendung: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_257.exe
Pfad
 des fehlerhaften Moduls: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll
Berichtskennung:
 8e28b457-d1c8-11e1-b67b-002215f280a8
 
Error - 20.07.2012 14:28:16 | Computer Name = Pac-PC | Source = SideBySide | ID = 16842827
Description = Fehler beim Generieren des Aktivierungskontextes für "E:\Tools\Skype\Toolbars\Internet
 Explorer\SkypeIEPluginBroker.exe". Fehler in Manifest- oder Richtliniendatei "E:\Tools\Skype\Toolbars\Internet
 Explorer\SkypeIEPluginBroker.exe" in Zeile 2.  Mehrere requestedPrivileges-Elemente
 sind nicht im Manifest zulässig.
 
Error - 22.07.2012 08:10:56 | Computer Name = Pac-PC | Source = SideBySide | ID = 16842827
Description = Fehler beim Generieren des Aktivierungskontextes für "E:\Tools\Skype\Toolbars\Internet
 Explorer\SkypeIEPluginBroker.exe". Fehler in Manifest- oder Richtliniendatei "E:\Tools\Skype\Toolbars\Internet
 Explorer\SkypeIEPluginBroker.exe" in Zeile 2.  Mehrere requestedPrivileges-Elemente
 sind nicht im Manifest zulässig.
 
Error - 23.07.2012 17:45:30 | Computer Name = Pac-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: FlashPlayerPlugin_11_3_300_257.exe,
 Version: 11.3.300.257, Zeitstempel: 0x4fc82063  Name des fehlerhaften Moduls: ole32.dll,
 Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b96f  Ausnahmecode: 0xc0000005  Fehleroffset:
 0x000c8f4d  ID des fehlerhaften Prozesses: 0xad8  Startzeit der fehlerhaften Anwendung:
 0x01cd6913aa653761  Pfad der fehlerhaften Anwendung: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_257.exe
Pfad
 des fehlerhaften Moduls: C:\Windows\syswow64\ole32.dll  Berichtskennung: b8476bb0-d50f-11e1-8547-002215f280a8
 
Error - 25.07.2012 11:28:30 | Computer Name = Pac-PC | Source = SideBySide | ID = 16842827
Description = Fehler beim Generieren des Aktivierungskontextes für "E:\Tools\Skype\Toolbars\Internet
 Explorer\SkypeIEPluginBroker.exe". Fehler in Manifest- oder Richtliniendatei "E:\Tools\Skype\Toolbars\Internet
 Explorer\SkypeIEPluginBroker.exe" in Zeile 2.  Mehrere requestedPrivileges-Elemente
 sind nicht im Manifest zulässig.
 
Error - 26.07.2012 17:51:14 | Computer Name = Pac-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Pac\Desktop\esetsmartinstaller_enu.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 26.07.2012 17:51:16 | Computer Name = Pac-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Pac\Desktop\esetsmartinstaller_enu.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
[ Media Center Events ]
Error - 20.09.2011 14:26:00 | Computer Name = Pac-PC | Source = MCUpdate | ID = 0
Description = 20:26:00 - Fehler beim Herstellen der Internetverbindung.  20:26:00 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 20.09.2011 14:26:34 | Computer Name = Pac-PC | Source = MCUpdate | ID = 0
Description = 20:26:29 - Fehler beim Herstellen der Internetverbindung.  20:26:29 
-     Serververbindung konnte nicht hergestellt werden..  
 
[ OSession Events ]
Error - 09.03.2012 13:29:26 | Computer Name = Pac-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 9
 seconds with 0 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 26.07.2012 14:24:43 | Computer Name = Pac-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 26.07.2012 14:24:43 | Computer Name = Pac-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 26.07.2012 14:24:43 | Computer Name = Pac-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 26.07.2012 14:29:43 | Computer Name = Pac-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 26.07.2012 14:29:43 | Computer Name = Pac-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 26.07.2012 14:29:43 | Computer Name = Pac-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 26.07.2012 17:31:47 | Computer Name = Pac-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 26.07.2012 17:31:47 | Computer Name = Pac-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Windows Installer erreicht.
 
Error - 26.07.2012 17:31:47 | Computer Name = Pac-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Installer" wurde aufgrund folgenden Fehlers nicht
 gestartet:   %%1053
 
Error - 26.07.2012 18:44:18 | Computer Name = Pac-PC | Source = bowser | ID = 8003
Description = 
 
 
< End of report >
         
Ich hoffe, dass ich aufmerksam mitgelesen habe und dies schonmal die ersten richtigen Schritte sind. Ab hier bin ich dann allerdings auch auf Mithilfe angewiesen und sag im voraus schon mal ein großes

Einen schönen sonnigen Tag und beste Grüße
Pac

 

Themen zu Live Security Platinum Befall
7-zip, adobe after effects, antivir, autorun, avg, avira, bho, bonjour, desktop, downloader, error, firefox, flash player, format, google earth, helper, install.exe, langs, mozilla, msimg32.dll, newheur_pe virus, object, office 2007, pdfforge toolbar, plug-in, realtek, registry, richtlinie, rundll, searchscopes, security, senden, software, svchost.exe, trojan.delf, udp, virus




Ähnliche Themen: Live Security Platinum Befall


  1. troj zero acces in: Live Security Platinum und Microsoft\Security Center|
    Log-Analyse und Auswertung - 10.12.2012 (7)
  2. Live Security Platinum
    Log-Analyse und Auswertung - 28.09.2012 (8)
  3. Live Security Platinum 3.6.1
    Plagegeister aller Art und deren Bekämpfung - 21.09.2012 (3)
  4. Live Security Platinum
    Log-Analyse und Auswertung - 12.09.2012 (2)
  5. Live Security Platinum 3.6.1
    Plagegeister aller Art und deren Bekämpfung - 05.09.2012 (19)
  6. Live Security Platinum
    Plagegeister aller Art und deren Bekämpfung - 04.09.2012 (3)
  7. Check nach "Live Security Platinum"-Befall
    Log-Analyse und Auswertung - 14.08.2012 (1)
  8. live security platinum
    Plagegeister aller Art und deren Bekämpfung - 11.08.2012 (23)
  9. Live Security Platinum - Befall
    Log-Analyse und Auswertung - 08.08.2012 (29)
  10. Live Security Platinum
    Log-Analyse und Auswertung - 04.08.2012 (5)
  11. Live Security Platinum
    Plagegeister aller Art und deren Bekämpfung - 03.08.2012 (1)
  12. Live Security Platinum
    Log-Analyse und Auswertung - 27.07.2012 (5)
  13. Nach Befall von Live Security Platinum unter Vista
    Log-Analyse und Auswertung - 26.07.2012 (1)
  14. Live Security Platinum - Befall
    Plagegeister aller Art und deren Bekämpfung - 19.07.2012 (3)
  15. Live Security Platinum Befall?
    Log-Analyse und Auswertung - 18.07.2012 (3)
  16. Logfiles von Live Security Platinum Trojaner mit Rootkit.0Access Befall
    Log-Analyse und Auswertung - 17.07.2012 (5)
  17. live security platinum
    Plagegeister aller Art und deren Bekämpfung - 11.07.2012 (1)

Zum Thema Live Security Platinum Befall - Hallo liebe Forengemeinde, auch bei mir hat sich das hölzerne Pferd "Live Security Platinum" eingeschlichen und mir erstmal einen gehörigen Schreck eingejagt! Die üblichen Probleme und wenig Brauchbares im Netz - Live Security Platinum Befall...
Archiv
Du betrachtest: Live Security Platinum Befall auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.