Nachdem ich vor einiger Zeit auf unbekannten Internetseiten mit Firefox unterwegs war (kann schon ein Monat her sein, hab mich seit dem noch nicht weiter drum gekümmert), ist mein Laptop plötzlich total langsam geworden. Habs dann erst mal mit einem Neustart durch gedrückt-halten der POWER-taste versucht, danach konnte ich ihn ein paar mal nicht hochfahren, weil er bei dem "Willkommen"-Bildschirm hängen geblieben ist. Beim dritten mal hats dann seitdem geklappt, allerdings ist er immer noch total langsam geblieben... (Braucht Minuten um kleinste Programme zu öffnen, hängt dir Programme oft auf, wenn man auf eine Schaltfläche drückt etc.)
WLAN funktioniert meistens.
Habe dann die Virussoftware von Windows heruntergeladen (ka wie ich das noch geschafft habe - ne menge Geduld )
Hatte vorher die kostenlose Version von AVG.
AVG kann ich weder deinstallieren noch aktualisieren (ist noch die 2012er Version..)

Hilfe?

DANKE,
VHSK

Ich habe dein Thema in Arbeit und melde mich so schnell als möglich mit weiteren Anweisungen.

Bitte beachte, dass alle meine Antworten zuerst von einem Ausbilder freigegeben werden müssen, bevor ich diese hier posten darf. Dies garantiert, dass Du Hilfe von einem ausgebildeten Helfer bekommst.

Ich bedanke mich für deine Geduld

Ich werde dir bei deinem Problem helfen. Eine Bereinigung ist mitunter mit viel Arbeit für Dich (und mich) verbunden. Bevor es los geht, habe ich etwas Lesestoff für dich.

Zitat:

Lesestoff:
Regeln für die Bereinigung
Damit die Bereinigung funktioniert bitte ich dich, die folgenden Punkte aufmerksam zu lesen:

• Bitte arbeite alle Schritte der Reihe nach ab. Gib mir bitte zu jedem Schritt Rückmeldung (Logfile oder Antwort).
• Nur Scanns durchführen zu denen Du von einem Helfer aufgefordert wirst.
• Bitte kein Crossposting (posten in mehreren Foren).
• Installiere oder Deinstalliere während der Bereinigung keine Software, ausser Du wurdest dazu aufgefordert.
• Lese Dir die Anleitung zuerst vollständig durch. Sollte etwas unklar sein, frage bevor Du beginnst.
• Poste die Logfiles direkt in deinen Thread (möglichst in Code-Tags). Nicht anhängen ausser ich fordere Dich dazu auf. Erschwert mir nämlich das auswerten.
• Mache deinen Namen nur dann unkenntlich, wenn es unbedingt sein muss.
• Sollte ich nicht nach 3 Tagen geantwortet haben, dann (und nur dann) schicke mir bitte eine PM.
• Eine Bitte: Mache bitte solange mit, bis ich oder ein anderer Helfer dir mitteilt, dass du "sauber" bist. Das gebietet alleine schon die Höflichkeit und ein Verschwinden der Symptome bedeutet nicht, dass die Schädlinge auch wirklich alle entfernt wurden.
• Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der Schnellere und immer der sicherste Weg.

Wenn du das alles gelesen und verstanden hast, kannst du loslegen!

Schritt 1:
Laufwerksemulationen abschalten mit Defogger

Downloade Dir bitte defogger von jpshortstuff auf Deinem Desktop und starte es:

• Klicke nun auf den Disable Button, um die Treiber gewisser Emulatoren zu deaktivieren.
• Defogger wird dich fragen "Defogger will forcefully ... Continue?" bestätige dies mit Ja.
• Wenn der Scan beendet wurde (Finished), klicke auf OK.
• Defogger fordert gegebenfalls zum Neustart auf. Bestätige dies mit OK.

Poste bitte die defogger_disable.txt von deinem Desktop.
Klicke den Re-enable Button nicht ohne Anweisung.

Schritt 2:
Customscan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

• Starte bitte die OTL.exe.
• Stelle sicher, dass "Alle Benuzter Scannen" angehakt ist!
• Kopiere nun den Inhalt aus der Codebox in die Textbox.

Code: Alles auswählenAufklappen

ATTFilter

activex
netsvcs
msconfig
drivers32
safebootminimal
safebootnetwork
%SYSTEMDRIVE%\*.
%SYSTEMDRIVE%\*.*
%PROGRAMFILES%\*.exe
%PROGRAMFILES(X86)%\*.exe
%systemroot%\*. /mp /s
%windir%\installer\*. /10
%appdata%\*. 
%appdata%\*.* 
%appdata%\*.exe /s
%localappdata%\*. 
%localappdata%\*.*
%localappdata%\*.exe /s
%allusersprofile%\*. 
%allusersprofile%\*.*
%allusersprofile%\*.exe /s
CREATERESTOREPOINT
         

• Schliesse bitte nun alle Programme. (Wichtig)
• Klicke nun bitte auf den Quick Scan Button.
• Kopiere nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread (möglichst in CODE-Tags)

Schritt 3:
Scan mit dem TDSS-Killer

Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen.

Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop

• Starte die TDSSKiller.exe
• Klicke auf Change parameters, setze einen Haken bei Detect TDLFS file system und bestätige mit OK.
• Drücke Start Scan
• Warnung:
  Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und speichere das Logfile.
  TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern ( Meistens C:\ )
  Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt

Poste den Inhalt bitte hier in deinen Thread.

Vielen Dank schonmal für die Hilfe, das ist echt ein toller Service! Bevor ich jedoch unnötigen Aufwand verursache: Was passiert bei der Formatierung mit meinen a) Daten b) istallierten Programmen c) Einstellungen bzw. welche Möglichkeiten gibt es, sie wieder herzustellen? (Wo liegt der unterschied zur Systemwiederherstellung?)

Die beschriebene Anleitung gestaltet sich nämlich schon jetzt sehr schwierig, da ich nicht einmal einen Browser geöffnet bekomme...

Tag.

Formatierung ... ganz einfach - ALLES futsch.
Systemwiederherstellung setzt dich auf einen alten Zustand zurück, allerdings nur, wenn auch ein Wiederherstellungpunkt da ist. Das macht auch nur Sinn, wenn dieser frühere Zeitpunkt schädlingsfrei ist.

Wenn du Neuaufsetzen willst, dann sollltest du vorher alle Daten sichern. Danach kannst du deine Programme alle wieder installieren und deine Einstellungen vornehmen.

Wir haben aber gute Chancen, deinen Rechner auch ohne das sauber zu bekommen. Es liegt an dir

Nun gut, dann versuch ich das wohl mal

Mit ewiger Geduld: Die Datei des ersten Schrittes...

Hier ein paar Tipps zwischendurch, die dir vielleicht helfen:

• Wenn es zeitlich am Herunterladen deiner Daten liegt, dann lade dir die Tools in der Nachbarschaft auf einen USB-Stick.
• Ich habe es oft erlebt, dass so ein Laptop auch einfach nur gestreikt hat, weil er einfach verdreckt war. Staubsauger nehmen, auf geringste Stufe schalten und mal die Lüftungsschlitze vorsichtig ansaugen. Gelegentlich hilft das.

Zitat:

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

• Markiere das gesamte Logfile und kopiere es in die Zwischenablage mit STRG+C.
• Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
• Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
• Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Hmm, hört sich komisch an (mit dem verdrecken) aber ich probiers mal... Lohnt sich ein oberflächliches auseinanderschrauben?

War das log-file aus Schritt 1 denn jetzt in Ordnung oder soll ich es nochmal als Code-Tag posten? (Außerdem hat es mich gewundert, dass der scan als log-file ausgespuckt wurde und nicht wie oben beschrieben als txt.. und nach einem Neustart wurde ich ebenfalls nicht gefragt)

Beim Quick-Scan des zweiten Schrittes trat nun zum zweiten mal das Problem auf, dass sich das Programm (nach längerer Wartezeit; bin zwischendurch weggegangen) aufgehängt hat. In der Statusleiste stand dann glaube ich immer, dass es nach der OTL-Datei sucht..

LG

OK,Schritt 2 hat nun auch funktioniert (zwischendurch hat sich nur leider AVG kurz geöffnet, falls das ein Problem ist).

Code: Alles auswählenAufklappen

ATTFilter

OTL Extras logfile created on: 11/3/2012 8:48:42 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Vincent\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.80 Gb Total Physical Memory | 2.43 Gb Available Physical Memory | 63.87% Memory free
7.60 Gb Paging File | 6.04 Gb Available in Paging File | 79.43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 296.09 Gb Total Space | 223.05 Gb Free Space | 75.33% Space Free | Partition Type: NTFS
 
Computer Name: LIFEBOOK-A530 | User Name: Vincent | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06517A4C-6C62-401A-8E91-D41A09061C6F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{0D4D04C0-CA38-490E-90F6-32FBA94A1686}" = rport=445 | protocol=6 | dir=out | app=system | 
"{189D8DB0-7017-48F0-828B-06E4AEF97ACC}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{1A6DA632-8932-4D8E-821D-B4D1D0EB9B30}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{2132BBD5-4FA7-42DE-BF76-E44921B89E4D}" = lport=137 | protocol=17 | dir=in | app=system | 
"{27E3F124-2E6B-43EA-9F07-74B0C6E348B6}" = lport=139 | protocol=6 | dir=in | app=system | 
"{40F719D8-2B6F-4BB2-B0C4-08337FF9C32E}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | 
"{4433C892-845A-49DA-A4DF-FD0322FEAEC8}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{5DA860F1-C8EE-47AD-A6C3-911BEBEF3C4F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{611A57EC-60D8-4D91-926B-C6595C84A21F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{6698C6A4-F783-4EB3-B106-7D9E79112799}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{7439BCE0-9A22-4CB7-BBA2-851354B7EC62}" = rport=2869 | protocol=6 | dir=out | app=system | 
"{874C2793-B1C9-47B3-BF3C-5B41C02251D7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{8980F0A2-DBBA-4D81-9C72-9FD722019A6D}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{9F9CEE7C-26A8-4BA0-95CF-B26724FA62B4}" = rport=137 | protocol=17 | dir=out | app=system | 
"{A295289A-E42B-4C33-B829-9961676B8BF0}" = rport=139 | protocol=6 | dir=out | app=system | 
"{A81510E5-5DD8-40B1-9BAE-F4D7CF24EAF2}" = rport=138 | protocol=17 | dir=out | app=system | 
"{C3C1F8C7-38F2-419A-8E37-2D59974BA88F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{C78DC077-C570-45EC-8146-C4684D13D2C8}" = lport=445 | protocol=6 | dir=in | app=system | 
"{CA21798B-A6AF-4730-B5F1-8D4358946E63}" = lport=138 | protocol=17 | dir=in | app=system | 
"{DA5B0E84-A825-4EB9-9E13-DB7FE1F59065}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{EABC39CB-4550-41E8-A471-C5DFBCCD9C31}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{EDC4FD74-D797-49B5-A34B-692B957DB9D7}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03C1C032-0883-446A-8BCF-DF462821DC55}" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\tvtvsetup\tvtv_wizard.exe | 
"{0AD0DCDB-819A-4947-8262-64EF4F99846D}" = protocol=6 | dir=in | app=c:\users\vincent\desktop\sweetimsetup.exe | 
"{0B5802DD-886F-45E7-A341-BCFF65F6441D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{1093DFD5-CC11-47D4-8CAD-5CDBEF232F34}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{13215DB6-A62F-4B08-8931-6FF5B2BB68A6}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{159ABDEF-7F19-44DD-8A33-9E292C437AC1}" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\cinergydvr.exe | 
"{2026BF00-D9A4-402C-938D-D4BFB905E9AE}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{20D62634-1E32-4E0A-BF4C-1E5FF5ED234D}" = protocol=17 | dir=in | app=%systemroot%\ehome\ehrecvr.exe | 
"{27260019-4DD6-47AE-ABEE-99BFEE347202}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{35976CAF-E766-43A6-8395-9FD8A9D9E0DF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{36338240-1977-4088-B359-0F67656D1B0F}" = protocol=6 | dir=in | app=c:\users\vincent\appdata\local\temp\{647c2ccb-a717-4603-947e-039f2a08da37}\{63b9bab5-f36a-4a3b-9e5c-68a7f212bfb9}\insttool.exe | 
"{3664ACE6-E3FA-4DC3-9C07-30892047C849}" = protocol=6 | dir=in | app=c:\users\vincent\appdata\local\temp\{d1158f1a-5eb4-4501-89a6-438fb21a8372}\{63b9bab5-f36a-4a3b-9e5c-68a7f212bfb9}\insttool.exe | 
"{3C75CD9B-81A5-42C7-8530-6C7BDD40C89D}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe | 
"{3CF68B69-038F-481D-97D7-FEFC2FD12128}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe | 
"{46646A5B-D64E-4A76-9827-4C7D64531597}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{497F90FA-611D-4026-9AA8-E0C9EEF31A84}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{49CC37CD-3C21-4A54-A5FA-0CE27C40483D}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe | 
"{52D66D02-F132-4A57-ACC9-4FF2A650FBAA}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{5765022D-2F79-4A84-B8D6-8F596988475D}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe | 
"{57A47E5E-09FF-4929-A9A3-ECA7B3584D71}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{57D089F5-3FC8-4A10-9020-D3A91D09D9F0}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{59F45786-0DEA-4AE5-AD45-F2B84050AB75}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe | 
"{622D4B97-D6CD-482B-A2C1-AFD0F64A7D22}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{69C1A01D-3523-4C35-8D2C-431957FF2CE4}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{6ED1C449-E0F2-4DD4-B0E3-A257549483AF}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe | 
"{7176E071-36B3-47C9-9945-8307B085985E}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe | 
"{73B42F76-F65E-4472-A072-8A54223CC8F5}" = protocol=17 | dir=in | app=c:\users\vincent\appdata\local\temp\{647c2ccb-a717-4603-947e-039f2a08da37}\{63b9bab5-f36a-4a3b-9e5c-68a7f212bfb9}\insttool.exe | 
"{7A19A85D-8BBA-4861-97F3-617AA6100071}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe | 
"{7A393B44-49A2-4876-ADD9-E8A3C9CB02F9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{82E08060-38E9-4053-BF81-F660A2872D2E}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe | 
"{89F245F0-1458-42B7-98C7-D977D96CF217}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe | 
"{8A659294-1FBB-4C69-97C3-80A912101611}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe | 
"{8AA5E584-1D4B-4E0C-B79D-18F07618A9A3}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{93F1003D-20A4-4FBD-B2C3-E667DE002A4B}" = protocol=17 | dir=in | app=c:\users\vincent\appdata\local\temp\{d1158f1a-5eb4-4501-89a6-438fb21a8372}\{63b9bab5-f36a-4a3b-9e5c-68a7f212bfb9}\insttool.exe | 
"{9B53B5C5-5AA8-4423-A15E-FB8C36236F41}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{9F42DAC9-660E-4563-866C-0370D542CC18}" = protocol=17 | dir=in | app=c:\users\vincent\desktop\sweetimsetup.exe | 
"{A3D41685-6C58-4B81-AD45-2CD4CFF59C90}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{A61DA92F-7831-4C50-8034-58CBB3A80C12}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe | 
"{A6850111-69D5-4520-92CA-389305178939}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe | 
"{A9891DC5-F5F6-43EF-9B27-3517B586E14B}" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\tvtvsetup\tvtv_wizard.exe | 
"{AD235DBC-005A-492E-BEEF-E1E93E0A1825}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe | 
"{AF81C081-5377-4412-9512-06EDB30FEFB8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{B177303D-FBB6-4F93-BB13-D186F19A77EE}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{B4322779-792A-4F88-AC80-71E399150963}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{B6FA54D5-8687-44DE-BEEC-5F1517C48961}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe | 
"{B7401956-407C-45AC-8C65-B35F81B13860}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{C5509975-6EFF-4191-854E-45B9589DD647}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe | 
"{C90FD16F-3F11-4C19-80C1-6448E520E3F0}" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\cinergydvr.exe | 
"{CEBE9BA4-CA4E-4C78-9EE8-8E3A9DFD6EC4}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe | 
"{D7648C10-E760-4C08-B372-996F65B7D1F0}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 | 
"{EFC094D4-E472-44A0-ACA3-614D15B99A6E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{FAABA204-DAB7-45D1-96DA-F482DE35F973}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe | 
"{FDAD937D-9C91-4C70-944A-4FB24FCB7D78}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{FDD1009F-1850-43BF-922A-BB8CE182A292}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"TCP Query User{13B5036F-F339-42A0-A6EE-4C986598335A}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\myphoneexplorer\myphoneexplorer.exe | 
"TCP Query User{26F06863-0D0D-455A-85D7-F32B4759C23E}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
"TCP Query User{280F676B-F521-4BF6-ACD3-DF2E2DBB8A76}C:\program files (x86)\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tmnationsforever\tmforever.exe | 
"TCP Query User{45C08922-DA64-414F-A827-50A42D9D9B5E}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"TCP Query User{54505BE6-0981-41DA-9D07-FD75AA6CDC85}C:\program files (x86)\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tmnationsforever\tmforever.exe | 
"TCP Query User{773E7A3D-6CFB-469F-97A7-B733EC864A5B}C:\program files (x86)\terratec\terratec home cinema\cinergydvr.exe" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\cinergydvr.exe | 
"TCP Query User{A579DA36-5929-4E81-A5C5-0AAB898A1AD0}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"TCP Query User{AC9EB357-C78C-47A5-8645-16AE16CDC51D}C:\program files (x86)\remote pc server 1.0.3\remote pc server.exe" = protocol=6 | dir=in | app=c:\program files (x86)\remote pc server 1.0.3\remote pc server.exe | 
"TCP Query User{D49802FF-FE1E-432B-B951-0BA81A47C257}C:\users\vincent\desktop\teeworlds-b122-r50edfd37-win32\teeworlds_srv.exe" = protocol=6 | dir=in | app=c:\users\vincent\desktop\teeworlds-b122-r50edfd37-win32\teeworlds_srv.exe | 
"TCP Query User{ED168340-BD23-47B1-BE6F-A30E263ED341}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\myphoneexplorer\myphoneexplorer.exe | 
"UDP Query User{0162079E-1312-47B3-BB03-C6F8265E21E7}C:\program files (x86)\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tmnationsforever\tmforever.exe | 
"UDP Query User{25041549-4572-496B-9D19-91E6A7657ABB}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
"UDP Query User{5B781ED9-127D-4D52-9666-E59A1FF480DE}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\myphoneexplorer\myphoneexplorer.exe | 
"UDP Query User{6652DC9F-93CA-45B9-AE98-6249763374C5}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{67EE5049-946F-49AD-9637-4310DA1C49A7}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{74677C3C-0E30-48A6-9BD4-8B6CE8D47555}C:\program files (x86)\terratec\terratec home cinema\cinergydvr.exe" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\cinergydvr.exe | 
"UDP Query User{7D32C4C9-1F24-421E-8624-9D2AEB7E2EA5}C:\program files (x86)\remote pc server 1.0.3\remote pc server.exe" = protocol=17 | dir=in | app=c:\program files (x86)\remote pc server 1.0.3\remote pc server.exe | 
"UDP Query User{D4A3252C-A317-40B2-97D0-9501B2741358}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\myphoneexplorer\myphoneexplorer.exe | 
"UDP Query User{E17C3877-9178-494F-87CC-2AA065AAC87E}C:\users\vincent\desktop\teeworlds-b122-r50edfd37-win32\teeworlds_srv.exe" = protocol=17 | dir=in | app=c:\users\vincent\desktop\teeworlds-b122-r50edfd37-win32\teeworlds_srv.exe | 
"UDP Query User{E281E767-EC38-4D82-AE29-E130A0F4929D}C:\program files (x86)\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tmnationsforever\tmforever.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416030FF}" = Java(TM) 6 Update 30 (64-bit)
"{344C0D46-2EF4-4BC8-AE03-3DACDA9B9485}" = AVG 2012
"{4108974B-DE87-4AD4-9167-930C62C45691}" = Fujitsu Display Manager
"{41B19F41-8A6F-4422-AD69-CF3B408F382C}" = AVG 2012
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6226477E-444F-4DFE-BA19-9F4F7D4565BC}" = LifeBook Application Panel
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7254349B-460B-488F-B4DB-A96100C5C48B}" = Power Saving Utility
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{7BA64D21-EE46-4a9a-8145-52B0175C3F86}" = Plugfree NETWORK
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2F4C332-2359-4ADE-AF0C-C631768BBB89}" = Bluetooth Feature Pack 5.0
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B7C6A943-83E0-4E7F-A79A-C5CBAA60B0F5}" = Plugfree NETWORK
"{BF46C84D-1AC3-4CC3-A45C-EF6257B80984}" = AVG 2012
"{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}" = Microsoft Security Client
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
"{EC314CDF-3521-482B-A21C-65AC95664814}" = Fujitsu MobilityCenter Extension Utility
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"AVG" = AVG 2012
"GIMP-2_is1" = GIMP 2.8.2
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"PanoramaStudio2SE" = PanoramaStudio 2.3 SE ((deinstallieren))
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}" = Windows Media Center Add-in for Silverlight
"{147DFAD8-34C3-4DE1-9FCA-ACEFDE9EF810}" = Synaptics Gesture Suite featuring SYNAPTICS | Scrybe
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 35
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}" = TerraTec Home Cinema
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7FA1DAFD-AF55-E915-FD92-F269443A2ADF}" = Media Go Video Playback Engine 1.88.114.12060
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 3.5.3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{8ABEEC21-B23C-4610-B57A-BE94345D4096}" = Audials
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet-TV für Windows Media Center
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{BA0CC975-682B-4678-A35C-05E607F36387}" = Fujitsu Hotkey Utility
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C656142F-EFE1-44CD-BFAD-6CBC6DCB9860}" = Vodafone Mobile Connect Lite
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DBF1AE39-DA30-4B89-A7EB-3BDA675C5D9E}" = Media Go
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F9000000-0015-0000-0000-074957833700}" = ABBYY Screenshot Reader
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Ashampoo Photo Commander 9_is1" = Ashampoo Photo Commander 9 v.9.4.3
"DeskUpdate_is1" = DeskUpdate 4.13
"EyeTV DTT Deluxe (2009) v2.00.02.8754" = EyeTV DTT Deluxe (2009) v2.00.02.8754
"EyeTV Netstream Service" = EyeTV Netstream for Windows Media Center
"Graph_is1" = Graph 4.3
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{4108974B-DE87-4AD4-9167-930C62C45691}" = Fujitsu Display Manager
"InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC}" = LifeBook Application Panel
"InstallShield_{7254349B-460B-488F-B4DB-A96100C5C48B}" = Power Saving Utility
"InstallShield_{BA0CC975-682B-4678-A35C-05E607F36387}" = Fujitsu Hotkey Utility
"InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
"InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}" = Fujitsu MobilityCenter Extension Utility
"Lion_is1" = Lion 3.1.0
"Mozilla Firefox 15.0 (x86 de)" = Mozilla Firefox 15.0 (x86 de)
"Mozilla Thunderbird 15.0.1 (x86 de)" = Mozilla Thunderbird 15.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MPE" = MyPhoneExplorer
"Opera 11.62.1347" = Opera 11.62
"TmNationsForever_is1" = TmNationsForever
"VLC media player" = VLC media player 2.0.2
"WinLiveSuite" = Windows Live Essentials
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1655660024-2649062184-858687661-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 10/5/2012 2:04:59 PM | Computer Name = Lifebook-A530 | Source = Application Hang | ID = 1002
Description = Programm explorer.exe, Version 6.1.7601.17567 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 17b0    Startzeit: 01cda308dabb3e0d    Endzeit: 16    Anwendungspfad:
 C:\Windows\explorer.exe    Berichts-ID: fa3e62b3-0f16-11e2-8118-e0ca945063e8  
 
Error - 10/5/2012 2:17:09 PM | Computer Name = Lifebook-A530 | Source = WinMgmt | ID = 10
Description = 
 
Error - 10/8/2012 6:38:27 AM | Computer Name = Lifebook-A530 | Source = WinMgmt | ID = 10
Description = 
 
Error - 10/8/2012 9:36:02 AM | Computer Name = Lifebook-A530 | Source = Application Hang | ID = 1002
Description = Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 87c    Startzeit: 01cda4dd16c4f825    Endzeit: 31    Anwendungspfad: 
C:\Windows\Explorer.EXE    Berichts-ID: 5cfcd00f-114b-11e2-be67-e0ca945063e8  
 
Error - 10/8/2012 11:37:16 AM | Computer Name = Lifebook-A530 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: fixcfg.exe, Version: 12.0.0.2111,
 Zeitstempel: 0x4f39b817  Name des fehlerhaften Moduls: avgsysx.dll, Version: 12.0.0.2111,
 Zeitstempel: 0x4f39da45  Ausnahmecode: 0xc0000006  Fehleroffset: 0x00022474  ID des fehlerhaften
 Prozesses: 0xed8  Startzeit der fehlerhaften Anwendung: 0x01cda556c25fed63  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\AVG\AVG2012\fixcfg.exe  Pfad des fehlerhaften
 Moduls: C:\Program Files (x86)\AVG\AVG2012\avgsysx.dll  Berichtskennung: 09923cb0-115e-11e2-be67-e0ca945063e8
 
Error - 10/8/2012 11:37:17 AM | Computer Name = Lifebook-A530 | Source = Application Error | ID = 1005
Description = Aus einem der folgenden Gründe kann nicht auf die Datei "C:\ProgramData\AVG2012\Cfg\update.cfg"
 zugegriffen werden:  Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger
 mit der gespeicherten Datei bzw. den auf dem Computer installierten  Speichertreibern,
 oder der Datenträger fehlt.  Das Programm AVG Configuration Repair Tool wurde wegen
 dieses Fehlers geschlossen.    Programm: AVG Configuration Repair Tool  Datei: C:\ProgramData\AVG2012\Cfg\update.cfg

Der
 Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet.  Benutzeraktion  1. 
Öffnen Sie die Datei erneut.  Diese Situation ist eventuell ein temporäres Problem,
 das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird.  2.  Wenn
 Sie weiterhin nicht auf die Datei zugreifen können und   - diese sich im Netzwerk 
befindet,   dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem
 besteht und dass eine Verbindung mit dem Server hergestellt werden kann.   - diese
 sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet,
 überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist.  3. Überprüfen
 und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu
 im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben
 Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE.
4.
 Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin
 besteht.  5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet
 werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt.
   Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, 
um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt.    Zusätzliche
 Daten  Fehlerwert: C0000185  Datenträgertyp: 3
 
Error - 10/14/2012 5:26:42 AM | Computer Name = Lifebook-A530 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: fixcfg.exe, Version: 12.0.0.2111,
 Zeitstempel: 0x4f39b817  Name des fehlerhaften Moduls: avgsysx.dll, Version: 12.0.0.2111,
 Zeitstempel: 0x4f39da45  Ausnahmecode: 0xc0000006  Fehleroffset: 0x00022474  ID des fehlerhaften
 Prozesses: 0x88c  Startzeit der fehlerhaften Anwendung: 0x01cda5727f1cdc53  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\AVG\AVG2012\fixcfg.exe  Pfad des fehlerhaften
 Moduls: C:\Program Files (x86)\AVG\AVG2012\avgsysx.dll  Berichtskennung: 43507ee0-15e1-11e2-be67-e0ca945063e8
 
Error - 10/14/2012 5:26:42 AM | Computer Name = Lifebook-A530 | Source = Application Error | ID = 1005
Description = Aus einem der folgenden Gründe kann nicht auf die Datei "C:\ProgramData\AVG2012\Cfg\update.cfg"
 zugegriffen werden:  Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger
 mit der gespeicherten Datei bzw. den auf dem Computer installierten  Speichertreibern,
 oder der Datenträger fehlt.  Das Programm AVG Configuration Repair Tool wurde wegen
 dieses Fehlers geschlossen.    Programm: AVG Configuration Repair Tool  Datei: C:\ProgramData\AVG2012\Cfg\update.cfg

Der
 Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet.  Benutzeraktion  1. 
Öffnen Sie die Datei erneut.  Diese Situation ist eventuell ein temporäres Problem,
 das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird.  2.  Wenn
 Sie weiterhin nicht auf die Datei zugreifen können und   - diese sich im Netzwerk 
befindet,   dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem
 besteht und dass eine Verbindung mit dem Server hergestellt werden kann.   - diese
 sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet,
 überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist.  3. Überprüfen
 und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu
 im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben
 Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE.
4.
 Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin
 besteht.  5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet
 werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt.
   Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, 
um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt.    Zusätzliche
 Daten  Fehlerwert: C0000185  Datenträgertyp: 3
 
Error - 10/14/2012 10:28:01 AM | Computer Name = Lifebook-A530 | Source = System Restore | ID = 8193
Description = 
 
Error - 10/14/2012 11:49:15 AM | Computer Name = Lifebook-A530 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567,
 Zeitstempel: 0x4d672ee4  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
 Zeitstempel: 0x4ec4aa8e  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000000000004e4b4
ID
 des fehlerhaften Prozesses: 0x11ac  Startzeit der fehlerhaften Anwendung: 0x01cda9ea752a6f07
Pfad
 der fehlerhaften Anwendung: C:\Windows\explorer.exe  Pfad des fehlerhaften Moduls:
 C:\Windows\SYSTEM32\ntdll.dll  Berichtskennung: b4648361-1616-11e2-be67-e0ca945063e8
 
[ Media Center Events ]
Error - 1/29/2012 11:08:18 AM | Computer Name = Lifebook-A530 | Source = MCUpdate | ID = 0
Description = 16:08:09 - Fehler beim Herstellen der Internetverbindung.  16:08:09 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 1/30/2012 1:55:44 PM | Computer Name = Lifebook-A530 | Source = MCUpdate | ID = 0
Description = 18:55:43 - Directory konnte nicht abgerufen werden (Fehler: Timeout
 für Vorgang überschritten)  
 
Error - 4/4/2012 8:25:19 AM | Computer Name = Lifebook-A530 | Source = MCUpdate | ID = 0
Description = 14:25:17 - Fehler beim Herstellen der Internetverbindung.  14:25:18 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 4/4/2012 9:25:24 AM | Computer Name = Lifebook-A530 | Source = MCUpdate | ID = 0
Description = 15:25:23 - Fehler beim Herstellen der Internetverbindung.  15:25:23 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 4/4/2012 10:25:28 AM | Computer Name = Lifebook-A530 | Source = MCUpdate | ID = 0
Description = 16:25:28 - Fehler beim Herstellen der Internetverbindung.  16:25:28 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 4/4/2012 5:07:40 PM | Computer Name = Lifebook-A530 | Source = MCUpdate | ID = 0
Description = 23:07:40 - Fehler beim Herstellen der Internetverbindung.  23:07:40 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 7/20/2012 12:16:58 AM | Computer Name = Lifebook-A530 | Source = MCUpdate | ID = 0
Description = 06:16:58 - Fehler beim Herstellen der Internetverbindung.  06:16:58 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 7/20/2012 12:17:23 AM | Computer Name = Lifebook-A530 | Source = MCUpdate | ID = 0
Description = 06:17:23 - Fehler beim Herstellen der Internetverbindung.  06:17:23 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 7/20/2012 12:17:31 AM | Computer Name = Lifebook-A530 | Source = MCUpdate | ID = 0
Description = 06:17:28 - Fehler beim Herstellen der Internetverbindung.  06:17:28 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 7/22/2012 8:17:12 PM | Computer Name = Lifebook-A530 | Source = MCUpdate | ID = 0
Description = 02:17:12 - Fehler beim Herstellen der Internetverbindung.  02:17:12 
-     Serververbindung konnte nicht hergestellt werden..  
 
[ System Events ]
Error - 10/22/2012 3:13:10 AM | Computer Name = Lifebook-A530 | Source = DCOM | ID = 10010
Description = 
 
Error - 10/22/2012 3:24:49 AM | Computer Name = Lifebook-A530 | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst avgwd erreicht.
 
Error - 10/22/2012 3:24:50 AM | Computer Name = Lifebook-A530 | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Windows-Fehlerberichterstattungsdienst erreicht.
 
Error - 10/22/2012 3:26:15 AM | Computer Name = Lifebook-A530 | Source = iaStor | ID = 262153
Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht
 geantwortet.
 
Error - 10/22/2012 3:54:16 AM | Computer Name = Lifebook-A530 | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst avgwd erreicht.
 
Error - 10/22/2012 3:55:23 AM | Computer Name = Lifebook-A530 | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst MsMpSvc erreicht.
 
Error - 10/22/2012 4:00:56 AM | Computer Name = Lifebook-A530 | Source = Microsoft Antimalware | ID = 2001
Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt.

	Neue
 Signaturversion:      Vorherige Signaturversion: 1.137.1929.0     Aktualisierungsquelle: 
%%859     Aktualisierungsphase: %%852     Quellpfad: hxxp://www.microsoft.com     Signaturtyp: 
%%800     Aktualisierungstyp: %%803     Benutzer: NT-AUTORITÄT\SYSTEM     Aktuelle Modulversion:
      Vorherige Modulversion: 1.1.8800.0     Fehlercode: 0x8024402c     Fehlerbeschreibung: Unerwartetes
 Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates
 oder zur Problembehandlung finden Sie unter "Hilfe und Support". 
 
Error - 10/22/2012 4:04:20 AM | Computer Name = Lifebook-A530 | Source = Microsoft Antimalware | ID = 2001
Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt.

	Neue
 Signaturversion:      Vorherige Signaturversion: 1.137.1929.0     Aktualisierungsquelle: 
%%859     Aktualisierungsphase: %%852     Quellpfad: hxxp://www.microsoft.com     Signaturtyp: 
%%800     Aktualisierungstyp: %%803     Benutzer: NT-AUTORITÄT\SYSTEM     Aktuelle Modulversion:
      Vorherige Modulversion: 1.1.8800.0     Fehlercode: 0x8024402c     Fehlerbeschreibung: Unerwartetes
 Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates
 oder zur Problembehandlung finden Sie unter "Hilfe und Support". 
 
Error - 10/22/2012 4:15:22 AM | Computer Name = Lifebook-A530 | Source = iaStor | ID = 262153
Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht
 geantwortet.
 
Error - 10/22/2012 10:16:07 PM | Computer Name = Lifebook-A530 | Source = ipnathlp | ID = 31004
Description = 
 
 
< End of report >
         

Teil 2 folgt

Bis hier hin alles in Ordnung?

Code: Alles auswählenAufklappen

ATTFilter

OTL logfile created on: 11/3/2012 8:48:42 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Vincent\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.80 Gb Total Physical Memory | 2.43 Gb Available Physical Memory | 63.87% Memory free
7.60 Gb Paging File | 6.04 Gb Available in Paging File | 79.43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 296.09 Gb Total Space | 223.05 Gb Free Space | 75.33% Space Free | Partition Type: NTFS
 
Computer Name: LIFEBOOK-A530 | User Name: Vincent | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012/11/01 23:38:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Vincent\Desktop\OTL.exe
PRC - [2012/09/10 20:26:59 | 006,035,064 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
PRC - [2012/08/24 14:44:42 | 000,878,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgcmgr.exe
PRC - [2012/08/07 02:39:46 | 004,370,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgui.exe
PRC - [2012/07/31 02:37:02 | 002,596,984 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2012/07/27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/07/25 10:28:02 | 000,101,288 | ---- | M] (Fujitsu Technology Solutions) -- C:\Program Files (x86)\Fujitsu\DeskUpdate\DeskUpdateNotifier.exe
PRC - [2012/02/14 03:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2011/11/24 16:31:18 | 001,837,568 | ---- | M] (TerraTec Electronic GmbH) -- C:\Program Files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe
PRC - [2011/09/15 12:06:04 | 000,088,576 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2009/11/01 17:04:48 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009/11/01 17:04:42 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009/10/09 21:06:50 | 000,047,976 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
PRC - [2009/10/08 20:44:54 | 000,036,712 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012/09/15 09:49:38 | 000,766,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\log4net\ca507030bb77d2c58f5cebca8b4de7f0\log4net.ni.dll
MOD - [2012/09/15 09:49:38 | 000,117,248 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeskUpdateNotifier\82cf810ac24ee22f99a0a1a7a752947c\DeskUpdateNotifier.ni.exe
MOD - [2012/06/15 20:27:06 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll
MOD - [2012/06/15 20:26:56 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll
MOD - [2012/05/15 17:06:10 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll
MOD - [2012/05/15 17:06:06 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\623d2a0f11dd82bb9bc13d1cb981b239\System.Configuration.ni.dll
MOD - [2012/05/15 17:06:04 | 009,091,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll
MOD - [2012/05/15 17:05:59 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2012/09/12 20:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/09/12 20:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/06/23 17:14:38 | 000,330,240 | ---- | M] (FUJITSU LIMITED) [On_Demand | Stopped] -- C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe -- (PFNService)
SRV:64bit: - [2009/12/24 12:43:40 | 000,145,840 | ---- | M] (CSR, plc) [Auto | Running] -- C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe -- (VFPRadioSupportService)
SRV:64bit: - [2009/07/30 10:43:00 | 000,063,336 | ---- | M] (FUJITSU LIMITED) [Auto | Running] -- C:\Program Files\Fujitsu\PSUtility\PSUService.exe -- (PowerSavingUtilityService)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012/10/14 13:24:08 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/09/07 00:13:37 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/08/13 02:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2012/07/27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/06/07 18:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/02/14 03:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/09/15 12:06:04 | 000,088,576 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2011/05/27 15:23:00 | 001,300,264 | ---- | M] (Synaptics, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe -- (ScrybeUpdater)
SRV - [2010/09/13 12:58:24 | 000,399,944 | ---- | M] (Elgato Systems GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\Elgato\EyeTV Netstream\EyeTVNetstreamSvc.exe -- (EyeTV Netstream)
SRV - [2010/03/18 21:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/11/01 17:04:48 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/11/01 17:04:42 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/10/16 16:18:17 | 000,759,072 | ---- | M] (ABBYY (BIT Software)) [Disabled | Stopped] -- C:\Program Files (x86)\ABBYY Screenshot Reader\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.ScreenshotReader.9.0)
SRV - [2008/07/04 11:52:18 | 000,014,336 | ---- | M] (Vodafone) [Disabled | Stopped] -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012/08/30 21:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/08/24 14:43:16 | 000,384,352 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/26 02:21:28 | 000,291,680 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2012/07/09 12:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/04/19 03:50:26 | 000,028,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/31 03:46:48 | 000,036,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2012/01/03 16:28:54 | 000,047,208 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tbhsd.sys -- (tbhsd)
DRV:64bit: - [2012/01/03 16:28:47 | 000,037,480 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rrnetcap.sys -- (RRNetCapMP)
DRV:64bit: - [2012/01/03 16:28:47 | 000,037,480 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rrnetcap.sys -- (RRNetCap)
DRV:64bit: - [2011/12/23 12:32:14 | 000,047,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/12/23 12:32:04 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsfiltera.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/12/23 12:31:58 | 000,124,496 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2011/08/02 15:38:44 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2011/03/31 18:32:00 | 001,424,944 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/06/25 16:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:64bit: - [2010/06/08 09:33:14 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/04/12 08:09:08 | 000,131,144 | ---- | M] (ABILIS Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AbilisBdaTuner.sys -- (AbilisT)
DRV:64bit: - [2010/03/04 21:43:00 | 000,346,144 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/12/18 11:38:56 | 008,038,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/11/27 05:15:00 | 000,244,736 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2009/11/06 12:56:06 | 001,550,848 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/11/02 18:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009/11/01 17:04:42 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/10/26 12:39:44 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/07/14 01:00:13 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Dot4Scan.sys -- (Dot4Scan)
DRV:64bit: - [2009/07/14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/03/17 10:06:14 | 000,115,328 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2006/11/01 17:59:24 | 000,007,296 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fuj02e3.sys -- (FUJ02E3)
DRV:64bit: - [2006/11/01 17:20:28 | 000,007,808 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fuj02b1.sys -- (FUJ02B1)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {916F2051-FF46-4C6C-B0CC-5621E68CBCFE}
IE:64bit: - HKLM\..\SearchScopes\{916F2051-FF46-4C6C-B0CC-5621E68CBCFE}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSG
IE - HKLM\..\SearchScopes,DefaultScope = {916F2051-FF46-4C6C-B0CC-5621E68CBCFE}
IE - HKLM\..\SearchScopes\{916F2051-FF46-4C6C-B0CC-5621E68CBCFE}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSG
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1655660024-2649062184-858687661-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ts.fujitsu.com
IE - HKU\S-1-5-21-1655660024-2649062184-858687661-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.google.com/ig/redirectd [Binary data over 200 bytes]
IE - HKU\S-1-5-21-1655660024-2649062184-858687661-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=FTSG&bmod=FTSG
IE - HKU\S-1-5-21-1655660024-2649062184-858687661-1000\..\SearchScopes,DefaultScope = {916F2051-FF46-4C6C-B0CC-5621E68CBCFE}
IE - HKU\S-1-5-21-1655660024-2649062184-858687661-1000\..\SearchScopes\{72C07153-7FE4-4370-A10E-899B5605130B}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
IE - HKU\S-1-5-21-1655660024-2649062184-858687661-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1655660024-2649062184-858687661-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: {F53C93F1-07D5-430c-86D4-C9531B27DFAF}:12.0.0.2189
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}:6.0.33
FF - prefs.js..keyword.URL: "hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Vincent\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Vincent\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/09/10 20:30:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ [2012/07/03 14:56:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/07 00:13:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012/08/29 20:08:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\avgthb@avg.com: C:\Program Files (x86)\AVG\AVG2012\Thunderbird\
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/07 00:13:38 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2011/12/25 22:02:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vincent\AppData\Roaming\mozilla\Extensions
[2012/11/01 16:19:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vincent\AppData\Roaming\mozilla\Firefox\Profiles\9u0eqmus.default\extensions
[2012/11/01 16:19:41 | 000,048,118 | ---- | M] () (No name found) -- C:\Users\Vincent\AppData\Roaming\mozilla\firefox\profiles\9u0eqmus.default\extensions\GlassMyFox@ArisT2_Noia4dev.xpi
[2012/02/20 10:55:37 | 000,003,915 | ---- | M] () -- C:\Users\Vincent\AppData\Roaming\mozilla\firefox\profiles\9u0eqmus.default\searchplugins\sweetim.xml
[2012/09/12 22:52:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012/09/07 00:13:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012/09/12 22:52:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012/07/03 14:56:25 | 000,000,000 | ---D | M] (AVG Do Not Track) -- C:\PROGRAM FILES (X86)\AVG\AVG2012\FIREFOX\DONOTTRACK
[2012/09/07 00:13:38 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/09/06 22:34:59 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/09/06 22:34:59 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/09/06 22:34:59 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012/09/06 22:34:59 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/09/06 22:34:59 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/09/06 22:34:59 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: 
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Vincent\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Vincent\AppData\Local\Google\Chrome\Application\22.0.1229.94\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Vincent\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Vincent\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Vincent\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2210_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U35 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.350.10 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Media Go Detector (Enabled) = C:\Program Files (x86)\Sony\Media Go\npmediago.dll
CHR - plugin: PlayStation(R)Network Downloader Check Plug-in (Enabled) = C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Wetter (Erweiterung) = C:\Users\Vincent\AppData\Local\Google\Chrome\User Data\Default\Extensions\beapnbfmjmjhhfpaoajfhjbbfnnlfpnc\0.9.0.0_0\
CHR - Extension: Adblock Plus (Beta) = C:\Users\Vincent\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
CHR - Extension: Grooveshark Germany unlocker = C:\Users\Vincent\AppData\Local\Google\Chrome\User Data\Default\Extensions\docdgimmdejoiemdafcgeodchlbllgac\2.3.4_0\
CHR - Extension: Grooveshark Germany unlocker = C:\Users\Vincent\AppData\Local\Google\Chrome\User Data\Default\Extensions\docdgimmdejoiemdafcgeodchlbllgac\2.3.4_0\.orig
CHR - Extension: Regentropfen(Non-Aero) = C:\Users\Vincent\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpagcfbbmlebfnkeogkigellbgmfkjfg\1.0.0.2_0\
CHR - Extension: AdBlock = C:\Users\Vincent\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.45_0\
CHR - Extension: AVG Safe Search = C:\Users\Vincent\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2210_0\
CHR - Extension: Smooth Scrollerator = C:\Users\Vincent\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmicgfcegednlkdhgbhgickcgndjeeig\1.1.1_0\
CHR - Extension: AVG Do Not Track = C:\Users\Vincent\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
 
O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll File not found
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll File not found
O3 - HKLM\..\Toolbar: (TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~2\TerraTec\TERRAT~1\THCDES~1.DLL (TerraTec Electronic GmbH)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1655660024-2649062184-858687661-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [BthSyncServ] "C:\Program Files\CSR\Bluetooth Feature Pack 5.0\bthsyncserv.exe" File not found
O4:64bit: - HKLM..\Run: [ConMgr] C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe (CSR, plc)
O4:64bit: - HKLM..\Run: [CSRBIP] C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRBipPushResponder.exe (CSR, plc)
O4:64bit: - HKLM..\Run: [CSRFTP] C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRBthFtpServer.exe (CSR, plc)
O4:64bit: - HKLM..\Run: [CSRSkype] C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe (CSR, plc)
O4:64bit: - HKLM..\Run: [FDM7] C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [LoadBtnHnd] C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [LoadFujitsuQuickTouch] C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PSUTility] C:\Program Files\Fujitsu\PSUtility\TrayManager.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DeskUpdateNotifier] C:\Program Files (x86)\Fujitsu\DeskUpdate\DeskUpdateNotifier.exe (Fujitsu Technology Solutions)
O4 - HKLM..\Run: [IndicatorUtility] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [LoadFUJ02E3] C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe (FUJITSU LIMITED)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1655660024-2649062184-858687661-1000..\Run: [ABBYY Screenshot Reader Retail]  File not found
O4 - HKU\S-1-5-21-1655660024-2649062184-858687661-1000..\Run: [Remote Control Editor] C:\Program Files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe (TerraTec Electronic GmbH)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Vincent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutoHotkey.ahk - Verknüpfung.lnk = C:\Users\Vincent\Documents\Library\AutoHotkey.ahk ()
O4 - Startup: C:\Users\Vincent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SynTPEnh.exe (Synaptics Incorporated)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-1655660024-2649062184-858687661-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0F44BEA7-67FF-46D6-A274-D71A7952D06B}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2F70A030-AB0A-40A3-848F-93F0CB9B9048}: DhcpNameServer = 10.129.32.1 10.111.81.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E9B66E02-0BE1-4EBD-AA23-CCB8CBC5B727}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{8ec7cabf-2f68-11e1-83af-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{8ec7cabf-2f68-11e1-83af-806e6f6e6963}\Shell\AutoRun\command - "" = F:\tools\shelexec.exe html\index.htm
O33 - MountPoints2\{aca35bed-ee1f-11e1-9d8d-e0ca945063e8}\Shell - "" = AutoRun
O33 - MountPoints2\{aca35bed-ee1f-11e1-9d8d-e0ca945063e8}\Shell\AutoRun\command - "" = D:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{aca35bf4-ee1f-11e1-9d8d-e0ca945063e8}\Shell - "" = AutoRun
O33 - MountPoints2\{aca35bf4-ee1f-11e1-9d8d-e0ca945063e8}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
 
MsConfig:64bit - StartUpReg: ABBYY Screenshot Reader Retail - hkey= - key= - C:\Program Files (x86)\ABBYY Screenshot Reader\ScreenShotReader.exe (ABBYY Software Ltd)
MsConfig:64bit - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: DeskUpdateNotifier - hkey= - key= - C:\Program Files (x86)\Fujitsu\DeskUpdate\DeskUpdateNotifier.exe (Fujitsu Technology Solutions)
MsConfig:64bit - StartUpReg: FILSHtray - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: Google Update - hkey= - key= - C:\Users\Vincent\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
MsConfig:64bit - StartUpReg: HTC Sync Loader - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: MobileConnect - hkey= - key= - C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
MsConfig:64bit - StartUpReg: PDFPrint - hkey= - key= - C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
MsConfig:64bit - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: Remote Control Editor - hkey= - key= - C:\Program Files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe (TerraTec Electronic GmbH)
MsConfig:64bit - StartUpReg: UCam_Menu - hkey= - key= - C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
MsConfig:64bit - StartUpReg: YouCam Mirror Tray icon - hkey= - key= - C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe (CyberLink Corp.)
MsConfig:64bit - State: "bootini" - Reg Error: Key error.
MsConfig:64bit - State: "startup" - Reg Error: Key error.
MsConfig:64bit - State: "services" - Reg Error: Key error.
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
 
SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: MsMpSvc - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: MsMpSvc - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/11/03 08:33:55 | 000,000,000 | ---D | C] -- C:\Users\Vincent\Desktop\126318-laptop-ploetzlich-langsam-geworden-post948325-Dateien
[2012/11/03 00:50:18 | 000,208,216 | ---- | C] (Kaspersky Lab, GERT) -- C:\Windows\SysNative\drivers\79859503.sys
[2012/11/01 23:53:05 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Vincent\Desktop\tdsskiller.exe
[2012/11/01 23:36:51 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Vincent\Desktop\OTL.exe
[2012/10/04 22:32:56 | 000,000,000 | ---D | C] -- C:\Users\Vincent\Desktop\Bank
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012/11/03 10:33:00 | 000,001,128 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1655660024-2649062184-858687661-1000UA.job
[2012/11/03 10:04:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/11/03 09:43:50 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/11/03 09:43:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/11/03 08:39:42 | 000,142,943 | ---- | M] () -- C:\Users\Vincent\Desktop\126318-laptop-ploetzlich-langsam-geworden-post948325.html
[2012/11/03 08:15:07 | 000,001,076 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1655660024-2649062184-858687661-1000Core.job
[2012/11/03 08:00:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/11/03 02:28:25 | 3061,227,520 | -HS- | M] () -- C:\hiberfil.sys
[2012/11/03 01:39:57 | 000,013,833 | ---- | M] () -- C:\Users\Vincent\Desktop\fatal.JPG
[2012/11/03 00:50:47 | 000,208,216 | ---- | M] (Kaspersky Lab, GERT) -- C:\Windows\SysNative\drivers\79859503.sys
[2012/11/02 00:10:26 | 000,082,214 | ---- | M] () -- C:\Users\Vincent\Desktop\forum-anleitung.JPG
[2012/11/01 23:53:23 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Vincent\Desktop\tdsskiller.exe
[2012/11/01 23:38:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Vincent\Desktop\OTL.exe
[2012/11/01 23:38:07 | 000,000,000 | ---- | M] () -- C:\Users\Vincent\defogger_reenable
[2012/11/01 23:09:20 | 000,050,477 | ---- | M] () -- C:\Users\Vincent\Desktop\Defogger.exe
[2012/11/01 15:20:35 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/11/01 15:20:30 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/11/01 15:00:50 | 000,696,870 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012/11/01 15:00:50 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/11/01 15:00:50 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/11/01 15:00:45 | 000,148,134 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012/11/01 15:00:13 | 001,612,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012/11/03 08:35:43 | 000,142,943 | ---- | C] () -- C:\Users\Vincent\Desktop\126318-laptop-ploetzlich-langsam-geworden-post948325.html
[2012/11/03 01:37:59 | 000,013,833 | ---- | C] () -- C:\Users\Vincent\Desktop\fatal.JPG
[2012/11/02 00:10:25 | 000,082,214 | ---- | C] () -- C:\Users\Vincent\Desktop\forum-anleitung.JPG
[2012/11/01 23:38:07 | 000,000,000 | ---- | C] () -- C:\Users\Vincent\defogger_reenable
[2012/11/01 23:04:57 | 000,050,477 | ---- | C] () -- C:\Users\Vincent\Desktop\Defogger.exe
[2012/09/16 19:53:35 | 000,010,045 | ---- | C] () -- C:\Users\Vincent\AppData\Local\recently-used.xbel
[2012/05/23 18:28:04 | 006,607,360 | ---- | C] () -- C:\Program Files\LuPO_NRW_SV.exe
[2012/03/03 20:13:33 | 000,006,656 | ---- | C] () -- C:\Users\Vincent\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/01/20 00:00:48 | 000,007,606 | ---- | C] () -- C:\Users\Vincent\AppData\Local\Resmon.ResmonCfg
[2012/01/07 05:55:32 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2011/11/03 09:57:42 | 000,870,544 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2011/11/03 09:57:42 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2011/11/03 09:57:42 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2011/11/03 09:57:42 | 000,051,068 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2011/11/03 09:57:41 | 000,127,896 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2011/04/15 06:37:26 | 001,641,654 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2008/06/23 12:02:02 | 000,097,410 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2008/05/23 16:48:50 | 000,020,270 | ---- | C] () -- C:\ProgramData\DeviceInstaller.xml
 
========== ZeroAccess Check ==========
 
[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012/03/20 19:52:10 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\ACD Systems
[2012/09/14 21:40:50 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Ashampoo
[2012/01/08 22:28:23 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\AVG2012
[2012/01/26 21:59:37 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Babylon
[2012/02/05 20:07:54 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\DVDVideoSoft
[2012/02/05 20:07:14 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\DVDVideoSoftIEHelpers
[2011/12/25 20:22:10 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Fujitsu
[2012/07/18 07:35:48 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\gtk-2.0
[2012/01/26 23:06:01 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\HTC
[2012/02/06 23:26:38 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Music Liberator 10.5 Release 1.1
[2012/08/24 19:46:24 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\MyPhoneExplorer
[2012/02/20 12:51:46 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Need for Speed World
[2012/04/14 15:16:08 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Opera
[2012/09/16 18:50:01 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\PanoramaStudio2
[2012/01/22 12:30:19 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Remote PC Server
[2012/01/10 21:53:16 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\SoftGrid Client
[2012/05/07 09:18:17 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Sony
[2012/01/07 07:36:25 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Synaptics
[2012/09/11 15:23:33 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Teeworlds
[2012/06/24 09:06:20 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\TerraTec
[2012/01/08 16:36:51 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Thunderbird
[2011/12/25 23:44:51 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\TP
[2012/09/10 20:20:11 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Vodafone
[2012/01/31 21:42:43 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Windows Live Writer
[2012/02/19 20:17:21 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Windows SideBar
[2012/02/07 00:14:53 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\WindSolutions
[2012/09/15 12:27:29 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Zoner
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2012/05/31 19:13:41 | 000,000,000 | -H-D | M] -- C:\$AVG
[2012/01/16 02:47:07 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2011/02/11 15:33:09 | 000,000,000 | -HSD | M] -- C:\Boot
[2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2011/11/03 09:56:51 | 000,000,000 | ---D | M] -- C:\Drivers
[2012/09/29 16:42:08 | 000,000,000 | -HSD | M] -- C:\found.000
[2011/12/25 20:18:41 | 000,000,000 | ---D | M] -- C:\Fujitsu
[2011/12/26 03:25:53 | 000,000,000 | ---D | M] -- C:\Intel
[2012/01/10 20:53:16 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2012/09/30 14:35:36 | 000,000,000 | R--D | M] -- C:\Program Files
[2012/09/30 14:46:51 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2012/09/15 21:08:19 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2011/02/11 15:39:58 | 000,000,000 | -HSD | M] -- C:\Recovery
[2012/11/03 09:57:08 | 000,000,000 | ---D | M] -- C:\System Volume Information
[2012/09/14 19:16:52 | 000,000,000 | ---D | M] -- C:\Temp
[2011/12/25 20:13:51 | 000,000,000 | R--D | M] -- C:\Users
[2012/03/09 17:31:44 | 000,000,000 | ---D | M] -- C:\Vimeo
[2012/10/03 18:31:45 | 000,000,000 | ---D | M] -- C:\Windows
 
< %SYSTEMDRIVE%\*.* >
[2010/11/21 04:23:51 | 000,383,786 | RHS- | M] () -- C:\bootmgr
[2011/02/11 15:33:10 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2012/11/03 02:28:25 | 3061,227,520 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/25 20:13:28 | 000,007,430 | ---- | M] () -- C:\lang.txt
[2006/12/01 23:37:14 | 000,904,704 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll
[2012/11/03 02:28:20 | 4081,639,424 | -HS- | M] () -- C:\pagefile.sys
[2011/12/25 20:09:48 | 000,002,208 | ---- | M] () -- C:\RHDSetup.log
[2012/11/03 01:53:28 | 000,003,558 | ---- | M] () -- C:\TDSSKiller.2.8.15.0_03.11.2012_00.50.16_log.txt
[2012/01/26 21:59:50 | 000,000,237 | ---- | M] () -- C:\user.js
 
< %PROGRAMFILES%\*.exe >
 
< %PROGRAMFILES(X86)%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< %windir%\installer\*. /10 >
 
< %appdata%\*.  >
[2012/03/20 19:52:10 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\ACD Systems
[2012/01/18 21:50:07 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Adobe
[2012/05/07 07:32:42 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Apple Computer
[2012/09/14 21:40:50 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Ashampoo
[2012/01/08 22:28:23 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\AVG2012
[2012/01/26 21:59:37 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Babylon
[2011/12/25 20:27:17 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\CyberLink
[2012/07/20 08:01:58 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\dvdcss
[2012/02/05 20:07:54 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\DVDVideoSoft
[2012/02/05 20:07:14 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\DVDVideoSoftIEHelpers
[2011/12/25 20:22:10 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Fujitsu
[2012/07/18 07:35:48 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\gtk-2.0
[2012/01/26 23:06:01 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\HTC
[2011/12/25 20:21:17 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Identities
[2011/12/25 22:09:54 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Macromedia
[2010/11/21 08:16:58 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Media Center Programs
[2012/04/17 04:59:31 | 000,000,000 | --SD | M] -- C:\Users\Vincent\AppData\Roaming\Microsoft
[2011/12/25 22:02:36 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Mozilla
[2012/02/06 23:26:38 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Music Liberator 10.5 Release 1.1
[2012/08/24 19:46:24 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\MyPhoneExplorer
[2012/02/20 12:51:46 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Need for Speed World
[2012/04/14 15:16:08 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Opera
[2012/09/16 18:50:01 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\PanoramaStudio2
[2012/01/22 12:30:19 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Remote PC Server
[2012/09/29 09:56:09 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Skype
[2012/01/10 21:53:16 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\SoftGrid Client
[2012/05/07 09:18:17 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Sony
[2012/01/07 07:36:25 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Synaptics
[2012/09/11 15:23:33 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Teeworlds
[2012/06/24 09:06:20 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\TerraTec
[2012/01/08 16:36:51 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Thunderbird
[2011/12/25 23:44:51 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\TP
[2012/09/22 23:04:03 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\vlc
[2012/09/10 20:20:11 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Vodafone
[2012/01/31 21:42:43 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Windows Live Writer
[2012/02/19 20:17:21 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Windows SideBar
[2012/02/07 00:14:53 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\WindSolutions
[2012/09/15 12:27:29 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Zoner
 
< %appdata%\*.*  >
 
< %appdata%\*.exe /s >
[2012/01/18 21:57:04 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Vincent\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2012/01/09 18:48:25 | 001,082,680 | ---- | M] () -- C:\Users\Vincent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTSDeskUpdate.exe
[2011/03/31 18:29:28 | 002,735,400 | ---- | M] (Synaptics Incorporated) -- C:\Users\Vincent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SynTPEnh.exe
 
< %localappdata%\*.  >
[2012/09/14 19:22:41 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\ABBYY
[2012/02/05 20:47:35 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\Abelssoft
[2012/03/20 19:59:46 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\ACD Systems
[2012/01/18 21:50:06 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\Adobe
[2011/12/25 20:13:51 | 000,000,000 | -HSD | M] -- C:\Users\Vincent\AppData\Local\Anwendungsdaten
[2011/12/26 01:28:54 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\Apple
[2011/12/30 17:06:07 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\Apple Computer
[2012/09/14 21:35:01 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\ashampoo
[2012/01/26 21:59:39 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\Babylon
[2012/10/14 16:53:44 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\CrashDumps
[2012/02/06 01:20:33 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\CrashRpt
[2012/08/24 17:27:15 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\CUSTPDF Writer
[2011/12/25 20:26:56 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\CyberLink
[2012/11/03 04:09:48 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\Diagnostics
[2012/05/07 07:32:10 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\Downloaded Installations
[2012/02/19 20:16:33 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\Electronic_Arts_Inc
[2012/11/03 04:09:48 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\ElevatedDiagnostics
[2012/09/16 18:36:00 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\fontconfig
[2012/09/16 18:35:58 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\gegl-0.2
[2012/09/15 12:26:07 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\Google
[2012/09/16 20:11:40 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\Innovative Solutions
[2012/06/16 17:30:13 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\Macromedia
[2012/09/15 20:23:34 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\Microsoft
[2012/04/12 18:08:11 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\Microsoft Help
[2011/12/25 22:02:27 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\Mozilla
[2012/04/14 15:16:08 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\Opera
[2011/12/30 17:24:49 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\PackageAware
[2012/09/16 18:44:02 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\Paint.NET
[2012/01/26 09:42:57 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\PDF24
[2012/09/10 20:19:50 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\Programs
[2012/02/06 01:18:26 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\RapidSolution
[2011/12/25 23:44:46 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\SoftGrid Client
[2012/05/07 09:14:48 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\Sony
[2012/11/03 10:35:18 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\Temp
[2011/12/25 20:13:51 | 000,000,000 | -HSD | M] -- C:\Users\Vincent\AppData\Local\Temporary Internet Files
[2012/01/27 17:10:11 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\Thunderbird
[2011/12/25 20:13:51 | 000,000,000 | -HSD | M] -- C:\Users\Vincent\AppData\Local\Verlauf
[2012/01/17 20:28:48 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\VirtualStore
[2012/04/19 00:51:47 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\Windows Live
[2012/01/07 08:56:12 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\Windows Live Writer
[2012/09/14 15:55:54 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\Zoner
[2012/03/20 13:26:34 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{0558CE5D-7DF7-4EC7-B65B-1EEE9DD3B733}
[2012/04/19 00:55:10 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{14AAD8A1-0137-41B4-97CE-112A4B125E0F}
[2012/04/18 22:28:24 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{1C20213A-F652-4E6F-8318-3C46AE3CDDAB}
[2011/12/28 18:06:00 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{234D422A-0115-490C-818E-E12FEABB57D7}
[2012/02/04 10:35:23 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{26E35703-C3D8-476A-A203-E503F2AE10C1}
[2012/02/04 10:35:13 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{358F4FF3-4BF3-4BC1-977E-0E4FC7E11286}
[2012/03/20 13:26:25 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{39E6C2DB-6CE1-4DE2-8307-91998A647A0F}
[2012/01/07 09:38:04 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{3C4941B5-C0DF-4C37-B83A-9E723F086ED7}
[2012/04/19 00:54:30 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{3F5D0D7A-53A4-4F12-9B9A-4A0471E6EDC5}
[2012/08/06 14:05:41 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{40318A0E-2742-4FE2-8ED6-88AA79843768}
[2012/01/31 21:39:38 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{43A1999F-9FFD-4260-A8D4-0766C41ED606}
[2012/02/24 16:19:21 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{4A516C56-B15A-4B77-990A-C84D7D54421C}
[2012/02/05 12:14:31 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{53FF4C9B-631B-49DE-8480-061C6E1CE42C}
[2012/08/22 23:02:13 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{56F87D58-F02F-403D-BBEA-B4F1F0D05F37}
[2012/02/02 20:59:40 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{59BB865D-282F-4153-B933-11B15D1BB216}
[2012/02/03 19:31:55 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{5A88A158-DC4D-49A4-B8DD-BDF5FC1CA97E}
[2012/01/11 20:36:12 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{60604835-8AE0-433F-924D-0C38B2CF7C33}
[2011/12/27 21:52:26 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{670D4D52-C428-4109-83A1-79ADDD26A261}
[2012/02/08 20:23:43 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{73D4DE1D-526E-47C4-A584-60EA2CBED061}
[2011/12/27 21:44:55 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{753E0ACD-651A-4E2E-AB5B-FE3FB2C50D91}
[2012/04/19 00:55:00 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{77385AFF-DA6C-4C54-A0D6-E17DAE92667D}
[2012/02/08 20:23:32 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{7E5FE671-3AB5-435A-A34A-7F736935609F}
[2012/02/02 20:59:51 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{800AB4D3-8B4E-4253-8223-9B10B1D4FD5B}
[2012/02/03 19:31:45 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{82AADD77-FBF5-41FB-B3FD-B3103B2AE7E2}
[2012/09/16 20:54:02 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{86F4CC6F-6464-4A1F-8232-7C26250121B6}
[2012/01/07 09:38:15 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{8C24A39C-7931-48C0-A006-1C2298DE3A85}
[2012/01/07 08:56:34 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{9370E490-A01F-4A01-AFB3-624742D4308A}
[2012/02/22 20:05:36 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{99A162DB-96CB-43D1-BCB7-673D5DFB7058}
[2012/02/01 19:43:47 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{9C0EA8AD-4A30-4BE1-9B21-8DE059B05307}
[2012/01/07 08:56:33 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{A0386D85-8D85-49EA-A8AE-961829EF7F70}
[2012/04/19 00:52:19 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{A598B9A5-54CC-4A5B-BA1E-12F4E9584FC1}
[2012/02/05 13:29:27 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{A874B693-9139-47BC-B6BB-CE99D62CFA81}
[2012/01/11 20:36:12 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{AA7A7DA6-05CB-4A96-B5FA-C290B87440B5}
[2012/02/05 00:14:17 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{B4B05CE3-E1F5-4F93-92A1-CA8E840B3676}
[2012/04/19 00:52:09 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{B6C07F63-D89B-4D73-A9DD-79DBF5836FB6}
[2012/01/08 20:16:28 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{BA39FF43-6FB9-422B-989C-C21232064472}
[2012/02/22 20:05:36 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{BAC5232B-6C01-4146-AB2F-DC2C53777FA2}
[2012/01/22 11:40:38 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{C29C53EC-F7D9-4B7A-B462-EB6B4CFE8792}
[2012/01/08 20:16:39 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{C46F3243-26E0-4FD9-95F5-45DD5BB3C541}
[2012/01/22 11:40:50 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{C7BF4215-C8F9-443C-B7DA-706C5A8DB623}
[2012/08/06 14:05:56 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{C7C70502-59D1-4A07-8BBA-34A2A16C9D92}
[2011/12/27 21:19:27 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{C90F1E95-7DAC-422D-80BA-7B8737E0EE5C}
[2012/02/24 16:19:31 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{CD042312-3AE6-4AF1-952E-9043ECC76383}
[2012/02/05 13:29:38 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{D50E0ACF-35C1-4C50-8FF7-8FAAF51B51DB}
[2012/09/10 20:18:42 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{D53238E8-3427-491E-A57E-097FA966AAC1}
[2012/01/31 21:39:27 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{D7A6B357-EE5F-4C3D-8B70-673DA74C9150}
[2012/02/20 12:25:04 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{DE5DA50E-4EC1-4957-9F34-A5150681F0B2}
[2012/02/05 00:14:28 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Local\{FBB913BC-E638-4AC9-B4B2-C8D60108FC10}
 
< %localappdata%\*.* >
[2012/03/03 20:15:30 | 000,006,656 | ---- | M] () -- C:\Users\Vincent\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/01/11 18:54:44 | 000,067,872 | ---- | M] () -- C:\Users\Vincent\AppData\Local\GDIPFONTCACHEV1.DAT
[2012/11/03 02:01:33 | 001,514,355 | -H-- | M] () -- C:\Users\Vincent\AppData\Local\IconCache.db
[2012/09/16 19:53:35 | 000,010,045 | ---- | M] () -- C:\Users\Vincent\AppData\Local\recently-used.xbel
[2012/10/03 14:42:55 | 000,007,606 | ---- | M] () -- C:\Users\Vincent\AppData\Local\Resmon.ResmonCfg
 
< %localappdata%\*.exe /s >
[2011/12/01 16:49:13 | 001,789,040 | ---- | M] (Babylon Ltd.) -- C:\Users\Vincent\AppData\Local\Babylon\Setup\Setup.exe
[2012/10/10 11:06:17 | 001,239,064 | ---- | M] (Google Inc.) -- C:\Users\Vincent\AppData\Local\Google\Chrome\Application\chrome.exe
[2012/08/30 03:57:20 | 000,081,432 | ---- | M] (Google Inc.) -- C:\Users\Vincent\AppData\Local\Google\Chrome\Application\21.0.1180.89\chrome_frame_helper.exe
[2012/08/30 03:57:21 | 000,084,504 | ---- | M] (Google Inc.) -- C:\Users\Vincent\AppData\Local\Google\Chrome\Application\21.0.1180.89\chrome_launcher.exe
[2012/08/30 03:57:23 | 000,200,216 | ---- | M] (TODO: <Company name>) -- C:\Users\Vincent\AppData\Local\Google\Chrome\Application\21.0.1180.89\delegate_execute.exe
[2012/08/30 02:50:45 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\Vincent\AppData\Local\Google\Chrome\Application\21.0.1180.89\flashplayerapp.exe
[2012/08/30 03:58:39 | 000,914,968 | ---- | M] (Google Inc.) -- C:\Users\Vincent\AppData\Local\Google\Chrome\Application\21.0.1180.89\nacl64.exe
[2012/09/12 08:02:23 | 001,541,144 | ---- | M] (Google Inc.) -- C:\Users\Vincent\AppData\Local\Google\Chrome\Application\21.0.1180.89\Installer\setup.exe
[2012/09/25 10:41:32 | 000,081,432 | ---- | M] (Google Inc.) -- C:\Users\Vincent\AppData\Local\Google\Chrome\Application\22.0.1229.79\chrome_frame_helper.exe
[2012/09/25 10:41:34 | 000,084,504 | ---- | M] (Google Inc.) -- C:\Users\Vincent\AppData\Local\Google\Chrome\Application\22.0.1229.79\chrome_launcher.exe
[2012/09/25 10:41:35 | 000,219,672 | ---- | M] (TODO: <Company name>) -- C:\Users\Vincent\AppData\Local\Google\Chrome\Application\22.0.1229.79\delegate_execute.exe
[2012/09/25 10:42:52 | 000,986,136 | ---- | M] (Google Inc.) -- C:\Users\Vincent\AppData\Local\Google\Chrome\Application\22.0.1229.79\nacl64.exe
[2012/09/27 20:33:54 | 001,578,520 | ---- | M] (Google Inc.) -- C:\Users\Vincent\AppData\Local\Google\Chrome\Application\22.0.1229.79\Installer\setup.exe
[2012/10/10 11:04:50 | 000,081,432 | ---- | M] (Google Inc.) -- C:\Users\Vincent\AppData\Local\Google\Chrome\Application\22.0.1229.94\chrome_frame_helper.exe
[2012/10/10 11:04:51 | 000,084,504 | ---- | M] (Google Inc.) -- C:\Users\Vincent\AppData\Local\Google\Chrome\Application\22.0.1229.94\chrome_launcher.exe
[2012/10/10 11:04:52 | 000,219,672 | ---- | M] (TODO: <Company name>) -- C:\Users\Vincent\AppData\Local\Google\Chrome\Application\22.0.1229.94\delegate_execute.exe
[2012/10/10 11:06:09 | 000,986,136 | ---- | M] (Google Inc.) -- C:\Users\Vincent\AppData\Local\Google\Chrome\Application\22.0.1229.94\nacl64.exe
[2012/10/14 10:46:49 | 001,578,520 | ---- | M] (Google Inc.) -- C:\Users\Vincent\AppData\Local\Google\Chrome\Application\22.0.1229.94\Installer\setup.exe
[2012/07/18 07:12:41 | 000,116,648 | ---- | M] (Google Inc.) -- C:\Users\Vincent\AppData\Local\Google\Update\GoogleUpdate.exe
[2012/09/17 06:28:41 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Users\Vincent\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe
[2012/09/17 06:28:41 | 000,279,504 | ---- | M] (Google Inc.) -- C:\Users\Vincent\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
[2012/09/17 06:28:41 | 000,116,648 | ---- | M] (Google Inc.) -- C:\Users\Vincent\AppData\Local\Google\Update\1.3.21.123\GoogleUpdate.exe
[2012/09/17 06:28:41 | 000,059,344 | ---- | M] (Google Inc.) -- C:\Users\Vincent\AppData\Local\Google\Update\1.3.21.123\GoogleUpdateBroker.exe
[2012/09/17 06:28:41 | 000,059,344 | ---- | M] (Google Inc.) -- C:\Users\Vincent\AppData\Local\Google\Update\1.3.21.123\GoogleUpdateOnDemand.exe
[2012/08/22 22:34:00 | 000,763,232 | ---- | M] (Google Inc.) -- C:\Users\Vincent\AppData\Local\Google\Update\1.3.21.123\GoogleUpdateSetup.exe
[2012/08/22 22:34:00 | 000,763,232 | ---- | M] (Google Inc.) -- C:\Users\Vincent\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.123\GoogleUpdateSetup.exe
[2012/10/10 16:31:00 | 001,204,136 | ---- | M] () -- C:\Users\Vincent\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\22.0.1229.94\22.0.1229.94_22.0.1229.79_chrome_updater.exe
[2012/04/18 22:28:49 | 001,287,528 | ---- | M] (Microsoft Corporation) -- C:\Users\Vincent\AppData\Local\Microsoft\Windows Live\Installer\Catalog\wlsetup.exe
[2012/02/19 20:17:36 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Users\Vincent\AppData\Local\Microsoft\Windows Sidebar\Gadgets\alarmClock.gadget\Sibbl.Gadget.AlarmClock.AlertApp.exe
[2012/02/19 20:17:25 | 000,020,480 | ---- | M] (Microsoft) -- C:\Users\Vincent\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GermanyRain.gadget\RegisterHost.exe
[2012/02/19 20:17:16 | 000,032,768 | ---- | M] () -- C:\Users\Vincent\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Q_driveinfo_1_2.gadget\CDR.exe
[2012/02/19 20:17:15 | 000,065,536 | ---- | M] (Uwe Sieber - www.uwe-sieber.de) -- C:\Users\Vincent\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Q_driveinfo_1_2.gadget\rd.exe
[2012/08/21 10:46:19 | 001,262,924 | ---- | M] () -- C:\Users\Vincent\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AQXL7HNK\MyPhoneExplorer_v2_5185[1].exe
[153 C:\Users\Vincent\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AQXL7HNK\*.tmp files -> C:\Users\Vincent\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AQXL7HNK\*.tmp -> ]
[2012/09/15 21:04:19 | 000,073,624 | ---- | M] (Apple Inc.) -- C:\Users\Vincent\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D6WAZON7\SetupAdmin[1].exe
[115 C:\Users\Vincent\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D6WAZON7\*.tmp files -> C:\Users\Vincent\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D6WAZON7\*.tmp -> ]
[2011/12/25 20:58:32 | 015,134,848 | ---- | M] (Mozilla) -- C:\Users\Vincent\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\96L6T4Q9\Firefox%20Setup%209.0.1[1].exe
[2012/08/22 22:34:00 | 000,763,232 | ---- | M] (Google Inc.) -- C:\Users\Vincent\AppData\Local\Temp\GoogleUpdateSetup.exe1e329d7
[2012/10/02 23:12:45 | 067,176,016 | ---- | M] (Microsoft Corporation) -- C:\Users\Vincent\AppData\Local\Temp\mpam-c42fae57.exe
[2009/10/07 09:37:48 | 000,667,485 | ---- | M] () -- C:\Users\Vincent\AppData\Local\Temp\setup.exe
[321 C:\Users\Vincent\AppData\Local\Temp\*.tmp files -> C:\Users\Vincent\AppData\Local\Temp\*.tmp -> ]
[2012/04/14 10:43:23 | 001,207,296 | ---- | M] (Google) -- C:\Users\Vincent\AppData\Local\Temp\._msige61\GoogleEarth.exe
[2012/04/05 02:01:28 | 000,050,688 | ---- | M] () -- C:\Users\Vincent\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\earthflashsol.exe
[2012/04/14 10:22:15 | 000,071,680 | ---- | M] (Google) -- C:\Users\Vincent\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\googleearth.exe
[2012/03/12 10:43:03 | 000,293,888 | ---- | M] () -- C:\Users\Vincent\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\gpsbabel.exe
[2012/04/14 10:22:15 | 000,071,680 | ---- | M] (Google) -- C:\Users\Vincent\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\geplugin.exe
[2012/01/09 18:51:52 | 000,117,560 | ---- | M] (Acresso Software Inc.) -- C:\Users\Vincent\AppData\Local\Temp\{166F6C55-4391-4B83-826E-6E286269CB0B}\ISBEW64.exe
[2012/01/18 21:57:01 | 015,160,720 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Vincent\AppData\Local\Temp\{228F068E-3A8D-45FB-9001-00C969162E5C}\{06C3E79F-FB43-405B-9BA8-DF726B4C18EC}\AdobeAIRInstaller.exe
[2012/01/18 21:57:11 | 014,132,192 | ---- | M] (HTC Corporation                                              ) -- C:\Users\Vincent\AppData\Local\Temp\{228F068E-3A8D-45FB-9001-00C969162E5C}\{26ECEF94-14F8-461F-97D6-11DCE98CEDD4}\HTCDriver.exe
[2012/09/15 12:43:17 | 000,117,560 | ---- | M] (Acresso Software Inc.) -- C:\Users\Vincent\AppData\Local\Temp\{A9C8FF76-9801-4429-BB75-F7F65762CAD4}\ISBEW64.exe
[2012/07/18 07:12:41 | 000,186,832 | ---- | M] (Google Inc.) -- C:\Users\Vincent\AppData\Local\Temp\{D05B88EB-53B5-4AF8-94A7-638CD8B0CDF7}\GoogleCrashHandler.exe
[2012/07/18 07:12:41 | 000,244,176 | ---- | M] (Google Inc.) -- C:\Users\Vincent\AppData\Local\Temp\{D05B88EB-53B5-4AF8-94A7-638CD8B0CDF7}\GoogleCrashHandler64.exe
[2012/07/18 07:12:41 | 000,116,648 | ---- | M] (Google Inc.) -- C:\Users\Vincent\AppData\Local\Temp\{D05B88EB-53B5-4AF8-94A7-638CD8B0CDF7}\GoogleUpdate.exe
[2012/07/18 07:12:41 | 000,059,344 | ---- | M] (Google Inc.) -- C:\Users\Vincent\AppData\Local\Temp\{D05B88EB-53B5-4AF8-94A7-638CD8B0CDF7}\GoogleUpdateBroker.exe
[2012/07/18 07:12:41 | 000,059,344 | ---- | M] (Google Inc.) -- C:\Users\Vincent\AppData\Local\Temp\{D05B88EB-53B5-4AF8-94A7-638CD8B0CDF7}\GoogleUpdateOnDemand.exe
[2012/06/05 23:57:00 | 000,746,336 | ---- | M] (Google Inc.) -- C:\Users\Vincent\AppData\Local\Temp\{D05B88EB-53B5-4AF8-94A7-638CD8B0CDF7}\GoogleUpdateSetup.exe
[2012/01/09 18:51:23 | 000,117,560 | ---- | M] (Acresso Software Inc.) -- C:\Users\Vincent\AppData\Local\Temp\{D9805C26-7450-4B39-8F2B-430810EAA27C}\ISBEW64.exe
[2012/04/10 21:22:56 | 008,738,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\Vincent\AppData\Local\Temp\2617.dir\InstallFlashPlayer.exe
[2012/03/20 19:22:19 | 000,584,072 | ---- | M] () -- C:\Users\Vincent\AppData\Local\Temp\30203883.Uninstall\Uninstall.exe
[2011/11/27 13:49:44 | 001,362,728 | ---- | M] (BabylonToolbar) -- C:\Users\Vincent\AppData\Local\Temp\770A9343-BAB0-7891-BFEF-DEF75B19080A\MyBabylonTB.exe
[2011/12/01 16:49:13 | 001,789,040 | ---- | M] (Babylon Ltd.) -- C:\Users\Vincent\AppData\Local\Temp\770A9343-BAB0-7891-BFEF-DEF75B19080A\Setup.exe
[2012/01/22 14:37:30 | 008,197,280 | ---- | M] (Adobe Systems, Inc.) -- C:\Users\Vincent\AppData\Local\Temp\846E.dir\InstallFlashPlayer.exe
[2012/09/14 21:39:30 | 151,225,144 | ---- | M] (Ashampoo GmbH & Co. KG                                      ) -- C:\Users\Vincent\AppData\Local\Temp\ainetB714607F\ashampoo_photo_commander_10_10.1.3_10509.exe
[2012/01/23 13:11:52 | 000,949,104 | ---- | M] (Opera Software) -- C:\Users\Vincent\AppData\Local\Temp\CProgram Files (x86)Opera\opera.exe
[2012/02/22 16:22:07 | 000,949,104 | ---- | M] (Opera Software) -- C:\Users\Vincent\AppData\Local\Temp\CProgram Files (x86)Opera\OperaUpgrader.exe
[2012/02/22 16:22:07 | 010,625,624 | ---- | M] (Opera Software ASA) -- C:\Users\Vincent\AppData\Local\Temp\CProgram Files (x86)Opera\Opera_11.61_int_Setup.exe
[2012/01/23 09:55:28 | 000,018,944 | ---- | M] (Opera Software) -- C:\Users\Vincent\AppData\Local\Temp\CProgram Files (x86)Opera\program\netscape.exe
[2012/06/03 13:33:24 | 010,620,872 | ---- | M] (Opera Software ASA) -- C:\Users\Vincent\AppData\Local\Temp\CUsersVincentAppDataLocalTempCProgram Files (x86)Opera\Opera-11.64-1403.i386.autoupdate.exe
[2012/05/04 17:13:29 | 000,949,104 | ---- | M] (Opera Software) -- C:\Users\Vincent\AppData\Local\Temp\CUsersVincentAppDataLocalTempCProgram Files (x86)Opera\opera.exe
[2012/06/03 13:33:24 | 000,949,104 | ---- | M] (Opera Software) -- C:\Users\Vincent\AppData\Local\Temp\CUsersVincentAppDataLocalTempCProgram Files (x86)Opera\OperaUpgrader.exe
[2012/05/04 11:55:10 | 000,018,944 | ---- | M] (Opera Software) -- C:\Users\Vincent\AppData\Local\Temp\CUsersVincentAppDataLocalTempCProgram Files (x86)Opera\program\netscape.exe
[2012/01/22 14:36:47 | 008,197,280 | ---- | M] (Adobe Systems, Inc.) -- C:\Users\Vincent\AppData\Local\Temp\DE8F.dir\InstallFlashPlayer.exe
[2011/11/10 12:34:40 | 000,623,384 | ---- | M] (Fujitsu Technology Solutions) -- C:\Users\Vincent\AppData\Local\Temp\DeskUpdate\DeskUpdate.exe
[2011/11/10 12:34:40 | 000,365,848 | ---- | M] (Fujitsu Technology Solutions) -- C:\Users\Vincent\AppData\Local\Temp\DeskUpdate\ducmd.exe
[2011/11/10 12:34:40 | 000,075,544 | ---- | M] (Microsoft Corporation) -- C:\Users\Vincent\AppData\Local\Temp\DeskUpdate\infinst64.exe
[2012/01/22 18:53:11 | 001,255,464 | ---- | M] (Fujitsu Technology Solutions                                ) -- C:\Users\Vincent\AppData\Local\Temp\DeskUpdate2d587e59\ftsdeskupdatesetup.exe
[2012/09/15 09:49:07 | 001,998,648 | ---- | M] (Fujitsu Technology Solutions                                ) -- C:\Users\Vincent\AppData\Local\Temp\DeskUpdate7b7e3374\ftsdeskupdatesetup.exe
[2012/05/09 16:33:20 | 000,506,056 | ---- | M] (DealPly) -- C:\Users\Vincent\AppData\Local\Temp\is1373634743\dp.exe
[2012/03/22 08:39:42 | 001,418,152 | ---- | M] (Alactro LLC) -- C:\Users\Vincent\AppData\Local\Temp\is1373634743\ezLookerSilent_DDD_FTT_BG_BD_BVD.exe
[2012/08/15 13:41:36 | 000,899,224 | ---- | M] (Babylon Ltd.) -- C:\Users\Vincent\AppData\Local\Temp\is1373634743\MyBabylonTB.exe
[2012/03/16 15:49:30 | 000,197,120 | ---- | M] (Setup ©                       ) -- C:\Users\Vincent\AppData\Local\Temp\is1373634743\PKExecuter.exe
[2012/09/06 22:34:59 | 000,270,304 | ---- | M] (Mozilla Foundation) -- C:\Users\Vincent\AppData\Local\Temp\MozUpdater\updater.exe
[2012/02/23 20:37:45 | 000,019,968 | ---- | M] (1am Studios) -- C:\Users\Vincent\AppData\Local\Temp\SharePodLib\bin\SharePodHelper.exe
[2012/02/20 10:55:13 | 000,459,568 | ---- | M] (SweetIM Technologies, Ltd.) -- C:\Users\Vincent\AppData\Local\Temp\SweetIMReinstall\SweetImSetup.exe
[2011/04/07 20:58:14 | 004,669,288 | ---- | M] (Bullzip                                                     ) -- C:\Users\Vincent\AppData\Local\Temp\Temp1_BullzipPDFPrinter_7_2_0_1304.zip\BullzipPDFPrinter_7_2_0_1304.exe
[2012/01/20 18:36:02 | 007,745,728 | ---- | M] (WindSolutions) -- C:\Users\Vincent\AppData\Local\Temp\Temp1_CopyTransDEv4.821.zip\CopyTrans.exe
[2012/01/09 18:51:19 | 003,973,184 | ---- | M] (FUJITSU LIMITED                                              ) -- C:\Users\Vincent\AppData\Local\Temp\Temp1_FTS_FujitsuHotkeyUtility_3601_1042670.zip\Fujitsu_HotkeyUtility_3.60.1.0\setup.exe
[2011/10/07 16:06:24 | 003,756,544 | ---- | M] () -- C:\Users\Vincent\AppData\Local\Temp\Temp1_paint.net.3.5.10.zip\Paint.NET.3.5.10.Install.exe
[2008/01/18 11:30:56 | 000,142,336 | ---- | M] (Synaptics, Inc.) -- C:\Users\Vincent\AppData\Local\Temp\Temp1_Touchpad_Synaptics_v10.2.4_Vistax32x64_XPx32x64_modded_build2.zip\WinNT5\x64\InstNT.exe
[2006/02/07 09:34:46 | 000,174,080 | ---- | M] (InstallShield Software Corporation) -- C:\Users\Vincent\AppData\Local\Temp\Temp1_Touchpad_Synaptics_v10.2.4_Vistax32x64_XPx32x64_modded_build2.zip\WinNT5\x64\setup.exe
[2008/01/18 10:54:30 | 000,156,160 | ---- | M] () -- C:\Users\Vincent\AppData\Local\Temp\Temp1_Touchpad_Synaptics_v10.2.4_Vistax32x64_XPx32x64_modded_build2.zip\WinNT5\x64\SynAcer.exe
[2008/01/18 10:53:04 | 000,233,472 | ---- | M] (Synaptics, Inc.) -- C:\Users\Vincent\AppData\Local\Temp\Temp1_Touchpad_Synaptics_v10.2.4_Vistax32x64_XPx32x64_modded_build2.zip\WinNT5\x64\SynMood.exe
[2008/01/18 11:04:56 | 001,214,976 | ---- | M] (Synaptics, Inc.) -- C:\Users\Vincent\AppData\Local\Temp\Temp1_Touchpad_Synaptics_v10.2.4_Vistax32x64_XPx32x64_modded_build2.zip\WinNT5\x64\SynTPEnh.exe
[2008/01/18 10:53:56 | 000,241,664 | ---- | M] (Synaptics, Inc.) -- C:\Users\Vincent\AppData\Local\Temp\Temp1_Touchpad_Synaptics_v10.2.4_Vistax32x64_XPx32x64_modded_build2.zip\WinNT5\x64\SynZMetr.exe
[2008/01/18 11:10:36 | 000,327,680 | ---- | M] (Synaptics, Inc.) -- C:\Users\Vincent\AppData\Local\Temp\Temp1_Touchpad_Synaptics_v10.2.4_Vistax32x64_XPx32x64_modded_build2.zip\WinNT5\x64\Tutorial.exe
[2008/01/18 11:30:50 | 000,118,784 | ---- | M] (Synaptics, Inc.) -- C:\Users\Vincent\AppData\Local\Temp\Temp1_Touchpad_Synaptics_v10.2.4_Vistax32x64_XPx32x64_modded_build2.zip\WinNT5\x86\InstNT.exe
[2006/02/07 09:34:46 | 000,174,080 | ---- | M] (InstallShield Software Corporation) -- C:\Users\Vincent\AppData\Local\Temp\Temp1_Touchpad_Synaptics_v10.2.4_Vistax32x64_XPx32x64_modded_build2.zip\WinNT5\x86\setup.exe
[2008/01/18 10:54:26 | 000,139,264 | ---- | M] () -- C:\Users\Vincent\AppData\Local\Temp\Temp1_Touchpad_Synaptics_v10.2.4_Vistax32x64_XPx32x64_modded_build2.zip\WinNT5\x86\SynAcer.exe
[2008/01/18 10:53:04 | 000,233,472 | ---- | M] (Synaptics, Inc.) -- C:\Users\Vincent\AppData\Local\Temp\Temp1_Touchpad_Synaptics_v10.2.4_Vistax32x64_XPx32x64_modded_build2.zip\WinNT5\x86\SynMood.exe
[2008/01/18 11:04:08 | 001,028,096 | ---- | M] (Synaptics, Inc.) -- C:\Users\Vincent\AppData\Local\Temp\Temp1_Touchpad_Synaptics_v10.2.4_Vistax32x64_XPx32x64_modded_build2.zip\WinNT5\x86\SynTPEnh.exe
[2008/01/18 10:53:56 | 000,241,664 | ---- | M] (Synaptics, Inc.) -- C:\Users\Vincent\AppData\Local\Temp\Temp1_Touchpad_Synaptics_v10.2.4_Vistax32x64_XPx32x64_modded_build2.zip\WinNT5\x86\SynZMetr.exe
[2008/01/18 11:10:36 | 000,327,680 | ---- | M] (Synaptics, Inc.) -- C:\Users\Vincent\AppData\Local\Temp\Temp1_Touchpad_Synaptics_v10.2.4_Vistax32x64_XPx32x64_modded_build2.zip\WinNT5\x86\Tutorial.exe
[2006/10/12 17:25:02 | 000,929,248 | ---- | M] (Microsoft Corporation) -- C:\Users\Vincent\AppData\Local\Temp\Temp1_Touchpad_Synaptics_v10.2.4_Vistax32x64_XPx32x64_modded_build2.zip\WinWDF\x64\dpinst.exe
[2008/01/18 11:31:30 | 000,147,752 | ---- | M] (Synaptics, Inc.) -- C:\Users\Vincent\AppData\Local\Temp\Temp1_Touchpad_Synaptics_v10.2.4_Vistax32x64_XPx32x64_modded_build2.zip\WinWDF\x64\InstNT.exe
[2008/01/18 11:31:28 | 000,161,064 | ---- | M] (Synaptics, Inc.) -- C:\Users\Vincent\AppData\Local\Temp\Temp1_Touchpad_Synaptics_v10.2.4_Vistax32x64_XPx32x64_modded_build2.zip\WinWDF\x64\setup.exe
[2008/01/18 10:54:30 | 000,156,160 | ---- | M] () -- C:\Users\Vincent\AppData\Local\Temp\Temp1_Touchpad_Synaptics_v10.2.4_Vistax32x64_XPx32x64_modded_build2.zip\WinWDF\x64\SynAcer.exe
[2008/01/18 10:53:04 | 000,233,472 | ---- | M] (Synaptics, Inc.) -- C:\Users\Vincent\AppData\Local\Temp\Temp1_Touchpad_Synaptics_v10.2.4_Vistax32x64_XPx32x64_modded_build2.zip\WinWDF\x64\SynMood.exe
[2008/01/18 11:31:28 | 001,220,392 | ---- | M] (Synaptics, Inc.) -- C:\Users\Vincent\AppData\Local\Temp\Temp1_Touchpad_Synaptics_v10.2.4_Vistax32x64_XPx32x64_modded_build2.zip\WinWDF\x64\SynTPEnh.exe
[2008/01/18 11:31:32 | 000,119,080 | ---- | M] (Synaptics, Inc.) -- C:\Users\Vincent\AppData\Local\Temp\Temp1_Touchpad_Synaptics_v10.2.4_Vistax32x64_XPx32x64_modded_build2.zip\WinWDF\x64\SynTPHelper.exe
[2008/01/18 10:53:56 | 000,241,664 | ---- | M] (Synaptics, Inc.) -- C:\Users\Vincent\AppData\Local\Temp\Temp1_Touchpad_Synaptics_v10.2.4_Vistax32x64_XPx32x64_modded_build2.zip\WinWDF\x64\SynZMetr.exe
[2008/01/18 11:10:36 | 000,327,680 | ---- | M] (Synaptics, Inc.) -- C:\Users\Vincent\AppData\Local\Temp\Temp1_Touchpad_Synaptics_v10.2.4_Vistax32x64_XPx32x64_modded_build2.zip\WinWDF\x64\Tutorial.exe
[2006/10/12 17:25:02 | 000,794,080 | ---- | M] (Microsoft Corporation) -- C:\Users\Vincent\AppData\Local\Temp\Temp1_Touchpad_Synaptics_v10.2.4_Vistax32x64_XPx32x64_modded_build2.zip\WinWDF\x86\dpinst.exe
[2008/01/18 11:31:24 | 000,124,200 | ---- | M] (Synaptics, Inc.) -- C:\Users\Vincent\AppData\Local\Temp\Temp1_Touchpad_Synaptics_v10.2.4_Vistax32x64_XPx32x64_modded_build2.zip\WinWDF\x86\InstNT.exe
[2008/01/18 11:31:22 | 000,161,064 | ---- | M] (Synaptics, Inc.) -- C:\Users\Vincent\AppData\Local\Temp\Temp1_Touchpad_Synaptics_v10.2.4_Vistax32x64_XPx32x64_modded_build2.zip\WinWDF\x86\setup.exe
[2008/01/18 10:54:26 | 000,139,264 | ---- | M] () -- C:\Users\Vincent\AppData\Local\Temp\Temp1_Touchpad_Synaptics_v10.2.4_Vistax32x64_XPx32x64_modded_build2.zip\WinWDF\x86\SynAcer.exe
[2008/01/18 10:53:04 | 000,233,472 | ---- | M] (Synaptics, Inc.) -- C:\Users\Vincent\AppData\Local\Temp\Temp1_Touchpad_Synaptics_v10.2.4_Vistax32x64_XPx32x64_modded_build2.zip\WinWDF\x86\SynMood.exe
[2008/01/18 11:31:22 | 001,033,512 | ---- | M] (Synaptics, Inc.) -- C:\Users\Vincent\AppData\Local\Temp\Temp1_Touchpad_Synaptics_v10.2.4_Vistax32x64_XPx32x64_modded_build2.zip\WinWDF\x86\SynTPEnh.exe
[2008/01/18 11:31:32 | 000,095,528 | ---- | M] (Synaptics, Inc.) -- C:\Users\Vincent\AppData\Local\Temp\Temp1_Touchpad_Synaptics_v10.2.4_Vistax32x64_XPx32x64_modded_build2.zip\WinWDF\x86\SynTPHelper.exe
[2008/01/18 10:53:56 | 000,241,664 | ---- | M] (Synaptics, Inc.) -- C:\Users\Vincent\AppData\Local\Temp\Temp1_Touchpad_Synaptics_v10.2.4_Vistax32x64_XPx32x64_modded_build2.zip\WinWDF\x86\SynZMetr.exe
[2008/01/18 11:10:36 | 000,327,680 | ---- | M] (Synaptics, Inc.) -- C:\Users\Vincent\AppData\Local\Temp\Temp1_Touchpad_Synaptics_v10.2.4_Vistax32x64_XPx32x64_modded_build2.zip\WinWDF\x86\Tutorial.exe
[2008/12/28 17:47:48 | 016,410,637 | ---- | M] () -- C:\Users\Vincent\AppData\Local\Temp\Temp1_yam-win_1.8.zip\YamiPod.exe
[2008/12/28 17:47:48 | 016,410,637 | ---- | M] () -- C:\Users\Vincent\AppData\Local\Temp\Temp2_yam-win_1.8.zip\YamiPod.exe
[2011/07/16 13:55:30 | 021,073,936 | ---- | M] () -- C:\Users\Vincent\AppData\Local\Temp\VideoLAN\vlc-1.1.11-win32.exe
 
< %allusersprofile%\*.  >
[2012/09/15 21:09:05 | 000,000,000 | ---D | M] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2012/09/14 19:21:03 | 000,000,000 | ---D | M] -- C:\ProgramData\ABBYY
[2012/03/21 12:46:24 | 000,000,000 | ---D | M] -- C:\ProgramData\ACD Systems
[2012/08/24 20:21:44 | 000,000,000 | ---D | M] -- C:\ProgramData\Adobe
[2011/12/26 01:28:49 | 000,000,000 | ---D | M] -- C:\ProgramData\Apple
[2012/01/22 19:21:20 | 000,000,000 | ---D | M] -- C:\ProgramData\Apple Computer
[2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2012/09/14 21:35:01 | 000,000,000 | ---D | M] -- C:\ProgramData\ashampoo
[2012/01/08 22:29:00 | 000,000,000 | ---D | M] -- C:\ProgramData\AVG2012
[2012/01/26 21:59:37 | 000,000,000 | ---D | M] -- C:\ProgramData\Babylon
[2012/01/08 22:19:21 | 000,000,000 | -H-D | M] -- C:\ProgramData\Common Files
[2011/12/26 00:40:53 | 000,000,000 | ---D | M] -- C:\ProgramData\CyberLink
[2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2012/01/08 17:13:03 | 000,000,000 | ---D | M] -- C:\ProgramData\Easy Driver Pro
[2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2012/01/09 03:18:06 | 000,000,000 | ---D | M] -- C:\ProgramData\Fujitsu
[2011/12/25 21:11:02 | 000,000,000 | ---D | M] -- C:\ProgramData\Google
[2012/09/10 20:20:09 | 000,000,000 | ---D | M] -- C:\ProgramData\InstallShield
[2012/10/03 18:19:01 | 000,000,000 | ---D | M] -- C:\ProgramData\MFAData
[2012/01/16 02:07:00 | 000,000,000 | --SD | M] -- C:\ProgramData\Microsoft
[2012/10/15 17:27:20 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft Help
[2012/05/07 08:57:39 | 000,000,000 | ---D | M] -- C:\ProgramData\Mozilla
[2011/12/25 22:36:35 | 000,000,000 | ---D | M] -- C:\ProgramData\Norton
[2011/12/25 20:19:25 | 000,000,000 | ---D | M] -- C:\ProgramData\NortonInstaller
[2011/12/25 22:36:34 | 000,000,000 | ---D | M] -- C:\ProgramData\Partner
[2012/02/06 01:20:07 | 000,000,000 | ---D | M] -- C:\ProgramData\RapidSolution
[2012/09/11 15:31:33 | 000,000,000 | ---D | M] -- C:\ProgramData\Skype
[2012/05/07 07:33:00 | 000,000,000 | ---D | M] -- C:\ProgramData\Sony Corporation
[2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2012/01/22 12:28:02 | 000,000,000 | ---D | M] -- C:\ProgramData\Sun
[2012/01/07 07:42:15 | 000,000,000 | ---D | M] -- C:\ProgramData\Synaptics
[2012/08/24 18:58:26 | 000,000,000 | ---D | M] -- C:\ProgramData\Tarma Installer
[2012/01/22 14:38:04 | 000,000,000 | ---D | M] -- C:\ProgramData\Temp
[2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2012/06/21 20:13:45 | 000,000,000 | ---D | M] -- C:\ProgramData\TerraTec
[2012/07/22 21:58:05 | 000,000,000 | ---D | M] -- C:\ProgramData\TrackMania
[2011/12/26 03:28:05 | 000,000,000 | ---D | M] -- C:\ProgramData\VirtualizedApplications
[2012/09/10 20:19:38 | 000,000,000 | ---D | M] -- C:\ProgramData\Vodafone
[2012/02/07 00:10:49 | 000,000,000 | ---D | M] -- C:\ProgramData\WindSolutions
[2011/12/26 01:31:53 | 000,000,000 | ---D | M] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
 
< %allusersprofile%\*.* >
[2008/05/23 16:48:50 | 000,020,270 | ---- | M] () -- C:\ProgramData\DeviceInstaller.xml
[2008/06/23 12:02:02 | 000,097,410 | R--- | M] () -- C:\ProgramData\DeviceManager.xml.rc4
 
< %allusersprofile%\*.exe /s >
[2012/08/21 12:01:28 | 001,977,816 | ---- | M] (GEAR Software, Inc.) -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69\GEARDIFx.exe
[2012/08/21 12:01:20 | 000,131,544 | ---- | M] (GEAR Software, Inc.) -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\DifXInst64.exe
[2012/01/03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\Reader\9.4\ARM\5513\AcrobatUpdater.exe
[2012/01/03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\Reader\9.4\ARM\5513\AdobeARM.exe
[2012/01/03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\Reader\9.4\ARM\5513\AdobeARMHelper.exe
[2012/01/03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\Reader\9.4\ARM\5513\ReaderUpdater.exe
[2012/01/03 18:46:15 | 000,345,520 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\Setup\{AC76BA86-7AD7-1031-7B44-A95000000001}\Setup.exe
[2012/01/03 18:44:25 | 000,342,984 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\Setup\{AC76BA86-7AD7-1031-7B44-AA1000000001}\setup.exe
[2012/09/15 21:04:19 | 000,073,624 | ---- | M] (Apple Inc.) -- C:\ProgramData\Apple Computer\Installer Cache\iTunes 10.7.0.21\SetupAdmin.exe
[2011/12/26 03:42:57 | 000,073,584 | ---- | M] (Apple Inc.) -- C:\ProgramData\Apple Computer\Installer Cache\Safari 5.34.52.7\SetupAdmin.exe
[2012/03/08 17:18:22 | 000,073,584 | ---- | M] (Apple Inc.) -- C:\ProgramData\Apple Computer\Installer Cache\Safari 5.34.54.16\SetupAdmin.exe
[2012/04/10 20:53:32 | 000,073,584 | ---- | M] (Apple Inc.) -- C:\ProgramData\Apple Computer\Installer Cache\Safari 5.34.55.3\SetupAdmin.exe
[2012/07/04 06:10:27 | 000,073,584 | ---- | M] (Apple Inc.) -- C:\ProgramData\Apple Computer\Installer Cache\Safari 5.34.57.2\SetupAdmin.exe
[2009/10/09 13:51:22 | 003,973,184 | ---- | M] (FUJITSU LIMITED                                              ) -- C:\ProgramData\Fujitsu\DeskUpdate\1042670\setup.exe
[2009/12/24 12:46:40 | 016,024,872 | ---- | M] (CSR Plc.                                                     ) -- C:\ProgramData\Fujitsu\DeskUpdate\1046746\setup.exe
[2010/06/23 17:20:32 | 000,283,024 | ---- | M] (FUJITSU LIMITED) -- C:\ProgramData\Fujitsu\DeskUpdate\1052689\Setup.exe
[2012/01/09 03:19:26 | 003,715,072 | ---- | M] () -- C:\ProgramData\Fujitsu\DeskUpdate\download\files\1042670_fujitsu_3_60_1.exe
[2012/01/09 03:19:55 | 015,872,000 | ---- | M] () -- C:\ProgramData\Fujitsu\DeskUpdate\download\files\1046746_csr_5_0_14.exe
[2012/01/09 03:19:42 | 019,275,776 | ---- | M] () -- C:\ProgramData\Fujitsu\DeskUpdate\download\files\1052689_fujitsu_5_3_0_1.exe
[2010/03/12 04:50:30 | 001,100,664 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Microsoft\OEMOffice14\Office14\setup.exe
[2010/03/24 01:51:52 | 000,838,536 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Microsoft\OEMOffice14\Office14\Office.de-de\DW20.EXE
[2010/03/24 01:51:58 | 000,519,584 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Microsoft\OEMOffice14\Office14\Office.de-de\dwtrig20.exe
[2010/03/16 10:34:53 | 000,149,352 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Microsoft\OEMOffice14\Office14\SingleImage.WW\ose.exe
[2010/02/28 10:33:12 | 005,336,456 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Microsoft\OEMOffice14\OStarter\de-de\Office.exe
[2010/03/31 02:20:14 | 001,629,584 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Microsoft\OEMOffice14\OStarter\de-de\SetupConsumerC2R.exe
[2010/03/31 02:20:14 | 001,629,584 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Microsoft\OEMOffice14\OStarter\de-de\SetupConsumerC2ROLW.exe
[2011/11/16 00:16:48 | 005,590,528 | ---- | M] (Jeffrey Harris) -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePod.exe
[2011/03/11 04:29:12 | 000,227,984 | R-S- | M] (Tarma Software Research Pty Ltd) -- C:\ProgramData\Tarma Installer\{ED7702F7-093C-4968-8B84-3CF5D1A3F23D}\Setup.exe
[2011/12/25 20:09:51 | 000,036,864 | ---- | M] ( ) -- C:\ProgramData\Temp\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\PostBuild.exe
 
<           >
[2009/07/14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009/07/14 06:08:49 | 000,031,622 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/04/19 21:52:04 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012/05/17 17:32:45 | 000,001,108 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012/05/17 17:32:45 | 000,001,112 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012/09/12 07:55:31 | 000,001,076 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1655660024-2649062184-858687661-1000Core.job
[2012/09/12 07:55:31 | 000,001,128 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1655660024-2649062184-858687661-1000UA.job
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 151 bytes -> C:\ProgramData\Temp:DBC416F8

< End of report >
         

ja sry für das durcheinander, habe das erste ausversehen im alten beitrag eingefügt als edit und das andere 2 mal gepostet... jetzt müsste es stimmen (?)

Morgen! Du hast mir zweimal die OTL.txt gepostet. Ich bräuchte noch die extras.txt bevor es losgeht.

[QUOTE=VHSK;949744]ja sry für das durcheinander, habe das erste ausversehen im alten beitrag eingefügt als edit und das andere 2 mal gepostet... jetzt müsste es stimmen (?)

Alles klar, dann noch tdsskiller-log und dann gehts los

keine datei ausgeworfen
laptop ist iwie wieder normal schnell im moment