| |
| |||||||
Log-Analyse und Auswertung: Google Suchergebnisse - leitet beim Klick auf das Suchergebnis umWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
02.11.2012, 04:11
| #1 |
| |  Google Suchergebnisse - leitet beim Klick auf das Suchergebnis um Ein herzliches Hallo zusammen, mein Problem ist folgendes. Habe einen PC (Windows 7 32bit) beim dem man wenn man auf Google zB. Aldi eingibt dann beim anklicken der Suchergebnisse entweder auf Porno-seiten oder Verkaufs-seiten kommt. Kaspersky und Malewarebytest haben nichts gefunden. Dazu ist auch noch der Windows Sicherheitscenter deaktiviert. Ich habe den Dienst schon auf "Starten" gesetzt gehabt aber kurz danach ist er wieder deaktiviert. Hier erstmal CCleaner Logfile Code:
ATTFilter ABACUS Arag IT GmbH 02.11.2012
Adobe AIR Adobe Systems Incorporated 02.11.2012 3.2.0.2070
Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 02.11.2012 6,00MB 11.4.402.287
Adobe Flash Player 11 Plugin Adobe Systems Incorporated 02.11.2012 6,00MB 11.4.402.287
Adobe Reader X (10.1.4) - Deutsch Adobe Systems Incorporated 16.08.2012 124MB 10.1.4
AIDA64 Extreme Edition v1.20 FinalWire Ltd. 09.02.2011 20,1MB 1.20
Angebots Msi Canada Life Assurance (Irl) Ltd 13.09.2011 133MB 14.0.00
AOWin2010 02.11.2012
AOWin2010 09.02.2011
Apple Application Support Apple Inc. 17.09.2012 64,4MB 2.2.2
Apple Mobile Device Support Apple Inc. 17.09.2012 23,1MB 6.0.0.59
Apple Software Update Apple Inc. 21.07.2011 2,38MB 2.1.3.127
AquaSoft PhotoKalender 3 AquaSoft 02.11.2012 3.6.03
ASC Easy 3.9.3 ASC GmbH 03.08.2011 207MB
ASC Easy Update auf Version 4.5.0 ASC Assekuranz Service Center GmbH 09.10.2012 70,6MB
AXA Beratungstechnologie AXA Konzern AG 04.07.2012 196MB 12.1.0
BB-Euro-Tarifrechner 02.11.2012 1.0
Beratungsprogramme W&W-Konzern 02.11.2012
Bonjour Apple Inc. 12.10.2011 1,04MB 3.0.0.10
Brother P-touch Address Book 1.1 Brother Industries, Ltd. 05.06.2012 11,7MB 1.1.100
Brother P-touch Editor 5.0 Brother Industries, Ltd. 05.06.2012 22,3MB 5.0.110
CardMinder PFU 20.07.2011 V4.1L10
CCleaner Piriform 24.10.2012 3.24
CleverPrint Abelssoft GmbH 27.07.2011 2.00
CodedColor FotoStudio 2010, 6.1.2 1STEIN 02.12.2011 76,0MB
CONDOR Angebotssystem Condor Versicherungsgruppe 02.11.2012 09/2012
Data Access Objects (DAO) 3.5 02.11.2012
DB_Firebird 1.5.0.4306 02.11.2012
DHTML Editing Component Microsoft Corporation 01.04.2011 554KB 6.02.0001
Dialog Tarifprogramm Dialog Lebensversicherungs-AG 06.12.2011 216MB 1.26.0008
Dir-It! Wirth New Media Sarl 31.03.2011 630KB 4.00.0000
Direkt Foto System 3.x 04.11.2011 270MB
ELBE SL SLP 02.11.2012 1.22.0.357 13.06.2012
ElektrALight DKV ein Unternehmen der ERGO Versicherungsgruppe 06.09.2012 32,5MB 12.10
Firebird SQL Server - MAGIX Edition MAGIX AG 23.01.2012 10,1MB 2.1.27.0
FUJIFILM MyFinePix Studio 2.0 15.08.2011
Fujitsu NetCOBOL Free Run-time FUJITSU LIMITED 05.09.2012 7,71MB 9.0.0020.0000
Garmin Communicator Plugin Garmin Ltd or its subsidiaries 25.09.2012 14,6MB 4.0.3
Geldgeschenke DruckShop 02.11.2012
Generali Versicherungen Beratungssoftware 02.11.2012
GEWA KV-Rational 02.11.2012
GEWA KVRATIO 02.11.2012
Google Chrome Google Inc. 06.07.2012 22.0.1229.94
Google Earth Google 21.11.2011 92,7MB 6.1.0.5001
Gothaer Softwarepaket, komplette Deinstallation 02.11.2012
HanseMerkur ISA Makler HanseMerkur Krankenversicherung AG 02.11.2012 1.5.0
HanseMerkur ISA Service Extensions Hanse Merkur 14.05.2012 7,28MB 1.1.4
HanseMerkur-Tarife 02.11.2012
Hardcopy (C:\Program Files\Hardcopy) www.hardcopy.de 02.11.2012 2011.07.02
Helvetia Porta Helvetia Versicherungen Deutschland 02.11.2012
HP Product Detection Hewlett-Packard Company 20.07.2011 1,90MB 10.7.9.0
iCloud Apple Inc. 08.10.2012 47,4MB 2.0.2.187
InterRisk WinRisk 4.9.0 InterRisk Versicherungs-AG Vienna Insurance Group, InterRisk Lebensversicherungs-AG Vienna Insurance Group 28.10.2011 406MB 4.9.246.0
IrfanView (remove only) Irfan Skiljan 02.11.2012 1,50MB 4.30
iTunes Apple Inc. 17.09.2012 180MB 10.7.0.21
Janitos Offline-Tarifrechner 3.2.4.0 Fairware24 23.12.2011
Java 2 Runtime Environment, SE v1.4.2_10 Sun Microsystems, Inc. 11.08.2011 131MB 1.4.2_10
Java 7 Update 9 Oracle 31.08.2012 128MB 7.0.90
Kaspersky Anti-Virus 2013 Kaspersky Lab 02.11.2012 13.0.1.4190
klickTel Telefon- und Branchenbuch + Rückwärtssuche Herbst 2010 telegate MEDIA AG 09.02.2011 1.00.0000
klickTel Telefon- und Branchenbuch + Rückwärtssuche Herbst 2011 telegate MEDIA AG 29.07.2011 1.00.0000
KS-Win 2008 Kraftfahrerschutz e.V. 02.11.2012 1.4.42
KUBUS light ERGO ITERGO 05.04.2012 2,27GB 12.10
LAN-Fax Dienstprogramme 02.11.2012
MAGIX 3D Maker (embedded MSI) MAGIX AG 23.01.2012 19,8MB 6.0.0.8
MAGIX Foto Premium 9 MAGIX AG 02.11.2012 9.0.3.2
MAGIX Online Druck Service MAGIX AG 23.01.2012 10,2MB 3.4.3.0
MAGIX Screenshare MAGIX AG 23.01.2012 1,43MB 4.3.6.1987
MAGIX Speed 2 (MSI) MAGIX AG 23.01.2012 57,9MB 6.0.1.4
MAGIX Xtreme Grafik Designer 5 MAGIX AG 02.11.2012 5.1.2.10977
MailStore Home 5.0.1.6919 deepinvent Software GmbH 24.01.2012 24,1MB 5.0.1.6919
Maitre Swiss Life Partner 02.11.2012 1.14.0.180
MEAG-Angebotssoftware MEAG 05.04.2012 22,5MB 1.79.4
Microsoft .NET Framework 1.1 02.11.2012
Microsoft .NET Framework 1.1 German Language Pack 02.11.2012
Microsoft .NET Framework 4 Client Profile 09.02.2011 220MB
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 02.11.2012 38,8MB 4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack 09.02.2011
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 02.11.2012 2,93MB 4.0.30319
Microsoft .NET Framework 4 Extended 09.02.2011 94,8MB
Microsoft .NET Framework 4 Extended Microsoft Corporation 02.11.2012 51,9MB 4.0.30319
Microsoft Access 2000 SR-1 Runtime Microsoft Corporation 03.08.2011 44,8MB 9.00.3821
Microsoft Dynamics CRM 2011 für Microsoft Office Outlook Microsoft Corporation 02.11.2012 5.0.9690.2243
Microsoft IntelliType Pro 8.2 Microsoft Corporation 02.11.2012 8.20.469.0
Microsoft LifeCam Microsoft Corporation 09.02.2011 49,9MB 3.22.270.0
Microsoft Office File Validation Add-In Microsoft Corporation 16.09.2011 7,95MB 14.0.5130.5003
Microsoft Office Live Add-in 1.5 Microsoft Corporation 02.05.2012 508KB 2.0.4024.1
Microsoft Office Outlook Connector Microsoft Corporation 01.09.2011 3,36MB 14.0.5118.5000
Microsoft Office Professional Plus 2007 Microsoft Corporation 02.11.2012 12.0.6612.1000
Microsoft Online Services-Anmeldeassistent Microsoft Corporation 30.05.2012 3,63MB 7.250.4287.0
Microsoft ReportViewer 2010 Redistributable Microsoft Corporation 29.05.2012 12,4MB 10.0.30319
Microsoft Silverlight Microsoft Corporation 15.05.2012 142MB 5.1.10411.0
Microsoft SQL Server 2005 Microsoft Corporation 02.11.2012
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 01.09.2011 1,69MB 3.1.0000
Microsoft SQL Server 2008 Microsoft Corporation 02.11.2012
Microsoft SQL Server 2008 Browser Microsoft Corporation 31.10.2012 8,03MB 10.3.5500.0
Microsoft SQL Server 2008 Native Client Microsoft Corporation 31.10.2012 3,27MB 10.3.5500.0
Microsoft SQL Server Compact 3.5 SP2 DEU Microsoft Corporation 29.05.2012 3,69MB 3.5.8082.0
Microsoft SQL Server Native Client Microsoft Corporation 10.04.2012 2,60MB 9.00.5000.00
Microsoft SQL Server Setup Support Files (English) Microsoft Corporation 10.04.2012 24,5MB 9.00.5000.00
Microsoft SQL Server VSS Writer Microsoft Corporation 31.10.2012 2,18MB 10.3.5500.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 17.06.2011 252KB 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 12.07.2011 300KB 8.0.59193
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 28.10.2011 234KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 27.09.2011 238KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 31.05.2011 596KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 12.07.2011 600KB 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Corporation 31.10.2012 11,0MB 10.0.30319
Microsoft Windows Media Video 9 VCM 02.11.2012
Microsoft Works 6-9 Converter Microsoft Corporation 13.04.2012 4,56MB 14.0.6120.5002
Microsoft XML Parser 19.07.2011 66,0KB 1.00.0000
MKVWin 12-1 10.10.2011 MKVWin 12-1
MobileMe Control Panel Apple Inc. 24.10.2011 12,9MB 3.1.8.0
MotoHelper 2.1.32 Driver 5.4.0 Motorola 02.11.2012 2.1.32
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 20.07.2011 35,0KB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 20.07.2011 1,33MB 4.20.9876.0
MV-Makler-und-ADP 02.11.2012
myphotobook.de myphotobook GmbH 02.11.2012 1.3.0
MÜNCHENER VEREIN Software-Service 02.11.2012
Nero Burning ROM 10 Nero AG 13.09.2011 168MB 10.6.10600
Nero BurnRights 10 Nero AG 13.09.2011 6,14MB 4.4.10300.1.100
Outlook Backup Assistant 5 (Vollversion) Priotecs IT GmbH 31.03.2011 5,93MB 5.0
PhotoCleaner 02.11.2012
Pixpedia Publisher 3.1.1 1STEIN Corp. 02.12.2011 34,3MB
POLARIS 02.11.2012
Power Druckstudio Gold 1 13.09.2012 454MB
QuickTime Apple Inc. 21.05.2012 73,2MB 7.72.80.56
RAF FUJIFILM Corporation 15.08.2011 1.00.0001
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 02.11.2012 6.0.1.5910
RSA SecurID Software Token RSA, The Security Division of EMC 29.09.2011 19,9MB 4.1.0
RSA Smart Card Middleware 3.5 RSA, The Security Division of EMC 29.09.2011 13,2MB 3.5.3.36
RuntimeInstallieren SIGNAL IDUNA 20.07.2011 2,28MB 1.20.0001
RV-Win 02.11.2012
ScanSnap Manager PFU 20.07.2011 V5.0L21
ScanSnap Organizer PFU 20.07.2011 V4.1L11
ScanSoft PDF Converter 3.0 ScanSoft, Inc 04.10.2011 78,3MB 3.00.0002
SDK - Angebotsprogramm Süddeutsche Krankenversicherung a.G. 15.08.2012 583MB 12.07.30
SIGNAL IDUNA Beratungssoftware freie Vertriebe SIGNAL IDUNA Gruppe 02.11.2012 012.33.0001
Skype™ 5.10 Skype Technologies S.A. 13.09.2012 19,4MB 5.10.116
SQLAnywhere11 02.11.2012
Swiss Life BeraterBüro Intelligent Solution Services AG 05.09.2012 191MB 7.45.0271
Swiss Life EVA 02.11.2012
T-Online 6.0 02.11.2012
TeamViewer 7 TeamViewer 02.11.2012 7.0.15723
trixiKfz trixi informationssysteme GmbH 30.05.2011 46,0MB 17.00.0000
Unterstützungsdateien für Microsoft SQL Server 2008-Setup Microsoft Corporation 31.10.2012 30,0MB 10.3.5500.0
Vereins-Verwaltung Dr. Hartmut Braun 02.11.2012 11.6.07.12
VHV Maklerverwaltungsprogramm VHV Allgemeine Versicherung AG 08.02.2012 1.1.7.0
VHV RECOMAX VHV Allgemeine Versicherung AG 16.01.2012 7.00
VHV-Tarifprogramm VHV Allgemeine Versicherung AG 20.09.2012 50.0.37
VIA-P 12.20 ITERGO GmbH 03.07.2012 2,85GB 12.20
VorsorgePLANER Software für Vorsorge und Finanzplanung GmbH & Co. KG 13.09.2011 123MB 1.0
WebKIS Offline 02.11.2012
Windows Live Essentials Microsoft Corporation 01.09.2011 15.4.3538.0513
Windows Live Mesh ActiveX control for remote connections Microsoft Corporation 01.09.2011 5,57MB 15.4.5722.2
Windows-Treiberpaket - Microsoft (USBCCID) SmartCardReader (05/17/2005 5.2.3790.2444) Microsoft 02.11.2012 05/17/2005 5.2.3790.2444
WinRAR 4.11 (32-Bit) win.rar GmbH 02.11.2012 4.11.0
Zoner Photo Studio 12 ZONER software 02.12.2011 164MB 12.0.1.10
Hier die OTL Datei Code:
ATTFilter OTL logfile created on: 02.11.2012 03:51:27 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Scheuer\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,25 Gb Total Physical Memory | 1,65 Gb Available Physical Memory | 50,77% Memory free 6,50 Gb Paging File | 4,75 Gb Available in Paging File | 73,15% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 292,97 Gb Total Space | 195,77 Gb Free Space | 66,82% Space Free | Partition Type: NTFS Drive E: | 7,53 Gb Total Space | 1,42 Gb Free Space | 18,85% Space Free | Partition Type: NTFS Drive F: | 172,79 Gb Total Space | 116,20 Gb Free Space | 67,25% Space Free | Partition Type: NTFS Drive G: | 962,07 Mb Total Space | 484,32 Mb Free Space | 50,34% Space Free | Partition Type: FAT32 Computer Name: HAUPT-PC | User Name: Scheuer | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Scheuer\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\TeamViewer\Version7\TeamViewer.exe (TeamViewer GmbH) PRC - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Program Files\TeamViewer\Version7\tv_w32.exe (TeamViewer GmbH) PRC - C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.) PRC - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe (Kaspersky Lab ZAO) PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation) PRC - C:\Program Files\Microsoft Dynamics CRM\Client\bin\CrmSqlStartupSvc.exe (Microsoft Corporation) PRC - C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe () PRC - C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe () PRC - F:\Versicherungen\InterRisk\WinRiskXA\client\bin\BWUpdater.exe (BISS GmbH) PRC - C:\Program Files\Hardcopy\hardcopy.exe (sw4you, Siegfried Weckmann) PRC - C:\Program Files\Hardcopy\hcdll2_ex_Win32.exe () PRC - F:\Versicherungen\KOSYMA\update\bserver3.exe (Brainstorm Informatik GmbH) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Program Files\Common Files\RSA Shared\RSA Card Conversion Utility\RSACardConversionUtility.exe (RSA, The Security Division of EMC.) PRC - C:\Program Files\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation) PRC - C:\Program Files\PFU\ScanSnap\Driver\PfuSsMon.exe (PFU LIMITED) PRC - C:\Windows\SSDriver\fi5110\SsWiaChecker.exe (PFU LIMITED) PRC - C:\Program Files\PFU\ScanSnap\CardMinder\CardLauncher.exe (PFU LIMITED) PRC - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) PRC - C:\Windows\System32\atieclxx.exe (AMD) PRC - C:\Windows\System32\atiesrxx.exe (AMD) PRC - C:\Windows\System32\PrintDisp.exe (ActMask Co.,Ltd - hxxp://www.all2pdf.com) PRC - C:\Windows\System32\PrintCtrl.exe (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) PRC - F:\Versicherungen\WebKIS\Tomcat\bin\tomcat5.exe (Apache Software Foundation) PRC - C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe (The Firebird Project) PRC - C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe (The Firebird Project) ========== Modules (No Company Name) ========== MOD - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\dblite.dll () MOD - C:\Program Files\WinRAR\rarext.dll () MOD - C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe () MOD - C:\Program Files\Hardcopy\HcDllS.dll () MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\Program Files\Hardcopy\hcdll2_ex_Win32.exe () MOD - C:\Program Files\Hardcopy\hardcopy_03.dll () MOD - C:\Program Files\Hardcopy\HcDLL2_30_Win32.dll () MOD - C:\Program Files\PFU\ScanSnap\Driver\PfuSsConfig.dll () MOD - C:\Program Files\PFU\ScanSnap\Driver\PfuSsExtention.dll () MOD - C:\Program Files\PFU\ScanSnap\CardMinder\CardPath.dll () MOD - C:\Program Files\PFU\ScanSnap\CardMinder\0407\CardConfig0407.dll () MOD - C:\Program Files\PFU\ScanSnap\Driver\SSsltsa.dll () MOD - C:\Program Files\PFU\ScanSnap\Driver\PfuSsImgIO.dll () ========== Services (SafeList) ========== SRV - (TeamViewer7) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (AVP) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe (Kaspersky Lab ZAO) SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies) SRV - (WinRiskXAAppService) -- F:\Versicherungen\InterRisk\WinRiskXA\server\bin\WinRiskXAServer.exe () SRV - (CrmSqlStartupSvc) -- C:\Program Files\Microsoft Dynamics CRM\Client\bin\CrmSqlStartupSvc.exe (Microsoft Corporation) SRV - (MotoHelper) -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe () SRV - (WinRiskXAServiceHandler) -- F:\Versicherungen\InterRisk\WinRiskXA\client\bin\BWServiceHandler.exe () SRV - (WinRiskXASoftwareUpdate) -- F:\Versicherungen\InterRisk\WinRiskXA\client\bin\BWUpdater.exe (BISS GmbH) SRV - (BserverDienst) -- F:\Versicherungen\KOSYMA\update\bserver3.exe (Brainstorm Informatik GmbH) SRV - (MSCamSvc) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation) SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation) SRV - (c2wts) -- C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe (Microsoft Corporation) SRV - (Fabs) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (Printer Control) -- C:\Windows\System32\PrintCtrl.exe (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®) SRV - (ApacheTomcatKLV) -- F:\Versicherungen\WebKIS\Tomcat\bin\tomcat5.exe (Apache Software Foundation) SRV - (ARAGHSQL) -- F:\Versicherungen\DB\ABACUS\fp\HsqlService.exe (Multiplan Consultants Limited) SRV - (FirebirdServerDefaultInstance) -- C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe (The Firebird Project) SRV - (FirebirdGuardianDefaultInstance) -- C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe (The Firebird Project) ========== Driver Services (SafeList) ========== DRV - (VGPU) -- System32\drivers\rdvgkmd.sys File not found DRV - (KLIF) -- C:\Windows\System32\drivers\klif.sys (Kaspersky Lab) DRV - (klmouflt) -- C:\Windows\System32\drivers\klmouflt.sys (Kaspersky Lab) DRV - (klkbdflt) -- C:\Windows\System32\drivers\klkbdflt.sys (Kaspersky Lab) DRV - (kneps) -- C:\Windows\System32\drivers\kneps.sys (Kaspersky Lab) DRV - (KLIM6) -- C:\Windows\System32\drivers\klim6.sys (Kaspersky Lab ZAO) DRV - (KL1) -- C:\Windows\System32\drivers\kl1.sys (Kaspersky Lab ZAO) DRV - (kltdi) -- C:\Windows\System32\drivers\kltdi.sys (Kaspersky Lab) DRV - (Synth3dVsc) -- C:\Windows\System32\drivers\Synth3dVsc.sys (Microsoft Corporation) DRV - (SSHDRV86) -- C:\Windows\System32\drivers\SSHDRV86.sys () DRV - (RsFx0105) -- C:\Windows\System32\drivers\RsFx0105.sys (Microsoft Corporation) DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation) DRV - (tsusbhub) -- C:\Windows\System32\drivers\tsusbhub.sys (Microsoft Corporation) DRV - (dmvsc) -- C:\Windows\System32\drivers\dmvsc.sys (Microsoft Corporation) DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation) DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation) DRV - (TsUsbGD) -- C:\Windows\System32\drivers\TsUsbGD.sys (Microsoft Corporation) DRV - (terminpt) -- C:\Windows\System32\drivers\terminpt.sys (Microsoft Corporation) DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation) DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation) DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://nachrichten.t-online.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKCU\..\SearchScopes,DefaultScope = {0118E0F7-9F49-4502-AA50-52CF776CA330} IE - HKCU\..\SearchScopes\{0118E0F7-9F49-4502-AA50-52CF776CA330}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.* ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll File not found FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Scheuer\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Scheuer\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\content_blocker@kaspersky.com [2012.11.02 01:57:34 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\url_advisor@kaspersky.com [2012.11.02 01:57:35 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\virtual_keyboard@kaspersky.com [2012.11.02 01:57:35 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\virtualKeyboard@kaspersky.ru [2012.11.02 03:17:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2012.11.02 02:00:41 | 000,000,000 | ---D | M] (QuickStores-Toolbar) -- C:\Program Files\mozilla firefox\extensions\quickstores@quickstores.de ========== Chrome ========== CHR - homepage: hxxp://nachrichten.t-online.de/ CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: hxxp://nachrichten.t-online.de/ CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Scheuer\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Scheuer\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Scheuer\AppData\Local\Google\Chrome\Application\22.0.1229.94\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Scheuer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Scheuer\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\plugin/npVKPlugin.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Scheuer\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - Extension: YouTube = C:\Users\Scheuer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google-Suche = C:\Users\Scheuer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Modul zur Link-Untersuchung = C:\Users\Scheuer\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\ CHR - Extension: Modul zur Link-Untersuchung = C:\Users\Scheuer\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0\ CHR - Extension: SiteRanker = C:\Users\Scheuer\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgldkplledicnbnnliodeffobaiaodaf\1.0.0.0_0\ CHR - Extension: Virtuelle Tastatur = C:\Users\Scheuer\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\ CHR - Extension: Virtuelle Tastatur = C:\Users\Scheuer\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4190_0\ CHR - Extension: Google Mail = C:\Users\Scheuer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2012.11.01 10:19:18 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No CLSID value found. O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [PDF3 Registry Controller] C:\Program Files\ScanSoft\PDF Converter 3.0\RegistryController.exe (ScanSoft, Inc.) O4 - HKLM..\Run: [PrintDisp] C:\Windows\System32\PrintDisp.exe (ActMask Co.,Ltd - hxxp://www.all2pdf.com) O4 - HKLM..\Run: [RSA Card Conversion Utility] C:\Program Files\Common Files\RSA Shared\RSA Card Conversion Utility\RSACardConversionUtility.exe (RSA, The Security Division of EMC.) O4 - HKLM..\Run: [ScanSnap WIA Service Checker] C:\Windows\SSDriver\fi5110\SsWiaChecker.exe (PFU LIMITED) O4 - HKLM..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" File not found O4 - HKLM..\RunOnce: [BrowserChoice] C:\Windows\System32\browserchoice.exe (Microsoft Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: vhv.de ([maxnet] https in Vertrauenswürdige Sites) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 10.9.2) O16 - DPF: {CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.4.2/jinstall-1_4_2_10-windows-i586.cab (Java Plug-in 1.4.2_10) O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 1.7.0_09) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 1.7.0_09) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/4.0.3.0/GarminAxControl_32.CAB (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{253A9CB9-9CF4-4CB4-A6C9-48ED5393596E}: DhcpNameServer = 193.189.244.225 193.189.244.206 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ADC195FF-FC71-43F2-BE2B-816D64DB9611}: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30 - LSA: Security Packages - (msoidssp) - C:\Windows\System32\msoidssp.dll (Microsoft Corp.) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2011.08.17 09:16:35 | 000,000,107 | ---- | M] () - E:\autorun.inf -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.11.02 03:39:12 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Scheuer\Desktop\OTL.exe [2012.11.02 03:35:07 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe [2012.11.02 03:32:36 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe [2012.11.02 03:06:02 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll [2012.11.02 03:06:02 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll [2012.11.02 03:05:51 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll [2012.11.02 03:05:51 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll [2012.11.02 03:05:51 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll [2012.11.02 03:03:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2012.11.02 03:03:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2012.11.02 03:03:46 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien [2012.11.02 03:03:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2012.11.02 03:03:46 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2012.11.02 03:03:46 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2012.11.02 03:03:46 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2012.11.02 03:03:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2012.11.02 03:03:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2012.11.02 03:01:12 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll [2012.11.02 03:01:12 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe [2012.11.02 01:49:00 | 000,000,000 | --SD | C] -- C:\Users\Scheuer\AppData\Roaming\Microsoft [2012.11.02 01:49:00 | 000,000,000 | R--D | C] -- C:\Users\Scheuer\Videos [2012.11.02 01:49:00 | 000,000,000 | R--D | C] -- C:\Users\Scheuer\Saved Games [2012.11.02 01:49:00 | 000,000,000 | R--D | C] -- C:\Users\Scheuer\Pictures [2012.11.02 01:49:00 | 000,000,000 | R--D | C] -- C:\Users\Scheuer\Music [2012.11.02 01:49:00 | 000,000,000 | R--D | C] -- C:\Users\Scheuer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012.11.02 01:49:00 | 000,000,000 | R--D | C] -- C:\Users\Scheuer\Links [2012.11.02 01:49:00 | 000,000,000 | R--D | C] -- C:\Users\Scheuer\Favorites [2012.11.02 01:49:00 | 000,000,000 | R--D | C] -- C:\Users\Scheuer\Downloads [2012.11.02 01:49:00 | 000,000,000 | R--D | C] -- C:\Users\Scheuer\Documents [2012.11.02 01:49:00 | 000,000,000 | R--D | C] -- C:\Users\Scheuer\Desktop [2012.11.02 01:49:00 | 000,000,000 | R--D | C] -- C:\Users\Scheuer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012.11.02 01:49:00 | 000,000,000 | -HSD | C] -- C:\Users\Scheuer\Vorlagen [2012.11.02 01:49:00 | 000,000,000 | -HSD | C] -- C:\Users\Scheuer\AppData\Local\Verlauf [2012.11.02 01:49:00 | 000,000,000 | -HSD | C] -- C:\Users\Scheuer\AppData\Local\Temporary Internet Files [2012.11.02 01:49:00 | 000,000,000 | -HSD | C] -- C:\Users\Scheuer\Startmenü [2012.11.02 01:49:00 | 000,000,000 | -HSD | C] -- C:\Users\Scheuer\SendTo [2012.11.02 01:49:00 | 000,000,000 | -HSD | C] -- C:\Users\Scheuer\Recent [2012.11.02 01:49:00 | 000,000,000 | -HSD | C] -- C:\Users\Scheuer\Netzwerkumgebung [2012.11.02 01:49:00 | 000,000,000 | -HSD | C] -- C:\Users\Scheuer\Lokale Einstellungen [2012.11.02 01:49:00 | 000,000,000 | -HSD | C] -- C:\Users\Scheuer\Documents\Eigene Videos [2012.11.02 01:49:00 | 000,000,000 | -HSD | C] -- C:\Users\Scheuer\Documents\Eigene Musik [2012.11.02 01:49:00 | 000,000,000 | -HSD | C] -- C:\Users\Scheuer\Eigene Dateien [2012.11.02 01:49:00 | 000,000,000 | -HSD | C] -- C:\Users\Scheuer\Documents\Eigene Bilder [2012.11.02 01:49:00 | 000,000,000 | -HSD | C] -- C:\Users\Scheuer\Druckumgebung [2012.11.02 01:49:00 | 000,000,000 | -HSD | C] -- C:\Users\Scheuer\Cookies [2012.11.02 01:49:00 | 000,000,000 | -HSD | C] -- C:\Users\Scheuer\AppData\Local\Anwendungsdaten [2012.11.02 01:49:00 | 000,000,000 | -HSD | C] -- C:\Users\Scheuer\Anwendungsdaten [2012.11.02 01:49:00 | 000,000,000 | -H-D | C] -- C:\Users\Scheuer\AppData [2012.11.02 01:49:00 | 000,000,000 | ---D | C] -- C:\Users\Scheuer\AppData\Local\Temp [2012.11.02 01:49:00 | 000,000,000 | ---D | C] -- C:\Users\Scheuer\AppData\Local\Microsoft [2012.11.02 01:49:00 | 000,000,000 | ---D | C] -- C:\Users\Scheuer\AppData\Roaming\Media Center Programs [2012.11.02 01:47:53 | 000,000,000 | ---D | C] -- C:\Windows\System32\URTTEMP [2012.11.02 01:47:45 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2012.11.02 01:47:42 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2012.11.02 01:45:18 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM [2012.11.02 01:45:18 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2012.11.02 01:42:14 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2012.11.02 01:40:20 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2012.11.02 01:29:31 | 000,000,000 | -H-D | C] -- C:\$WINDOWS.~Q [2012.11.02 01:19:08 | 000,000,000 | -H-D | C] -- C:\$INPLACE.~TR [2012.11.01 23:59:29 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2012.11.01 23:53:44 | 000,000,000 | ---D | C] -- C:\Users\Scheuer\AppData\Local\VS Revo Group [2012.11.01 23:22:15 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker [2012.11.01 22:14:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Sophos [2012.11.01 22:07:52 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012.11.01 22:02:04 | 000,000,000 | ---D | C] -- C:\Users\Scheuer\AppData\Roaming\Runscanner.net [2012.11.01 22:01:59 | 000,000,000 | ---D | C] -- C:\Users\Scheuer\AppData\Roaming\LavasoftStatistics [2012.11.01 22:00:54 | 000,000,000 | ---D | C] -- C:\Users\Scheuer\AppData\Roaming\Ad-Aware Antivirus [2012.11.01 21:54:37 | 000,000,000 | ---D | C] -- C:\Program Files\Emsisoft Anti-Malware [2012.11.01 21:54:37 | 000,000,000 | ---D | C] -- C:\Users\Scheuer\Documents\Anti-Malware [2012.11.01 10:04:21 | 004,991,994 | R--- | C] (Swearware) -- C:\Users\Scheuer\Desktop\cofi.exe [2012.11.01 09:14:16 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2012.11.01 09:14:16 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2012.11.01 09:14:16 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2012.11.01 09:14:10 | 000,000,000 | ---D | C] -- C:\Qoobox [2012.11.01 09:13:58 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2012.10.31 14:51:12 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RdpGroupPolicyExtension.dll [2012.10.31 14:51:11 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpendp_winip.dll [2012.10.31 14:50:38 | 000,073,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perf-MSSQL$CRM-sqlctr10.3.5500.0.dll [2012.10.31 14:50:37 | 000,089,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SQSRVRES.DLL [2012.10.31 13:48:13 | 000,000,000 | ---D | C] -- C:\Users\Scheuer\AppData\Roaming\Malwarebytes [2012.10.31 13:48:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.10.31 13:05:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2012.10.31 13:05:14 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy [2012.10.31 12:47:28 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2012.10.31 12:33:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus 2013 [2012.10.31 12:32:09 | 000,000,000 | ---D | C] -- C:\Windows\ELAMBKUP [2012.10.31 12:23:15 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2012.10.31 12:23:15 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe [2012.10.31 12:23:15 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2012.10.25 14:56:44 | 000,000,000 | -H-D | C] -- C:\Windows\$CrmUninstallKB2739504_Mui_1031$ [2012.10.22 11:42:32 | 000,000,000 | ---D | C] -- C:\Users\Scheuer\Documents\RVWin [2012.10.22 11:42:32 | 000,000,000 | ---D | C] -- C:\Users\Scheuer\AppData\Roaming\RVWIN [2012.10.19 10:36:55 | 000,000,000 | ---D | C] -- C:\Users\Scheuer\Interessantes [2012.10.10 16:37:32 | 000,000,000 | ---D | C] -- C:\Users\Scheuer\Desktop\Fotos_Maria_Elsass [2012.10.08 09:29:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud [2012.10.05 12:46:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VV Vereinsverwaltung [2012.01.16 11:55:40 | 001,129,320 | ---- | C] (Microsoft Corporation) -- C:\Users\Scheuer\ClientSetupResources.dll [2012.01.16 11:55:40 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Users\Scheuer\SetupClient.exe [2012.01.16 11:55:40 | 000,354,664 | ---- | C] (Microsoft Corporation) -- C:\Users\Scheuer\ClientSetup.dll [2010.10.28 04:34:50 | 004,368,744 | ---- | C] (Microsoft Corporation) -- C:\Users\Scheuer\mfc100u.dll [2010.10.26 19:08:50 | 000,770,384 | ---- | C] (Microsoft Corporation) -- C:\Users\Scheuer\msvcr100.dll [2010.10.26 19:08:50 | 000,421,200 | ---- | C] (Microsoft Corporation) -- C:\Users\Scheuer\msvcp100.dll [2010.10.26 19:08:50 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Users\Scheuer\mfcm100u.dll [2009.12.01 14:40:19 | 001,495,824 | ---- | C] (Hewlett-Packard Development Company, L.P. ) -- C:\Users\Scheuer\Lantreiber.exe [2009.01.15 17:40:18 | 184,521,568 | ---- | C] (T-Online) -- C:\Users\Scheuer\T-Online_6.0.exe [2009.01.10 11:52:21 | 017,788,641 | ---- | C] (VHV ) -- C:\Users\Scheuer\VHV_23.4.00.i.exe [2009.01.10 11:52:21 | 004,849,303 | ---- | C] (SDK) -- C:\Users\Scheuer\slp_kv_setup.exe [2009.01.10 11:52:19 | 002,633,928 | ---- | C] (Sammsoft ) -- C:\Users\Scheuer\AROTrial.exe [2009.01.10 11:52:19 | 000,153,744 | ---- | C] (Symantec Corporation) -- C:\Users\Scheuer\fixkorgo.exe ========== Files - Modified Within 30 Days ========== [2012.11.02 03:43:01 | 000,001,128 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2099175409-3244923250-3961599458-1000UA.job [2012.11.02 03:39:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Scheuer\Desktop\OTL.exe [2012.11.02 03:21:57 | 000,826,836 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.11.02 03:21:57 | 000,779,848 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.11.02 03:21:57 | 000,196,370 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.11.02 03:21:57 | 000,168,420 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.11.02 03:20:38 | 000,023,632 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.11.02 03:20:38 | 000,023,632 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.11.02 03:16:01 | 000,004,838 | ---- | M] () -- C:\Windows\gauss.ini [2012.11.02 03:15:02 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.11.02 03:14:33 | 000,000,316 | ---- | M] () -- C:\Windows\tasks\sgugfj.job [2012.11.02 03:14:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.11.02 03:14:12 | 2616,684,544 | -HS- | M] () -- C:\hiberfil.sys [2012.11.02 03:12:01 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.11.02 03:10:48 | 000,413,106 | RHS- | M] () -- C:\FTSMQ [2012.11.02 03:10:48 | 000,000,020 | RHS- | M] () -- C:\win7.ld [2012.11.02 03:00:36 | 000,161,548 | ---- | M] () -- C:\Windows\System32\license.rtf [2012.11.02 03:00:03 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.11.02 02:49:12 | 000,022,140 | ---- | M] () -- C:\Windows\System32\emptyregdb.dat [2012.11.02 02:45:20 | 000,543,000 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012.11.02 01:46:08 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2012.11.02 01:45:12 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012.11.02 01:40:07 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2012.11.02 00:20:37 | 000,003,368 | ---- | M] () -- C:\Users\Scheuer\Desktop\Windows-Kompatibilitätsbericht.htm [2012.11.02 00:16:15 | 000,002,543 | ---- | M] () -- C:\Windows\diagwrn.xml [2012.11.02 00:16:15 | 000,001,890 | ---- | M] () -- C:\Windows\diagerr.xml [2012.11.01 10:19:18 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2012.11.01 09:15:44 | 000,002,470 | ---- | M] () -- C:\Windows\ODBC.INI [2012.11.01 09:11:03 | 004,991,994 | R--- | M] (Swearware) -- C:\Users\Scheuer\Desktop\cofi.exe [2012.11.01 08:41:05 | 000,001,086 | ---- | M] () -- C:\Users\Scheuer\Documents\cc_20121101_084102.reg [2012.10.31 17:01:20 | 000,016,974 | ---- | M] () -- C:\Windows\VFRAME32.INI [2012.10.31 16:55:37 | 000,000,904 | ---- | M] () -- C:\Windows\VPMS.INI [2012.10.31 15:53:30 | 000,001,572 | ---- | M] () -- C:\Windows\VFORTSCH.INI [2012.10.31 13:14:31 | 000,587,096 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys [2012.10.31 13:14:31 | 000,025,944 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klmouflt.sys [2012.10.31 13:14:31 | 000,025,944 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klkbdflt.sys [2012.10.31 12:59:04 | 000,038,858 | ---- | M] () -- C:\Users\Scheuer\Documents\cc_20121031_125859.reg [2012.10.31 12:53:28 | 000,000,978 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012.10.31 10:43:00 | 000,001,076 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2099175409-3244923250-3961599458-1000Core.job [2012.10.31 10:14:42 | 000,001,027 | ---- | M] () -- C:\Users\Scheuer\Desktop\KV-Rational neu.lnk [2012.10.30 17:10:35 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_netaapl_01009.Wdf [2012.10.30 11:23:22 | 000,000,358 | ---- | M] () -- C:\Windows\ktel.ini [2012.10.29 17:47:45 | 000,000,697 | ---- | M] () -- C:\Windows\AdrBook.INI [2012.10.22 17:02:48 | 000,000,185 | ---- | M] () -- C:\Users\Scheuer\AppData\Roaming\CASUpdateSkip.lst [2012.10.17 14:38:49 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WUDFUsbccidDriver_01_09_00.Wdf [2012.10.15 12:28:07 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012.10.15 12:28:07 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012.10.15 11:24:12 | 000,001,268 | ---- | M] () -- C:\Windows\NSECOL2.WIN [2012.10.11 08:41:34 | 000,155,810 | ---- | M] () -- C:\Users\Scheuer\Desktop\MVPExport.CSV [2012.10.09 10:29:09 | 000,023,214 | ---- | M] () -- C:\Windows\unins000.dat [2012.10.09 10:28:39 | 000,716,810 | ---- | M] () -- C:\Windows\unins000.exe [2012.10.05 12:46:25 | 000,000,520 | ---- | M] () -- C:\Users\Public\Desktop\Vereins-Verwaltung.lnk ========== Files Created - No Company Name ========== [2012.11.02 03:10:48 | 000,413,106 | RHS- | C] () -- C:\FTSMQ [2012.11.02 03:10:48 | 000,000,020 | RHS- | C] () -- C:\win7.ld [2012.11.02 03:08:49 | 000,001,422 | ---- | C] () -- C:\Users\Scheuer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012.11.02 03:02:03 | 2616,684,544 | -HS- | C] () -- C:\hiberfil.sys [2012.11.02 02:49:12 | 000,022,140 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat [2012.11.02 01:47:05 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2012.11.02 01:46:53 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2012.11.02 01:46:08 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012.11.02 01:45:12 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012.11.02 01:11:09 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK [2012.11.02 00:08:07 | 000,003,368 | ---- | C] () -- C:\Users\Scheuer\Desktop\Windows-Kompatibilitätsbericht.htm [2012.11.02 00:01:54 | 000,002,543 | ---- | C] () -- C:\Windows\diagwrn.xml [2012.11.02 00:01:54 | 000,001,890 | ---- | C] () -- C:\Windows\diagerr.xml [2012.11.01 09:14:16 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2012.11.01 09:14:16 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2012.11.01 09:14:16 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2012.11.01 09:14:16 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2012.11.01 09:14:16 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2012.11.01 08:41:04 | 000,001,086 | ---- | C] () -- C:\Users\Scheuer\Documents\cc_20121101_084102.reg [2012.10.31 12:59:02 | 000,038,858 | ---- | C] () -- C:\Users\Scheuer\Documents\cc_20121031_125859.reg [2012.10.30 17:10:35 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_netaapl_01009.Wdf [2012.10.17 14:38:49 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WUDFUsbccidDriver_01_09_00.Wdf [2012.10.15 11:24:12 | 000,001,268 | ---- | C] () -- C:\Windows\NSECOL2.WIN [2012.10.09 10:29:03 | 000,716,810 | ---- | C] () -- C:\Windows\unins000.exe [2012.10.05 12:46:25 | 000,000,520 | ---- | C] () -- C:\Users\Public\Desktop\Vereins-Verwaltung.lnk [2012.09.03 13:10:18 | 000,122,880 | RHS- | C] () -- C:\Windows\System32\SSShim8.dll [2012.08.22 15:01:26 | 000,000,094 | ---- | C] () -- C:\Windows\BBU.INI [2012.08.22 15:01:02 | 000,000,481 | ---- | C] () -- C:\Windows\BTI.INI [2012.08.22 15:00:49 | 000,100,864 | ---- | C] () -- C:\Windows\WDBUUI32.DLL [2012.08.22 15:00:49 | 000,065,536 | ---- | C] () -- C:\Windows\WDBUMK32.DLL [2012.08.22 15:00:48 | 000,320,512 | ---- | C] () -- C:\Windows\System32\W32MKDE.EXE [2012.08.22 15:00:48 | 000,110,080 | ---- | C] () -- C:\Windows\System32\W32MKRC.DLL [2012.08.22 15:00:48 | 000,101,888 | ---- | C] () -- C:\Windows\BUTIL.DLL [2012.08.22 15:00:48 | 000,053,248 | ---- | C] () -- C:\Windows\BUTIL.EXE [2012.08.22 15:00:48 | 000,041,472 | ---- | C] () -- C:\Windows\System32\r32.exe [2012.08.22 15:00:48 | 000,012,288 | ---- | C] () -- C:\Windows\System32\REGOCX32.EXE [2012.08.22 15:00:47 | 000,038,576 | ---- | C] () -- C:\Windows\System32\NWLOCALE.DLL [2012.08.09 14:18:44 | 000,000,084 | ---- | C] () -- C:\Users\Scheuer\axa-bt.ini [2012.07.04 12:37:58 | 000,000,064 | ---- | C] () -- C:\Users\Scheuer\btFrame.user [2012.07.03 17:07:15 | 000,000,426 | ---- | C] () -- C:\Windows\VICTORIA.INI [2012.06.27 17:10:16 | 000,000,697 | ---- | C] () -- C:\Windows\AdrBook.INI [2012.05.14 10:25:31 | 000,002,859 | ---- | C] () -- C:\Windows\HME_ISIS32E.INI [2012.05.09 03:28:25 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2012.04.24 11:55:31 | 000,000,345 | ---- | C] () -- C:\Users\Scheuer\AppData\Roaming\CASDruckstuecke.ini [2012.04.20 15:17:59 | 000,081,408 | ---- | C] () -- C:\Windows\System32\drivers\SSHDRV86.sys [2012.04.20 15:14:03 | 000,025,600 | ---- | C] () -- C:\Windows\System32\VADE232.DLL [2012.04.20 15:14:02 | 000,544,256 | ---- | C] () -- C:\Windows\System32\ChangeGraphics.dll [2012.03.13 14:01:12 | 000,029,567 | ---- | C] () -- C:\Windows\kubus.ini [2012.02.21 16:07:06 | 000,000,196 | ---- | C] () -- C:\Windows\ulead32.ini [2012.02.01 11:04:38 | 000,000,065 | ---- | C] () -- C:\Windows\BADENIA.INI [2012.01.16 17:42:12 | 009,387,008 | ---- | C] () -- C:\Users\Scheuer\Client.msi [2012.01.16 17:42:12 | 005,029,376 | ---- | C] () -- C:\Users\Scheuer\MUISetup_1031_i386.msi [2012.01.11 13:06:52 | 000,000,999 | ---- | C] () -- C:\Windows\BECCOLOR.INI [2012.01.09 13:49:08 | 000,000,343 | ---- | C] () -- C:\Users\Scheuer\SpawnCmd.js [2012.01.09 13:36:28 | 000,097,120 | ---- | C] () -- C:\Users\Scheuer\EnvironmentDiagnostics.chm [2012.01.09 13:36:28 | 000,007,452 | ---- | C] () -- C:\Users\Scheuer\Readme.htm [2011.12.19 13:38:41 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll [2011.11.29 13:39:03 | 000,000,028 | ---- | C] () -- C:\Windows\System32\lbj.ini [2011.11.22 15:09:53 | 000,000,026 | ---- | C] () -- C:\Windows\AFORTSCH.INI [2011.11.10 11:03:45 | 000,317,440 | ---- | C] () -- C:\Windows\UninsVHV.exe [2011.11.10 10:44:21 | 000,016,974 | ---- | C] () -- C:\Windows\VFRAME32.INI [2011.11.09 10:56:52 | 000,000,103 | ---- | C] () -- C:\Windows\VHV_SicherungRuecksicherung.ini [2011.11.09 10:50:57 | 000,000,904 | ---- | C] () -- C:\Windows\VPMS.INI [2011.11.09 10:50:31 | 000,000,000 | ---- | C] () -- C:\Windows\VMAPO.DAT [2011.10.10 13:31:31 | 000,000,045 | ---- | C] () -- C:\Windows\MVOPT.INI [2011.10.10 13:31:30 | 000,000,006 | ---- | C] () -- C:\Windows\MV-CD.INI [2011.10.10 13:29:46 | 000,000,000 | ---- | C] () -- C:\Program Files\Version.ini [2011.09.29 14:11:03 | 000,104,651 | ---- | C] () -- C:\Users\Scheuer\OS_2001_nachtrag_78586240_20110721_023618.pdf [2011.09.13 09:41:14 | 000,000,331 | ---- | C] () -- C:\Windows\axabt.ini [2011.09.13 09:41:14 | 000,000,052 | ---- | C] () -- C:\Windows\axae.ini [2011.09.13 09:41:12 | 000,005,968 | ---- | C] () -- C:\Windows\alias.ini [2011.09.13 09:41:07 | 000,005,128 | ---- | C] () -- C:\Windows\vfrx.ini [2011.08.30 09:41:36 | 000,023,214 | ---- | C] () -- C:\Windows\unins000.dat [2011.08.25 13:47:30 | 000,255,848 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat [2011.08.08 10:04:57 | 000,001,572 | ---- | C] () -- C:\Windows\VFORTSCH.INI [2011.08.02 10:27:44 | 000,104,614 | ---- | C] () -- C:\Windows\arj.exe [2011.08.02 10:27:44 | 000,004,838 | ---- | C] () -- C:\Windows\gauss.ini [2011.07.27 16:12:23 | 000,691,200 | ---- | C] () -- C:\Windows\System32\PrintLog.exe [2011.07.27 16:12:23 | 000,524,288 | ---- | C] () -- C:\Windows\System32\PrtPass.exe [2011.07.27 12:42:31 | 000,000,185 | ---- | C] () -- C:\Users\Scheuer\AppData\Roaming\CASUpdateSkip.lst [2011.07.27 12:40:55 | 000,000,044 | ---- | C] () -- C:\Windows\VOPTCON.INI [2011.07.20 10:21:08 | 000,000,161 | ---- | C] () -- C:\Windows\DISPARAM.INI [2011.07.20 10:19:04 | 000,000,842 | ---- | C] () -- C:\Windows\VPL_Apps.ini [2011.07.20 10:18:53 | 000,000,395 | ---- | C] () -- C:\Windows\gsall.ini [2011.07.20 10:03:41 | 000,001,068 | ---- | C] () -- C:\Windows\DOCS.INI [2011.07.19 15:12:37 | 000,195,072 | ---- | C] () -- C:\Windows\System32\Msodeger.dll [2011.05.31 11:36:16 | 000,001,603 | ---- | C] () -- C:\Windows\CAF.INI [2011.05.31 11:36:16 | 000,000,429 | ---- | C] () -- C:\Windows\allianzl.ini [2011.05.31 11:35:13 | 000,003,213 | ---- | C] () -- C:\Windows\ODBCINST.INI [2011.05.31 11:35:13 | 000,002,470 | ---- | C] () -- C:\Windows\ODBC.INI [2011.05.31 11:32:40 | 000,012,338 | ---- | C] () -- C:\Windows\Tabaus.ini [2011.04.12 02:30:05 | 000,826,836 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2011.04.12 02:30:05 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2011.04.12 02:30:05 | 000,196,370 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2011.04.12 02:30:05 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2011.04.11 17:32:23 | 000,156,242 | ---- | C] () -- C:\Users\Scheuer\Tamer_Mahmoud.pdf [2011.02.09 16:24:42 | 000,000,358 | ---- | C] () -- C:\Windows\ktel.ini [2010.11.20 22:29:34 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [2010.11.20 22:29:26 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2010.10.26 19:15:44 | 000,119,751 | ---- | C] () -- C:\Users\Scheuer\MSCRMClientEULA.rtf [2010.10.26 19:06:24 | 000,000,530 | ---- | C] () -- C:\Users\Scheuer\Default_Client_Config.xml [2010.09.08 16:52:28 | 000,015,679 | ---- | C] () -- C:\Users\Scheuer\invoice-10110095-o-140410-c-123219-d-20100908.pdf [2010.08.10 10:01:07 | 000,122,098 | ---- | C] () -- C:\Users\Scheuer\nacktes_päpstle_Seite_1.jpg [2010.08.10 10:01:07 | 000,113,572 | ---- | C] () -- C:\Users\Scheuer\nacktes_päpstle_Seite_2.jpg [2010.08.10 10:01:07 | 000,059,154 | ---- | C] () -- C:\Users\Scheuer\nacktes_päpstle_Seite_3.jpg [2010.08.10 09:50:58 | 000,328,865 | ---- | C] () -- C:\Users\Scheuer\nacktes_päpstle.pdf [2010.08.05 12:16:24 | 004,233,414 | ---- | C] () -- C:\Users\Scheuer\hp_clj4600_handbuch.pdf [2010.07.07 14:05:33 | 017,780,906 | ---- | C] () -- C:\Users\Scheuer\BedienungsanleitungWebPortalBedienungsanleitungWebPortal.pdf [2010.05.31 11:59:31 | 000,103,403 | ---- | C] () -- C:\Users\Scheuer\roter Mohn.jpg [2010.05.31 11:59:12 | 000,125,985 | ---- | C] () -- C:\Users\Scheuer\Katze.jpg [2010.05.31 11:58:40 | 000,128,943 | ---- | C] () -- C:\Users\Scheuer\3 Pfingstrosen.jpg [2010.04.07 13:06:31 | 000,135,116 | ---- | C] () -- C:\Users\Scheuer\Widmann_EDV.pdf [2010.03.31 10:35:50 | 000,178,127 | ---- | C] () -- C:\Users\Scheuer\Dervisbegovic_Senija.pdf [2010.01.29 16:36:28 | 000,211,572 | ---- | C] () -- C:\Users\Scheuer\DVD_Label.jpg [2010.01.13 18:31:48 | 000,019,117 | ---- | C] () -- C:\Users\Scheuer\Intersky.mht [2010.01.07 12:32:07 | 000,349,313 | ---- | C] () -- C:\Users\Scheuer\Condor_Download_20100107_123157.zip [2010.01.05 19:03:31 | 000,042,931 | ---- | C] () -- C:\Users\Scheuer\WeiFei09_031.JPG [2009.11.12 14:39:54 | 000,567,191 | ---- | C] () -- C:\Users\Scheuer\Ausweis_2.jpg [2009.11.12 14:39:28 | 000,690,307 | ---- | C] () -- C:\Users\Scheuer\ausweis_1.jpg [2009.11.04 11:46:47 | 000,305,202 | ---- | C] () -- C:\Users\Scheuer\Daten & Gebühren UBS (LUX) KEY SELECTION SICAV - GLOBAL ALLOCATION (EUR) B Fonds A0B8QJ LU0197216558.mht [2009.11.03 18:41:38 | 000,095,376 | ---- | C] () -- C:\Users\Scheuer\Hitparade_2009.pdf [2009.06.22 13:41:40 | 000,048,226 | ---- | C] () -- C:\Users\Scheuer\PGGZVF_ 061.jpg [2009.06.09 12:14:41 | 000,052,668 | ---- | C] () -- C:\Users\Scheuer\Rechtsschutzversicherung.htm [2009.04.24 16:31:07 | 000,016,257 | ---- | C] () -- C:\Users\Scheuer\Adressbuch_2.ldif [2009.04.03 10:40:29 | 000,027,850 | ---- | C] () -- C:\Users\Scheuer\formular_rtf.rtf [2009.03.19 15:38:28 | 000,444,942 | ---- | C] () -- C:\Users\Scheuer\Aufnahmefähigkeit 001.jpg [2009.03.19 15:28:08 | 000,190,987 | ---- | C] () -- C:\Users\Scheuer\Meldebestätigung.jpg [2009.02.25 11:29:43 | 003,546,098 | ---- | C] () -- C:\Users\Scheuer\siemens_gigaset_c325.pdf [2009.02.16 12:34:20 | 000,032,893 | ---- | C] () -- C:\Users\Scheuer\iTunes Softwarelizenz.rtf [2009.02.11 15:27:09 | 015,768,645 | ---- | C] () -- C:\Users\Scheuer\iPhone_Benutzerhandbuch.pdf [2009.02.10 10:30:59 | 000,234,796 | ---- | C] () -- C:\Users\Scheuer\Google Maps.mht [2009.01.21 18:18:03 | 000,072,120 | ---- | C] () -- C:\Users\Scheuer\Anfahrtshilfe.jpg [2009.01.10 11:52:22 | 000,062,855 | ---- | C] () -- C:\Users\Scheuer\Vogelgrippe_Merkblatt_Wassersportler1.pdf [2009.01.10 11:52:21 | 002,508,528 | ---- | C] () -- C:\Users\Scheuer\SetupProKasse50.EXE [2009.01.10 11:52:21 | 000,138,192 | ---- | C] () -- C:\Users\Scheuer\SCHNEESCHUHPROFI-Tipps und Infos_pdf.htm [2009.01.10 11:52:21 | 000,090,933 | ---- | C] () -- C:\Users\Scheuer\Versicherungsbestätigung.pdf [2009.01.10 11:52:21 | 000,013,020 | ---- | C] () -- C:\Users\Scheuer\Quarta_Antonio_2.jpg [2009.01.10 11:52:21 | 000,000,604 | ---- | C] () -- C:\Users\Scheuer\privat.p7b [2009.01.10 11:52:20 | 005,272,954 | ---- | C] () -- C:\Users\Scheuer\neptun_27_Prospekt_neu_pdf.htm [2009.01.10 11:52:20 | 000,042,676 | ---- | C] () -- C:\Users\Scheuer\kfz_kaufvertrag.pdf [2009.01.10 11:52:20 | 000,002,304 | ---- | C] () -- C:\Users\Scheuer\LOCKFILE.dat [2009.01.10 11:52:20 | 000,000,000 | ---- | C] () -- C:\Users\Scheuer\PDVD_MediaDisc.PlayList [2009.01.10 11:52:19 | 002,768,896 | ---- | C] () -- C:\Users\Scheuer\kddat32_2006-08-07_15-25-18.mde [2009.01.10 11:52:19 | 001,228,918 | ---- | C] () -- C:\Users\Scheuer\Image.nrg [2009.01.10 11:52:19 | 000,955,771 | ---- | C] () -- C:\Users\Scheuer\ISO1.nri [2009.01.10 11:52:19 | 000,376,832 | ---- | C] () -- C:\Users\Scheuer\EVAAntragPatch.exe [2009.01.10 11:52:19 | 000,194,519 | ---- | C] () -- C:\Users\Scheuer\karte2_Allensbach.gif [2009.01.10 11:52:19 | 000,174,309 | R--- | C] () -- C:\Users\Scheuer\DSC01198_Föllmer9..JPG [2009.01.10 11:52:19 | 000,166,743 | ---- | C] () -- C:\Users\Scheuer\IMG_4155.JPG [2009.01.10 11:52:19 | 000,160,324 | ---- | C] () -- C:\Users\Scheuer\IMG_4156.JPG [2009.01.10 11:52:19 | 000,062,625 | ---- | C] () -- C:\Users\Scheuer\Geiselmann_2.jpg [2009.01.10 11:52:19 | 000,053,683 | ---- | C] () -- C:\Users\Scheuer\Bootszulassung1.jpg [2009.01.10 11:52:19 | 000,012,983 | ---- | C] () -- C:\Users\Scheuer\CVersicherungenCSoftworkVorschlag.pdf [2009.01.10 11:52:19 | 000,002,693 | ---- | C] () -- C:\Users\Scheuer\Einstel.xml [2009.01.09 12:49:57 | 000,000,027 | ---- | C] () -- C:\Users\Scheuer\version.ini ========== ZeroAccess Check ========== [2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.09.16 15:18:53 | 012,874,752 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 22:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2012.11.02 02:27:51 | 000,000,000 | ---D | M] -- C:\Users\Scheuer\AppData\Roaming\1&1 Mail & Media GmbH [2012.11.02 02:27:51 | 000,000,000 | ---D | M] -- C:\Users\Scheuer\AppData\Roaming\Ad-Aware Antivirus [2012.11.02 02:27:51 | 000,000,000 | ---D | M] -- C:\Users\Scheuer\AppData\Roaming\apkv [2012.11.02 02:28:26 | 000,000,000 | ---D | M] -- C:\Users\Scheuer\AppData\Roaming\AquaSoft [2011.12.02 15:49:24 | 000,000,000 | ---D | M] -- C:\Users\Scheuer\AppData\Roaming\Ashampoo Slideshow Studio Elements [2011.12.02 14:47:34 | 000,000,000 | ---D | M] -- C:\Users\Scheuer\AppData\Roaming\Burn4U [2012.11.02 02:28:26 | 000,000,000 | ---D | M] -- C:\Users\Scheuer\AppData\Roaming\Byngo [2012.11.02 02:28:26 | 000,000,000 | ---D | M] -- C:\Users\Scheuer\AppData\Roaming\CodedColor [2012.11.02 02:28:26 | 000,000,000 | ---D | M] -- C:\Users\Scheuer\AppData\Roaming\de.myphotobook.creator.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1 [2012.04.05 16:35:20 | 000,000,000 | ---D | M] -- C:\Users\Scheuer\AppData\Roaming\Elektra [2012.11.02 02:28:33 | 000,000,000 | ---D | M] -- C:\Users\Scheuer\AppData\Roaming\Foxit Software [2012.11.02 02:28:33 | 000,000,000 | ---D | M] -- C:\Users\Scheuer\AppData\Roaming\Fujitsu [2012.11.02 02:28:33 | 000,000,000 | ---D | M] -- C:\Users\Scheuer\AppData\Roaming\Garmin [2012.11.02 02:28:33 | 000,000,000 | ---D | M] -- C:\Users\Scheuer\AppData\Roaming\HanseMerkurISAMA [2012.11.02 02:28:35 | 000,000,000 | ---D | M] -- C:\Users\Scheuer\AppData\Roaming\HartlauerFotoService3 [2012.11.02 02:28:35 | 000,000,000 | ---D | M] -- C:\Users\Scheuer\AppData\Roaming\IrfanView [2012.11.02 02:28:35 | 000,000,000 | ---D | M] -- C:\Users\Scheuer\AppData\Roaming\klickTel [2012.11.02 02:28:36 | 000,000,000 | ---D | M] -- C:\Users\Scheuer\AppData\Roaming\MAGIX [2012.11.02 02:28:43 | 000,000,000 | ---D | M] -- C:\Users\Scheuer\AppData\Roaming\Motorola [2012.11.02 02:28:44 | 000,000,000 | ---D | M] -- C:\Users\Scheuer\AppData\Roaming\Notepad++ [2012.11.02 02:28:44 | 000,000,000 | ---D | M] -- C:\Users\Scheuer\AppData\Roaming\PFU [2012.11.02 02:28:44 | 000,000,000 | ---D | M] -- C:\Users\Scheuer\AppData\Roaming\PhotoCleaner [2012.11.02 02:28:45 | 000,000,000 | ---D | M] -- C:\Users\Scheuer\AppData\Roaming\Pixpedia Publisher [2012.11.02 02:28:45 | 000,000,000 | ---D | M] -- C:\Users\Scheuer\AppData\Roaming\Runscanner.net [2012.11.02 02:28:45 | 000,000,000 | ---D | M] -- C:\Users\Scheuer\AppData\Roaming\RVWIN [2012.11.02 02:28:45 | 000,000,000 | ---D | M] -- C:\Users\Scheuer\AppData\Roaming\SiteRanker [2012.11.02 02:28:45 | 000,000,000 | ---D | M] -- C:\Users\Scheuer\AppData\Roaming\SQL Anywhere 11 [2012.11.02 02:28:45 | 000,000,000 | ---D | M] -- C:\Users\Scheuer\AppData\Roaming\SwissLife [2012.11.02 02:28:45 | 000,000,000 | ---D | M] -- C:\Users\Scheuer\AppData\Roaming\T-Online [2012.11.02 02:29:00 | 000,000,000 | ---D | M] -- C:\Users\Scheuer\AppData\Roaming\TeamViewer [2012.11.02 02:29:00 | 000,000,000 | ---D | M] -- C:\Users\Scheuer\AppData\Roaming\VHV [2012.06.25 09:33:14 | 000,000,000 | ---D | M] -- C:\Users\Scheuer\AppData\Roaming\Windows Live Writer [2012.11.02 02:29:01 | 000,000,000 | ---D | M] -- C:\Users\Scheuer\AppData\Roaming\Zoner ========== Purity Check ========== < End of report > Hier der OTL Extras Logfile Code:
ATTFilter OTL Extras logfile created on: 02.11.2012 03:51:27 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Scheuer\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,25 Gb Total Physical Memory | 1,65 Gb Available Physical Memory | 50,77% Memory free
6,50 Gb Paging File | 4,75 Gb Available in Paging File | 73,15% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 292,97 Gb Total Space | 195,77 Gb Free Space | 66,82% Space Free | Partition Type: NTFS
Drive E: | 7,53 Gb Total Space | 1,42 Gb Free Space | 18,85% Space Free | Partition Type: NTFS
Drive F: | 172,79 Gb Total Space | 116,20 Gb Free Space | 67,25% Space Free | Partition Type: NTFS
Drive G: | 962,07 Mb Total Space | 484,32 Mb Free Space | 50,34% Space Free | Partition Type: FAT32
Computer Name: HAUPT-PC | User Name: Scheuer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [userfull] -- cmd.exe /c takeown /f "%1" /r /d j && icacls "%1" /grant Benutzer:F /T /C /L (Microsoft Corporation)
Directory [usernormal] -- cmd.exe /c icacls "%1" /reset /T /C /L (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{039F9D0B-1C98-4C64-814C-9D26F7BCA855}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{19A940B6-6851-4B49-AA92-A6EE1507FFF5}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1FB7D58E-6F2E-4D17-AA48-6327C39237E7}" = rport=10243 | protocol=6 | dir=out | app=system |
"{2020BF51-E221-4550-B055-D37CFB4E8673}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{319D0111-F4A7-4618-ACA5-3CFA7544B11C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{31D8B164-EDFF-4A29-A8CA-D90389E4466D}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{572CFD24-5A5A-495C-A3B6-F68FBFEC2EB5}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{7B110DD4-D586-4FE1-AD77-E7CCDA95DD9A}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{A13AA54C-AF4E-4D7C-AEFB-9D651FF532C2}" = lport=10243 | protocol=6 | dir=in | app=system |
"{A8D3BF54-D1DB-4988-8B3A-F709E3D3A6BF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{ADA4B0DE-A358-48AC-A217-6658CA6CDF41}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AF569B48-B5A8-4782-994C-F199808F91FC}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D407F147-3836-45B4-BF55-B0FBEDC0FCF7}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{E0985840-0281-441A-A499-7B960708AFEB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FECCAFED-91D1-41FD-82F6-9D9724BE2925}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{010848A9-E178-4B55-AF0F-7C63D4D869AB}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{085F3FB5-C6E7-4506-8B67-F471512D2729}" = protocol=6 | dir=in | app=c:\vhv\vhv maklerverwaltungsprogramm\kommz\vhvmvpclient.exe |
"{093649AD-F5FF-411B-ACCD-526E80812041}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{126FE23E-3587-415D-B17A-60748A671428}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{130A7FD7-00C6-4F9F-B3BA-7DAE43EA8D8A}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe |
"{162643AE-963B-48C7-9A47-67B4443FC7F8}" = protocol=6 | dir=in | app=c:\program files\vhv hannover\vpl_apps\versandzentrale\jre\bin\javaw.exe |
"{18B3C4CA-6DFC-47B7-A278-4CF38483C194}" = protocol=6 | dir=in | app=c:\vhv\vhv maklerverwaltungsprogramm\kommz\jre\bin\java.exe |
"{1910BC65-2D75-432D-814F-511A1B8D98DD}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{22F5C0FD-7210-44EE-BCFE-2486A837C806}" = protocol=6 | dir=in | app=f:\versicherungen\vhv\vhv tarifprogramm\vpl_apps\versandzentrale\jre\bin\javaw.exe |
"{2754EE62-A146-4128-9221-88EE6DED84C3}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{2A450943-9F79-4EF6-8C47-7E4EDC453894}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{31999F69-4932-4E43-B809-E443C00F5E24}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{333E60CB-5104-489B-A8B6-75E97DB64577}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{3EE622ED-6482-4E11-B66F-55AF32D9BA56}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{467A8882-A706-4F47-BB76-5C406DFBC8C0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{49C6A332-BAE0-48CE-83DE-915FDB799034}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
"{4A41FC8A-CBCF-4903-855A-33809E311816}" = protocol=17 | dir=in | app=c:\vhv\vhv maklerverwaltungsprogramm\kommz\jre\bin\java.exe |
"{4C3105AD-DA4E-4512-B13E-ED7BB179651E}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{5468CDA1-F4DC-44D4-88E7-B9DBC60158B4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5482D99C-3A4B-448B-BEC2-94858CC2C1FE}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe |
"{5AB3D55B-26F0-4A9C-B7D6-8C06D83BEBD1}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{5B016F55-5F64-4A87-87BE-8E9B6DA991C5}" = protocol=6 | dir=in | app=f:\versicherungen\vhv\vhv tarifprogramm\vpl_apps\versandzentrale\vhvkommunikationszentrale.exe |
"{5D8E4E4D-E985-4BD1-A36C-CDBBC2B47CFD}" = protocol=6 | dir=in | app=c:\program files\vhv hannover\vpl_apps\versandzentrale\vhvkommunikationszentrale.exe |
"{5FB6C874-9CDE-474F-8C3D-C9B279BE010C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{65A681E1-C556-4A1B-899F-CCDED8F1E9AC}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{688FA4B3-F5EC-4C31-9BD7-382B1EB4E88C}" = protocol=6 | dir=in | app=f:\versicherungen\vhv\vhv tarifprogramm\vpl_apps\versandzentrale\jre\bin\javaw.exe |
"{71AC7B92-B550-405D-8879-A9C80E8ACDD6}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7786C7C5-38AF-4DF9-A246-BBB6F426B79B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{78222845-262E-4C4E-8883-5BCA858910EA}" = protocol=6 | dir=in | app=c:\program files\vhv hannover\vpl_apps\versandzentrale\jre\bin\javaw.exe |
"{7D1638B9-8A32-4F90-BD6D-A91FD282CE01}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
"{8623013B-8D49-4F3F-88B5-3A8B0B928010}" = protocol=6 | dir=in | app=f:\versicherungen\vhv\vhv tarifprogramm\vpl_apps\versandzentrale\vhvkommunikationszentrale.exe |
"{8B4D2771-6CFB-4C97-B6F8-0513E53640D3}" = protocol=17 | dir=in | app=c:\vhv\vhv maklerverwaltungsprogramm\kommz\jre\bin\java.exe |
"{9429C969-E3A8-46F6-B7EB-9B8A7F6B00B3}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"{9AC63C6E-EF60-406C-8C59-734908370281}" = protocol=17 | dir=in | app=c:\program files\vhv hannover\vpl_apps\versandzentrale\vhvkommunikationszentrale.exe |
"{9B413351-5600-4079-A8D1-33A6B2ECEEB9}" = protocol=6 | dir=in | app=c:\vhv\vhv maklerverwaltungsprogramm\kommz\jre\bin\java.exe |
"{9E14C388-82EC-40A6-A5AD-B13E4A7E2446}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{9EEA2C8A-E0CF-4B3F-9F3D-33B78FF9EBB6}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A03ED4D6-8978-43C5-A232-BF2F6BBFA0DF}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{AAB5F187-5556-4E89-BF9B-D803D215CBA3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{ABB0B2C1-7AD4-4A35-AC6F-B7D26103D9CD}" = protocol=17 | dir=in | app=f:\versicherungen\vhv\vhv tarifprogramm\vpl_apps\versandzentrale\vhvkommunikationszentrale.exe |
"{ACC34735-C8BC-4FE2-BA71-241E9D341E7A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AECF5E17-E285-442C-B5FB-616708034E04}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{B43DEAFD-55E6-4F06-A1AF-F08A16A349CF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B78E47E7-4FE4-4B8C-B0B6-DE7561C8D616}" = protocol=17 | dir=in | app=c:\vhv\vhv maklerverwaltungsprogramm\kommz\vhvmvpclient.exe |
"{BB0BC0A2-42B4-4088-8CAE-DCFE4E355471}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BB6096C9-21C0-4CCB-AC66-FC80B08D4640}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"{BEEDCA98-1C2C-404D-8D27-610DD71A9DB2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{BF887BAD-F690-4103-8C9E-39902A8435FE}" = protocol=17 | dir=in | app=c:\program files\vhv hannover\vpl_apps\versandzentrale\jre\bin\javaw.exe |
"{C5B6B44D-2278-46E5-BA87-E372D7CBF4AE}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe |
"{C601E2E0-1BB2-40AB-B30D-64DEC44EA26D}" = protocol=17 | dir=in | app=c:\program files\vhv hannover\vpl_apps\versandzentrale\jre\bin\javaw.exe |
"{C6955C60-9537-45EF-B9BE-D275A59D9B6E}" = protocol=6 | dir=out | app=system |
"{C8424C45-4A52-4B3C-9B2A-4E70BE2B1263}" = protocol=17 | dir=in | app=c:\program files\vhv hannover\vpl_apps\versandzentrale\vhvkommunikationszentrale.exe |
"{C88C0988-7CED-41F4-A123-B9838467926D}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe |
"{D24B5DC5-5C13-4775-BBA9-98F468B19F8F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D692402A-D835-4E91-BD70-F5FBBD9F0F8B}" = protocol=17 | dir=in | app=f:\versicherungen\vhv\vhv tarifprogramm\vpl_apps\versandzentrale\vhvkommunikationszentrale.exe |
"{D7B7F914-1B16-4190-9D34-C85D40EC4060}" = protocol=17 | dir=in | app=f:\versicherungen\vhv\vhv tarifprogramm\vpl_apps\versandzentrale\jre\bin\javaw.exe |
"{DA33C63A-8F78-492E-A53B-660E3AF62694}" = protocol=6 | dir=in | app=c:\program files\vhv hannover\vpl_apps\versandzentrale\vhvkommunikationszentrale.exe |
"{E7654D6F-7A02-44CA-866B-92A7EEB20560}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{E952B21A-92DC-43DE-BB17-07897DD6A358}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{F9B71874-E363-4A82-B48E-5B1C756B85E1}" = protocol=6 | dir=in | app=c:\vhv\vhv maklerverwaltungsprogramm\kommz\vhvmvpclient.exe |
"{FAE19A7D-72FE-4B65-886E-68D2F9ED2E3D}" = protocol=17 | dir=in | app=f:\versicherungen\vhv\vhv tarifprogramm\vpl_apps\versandzentrale\jre\bin\javaw.exe |
"{FB5159E6-13A6-4168-87EC-01210AB4DB48}" = protocol=17 | dir=in | app=c:\vhv\vhv maklerverwaltungsprogramm\kommz\vhvmvpclient.exe |
"TCP Query User{A6186E83-E4E4-46D3-ABEF-FAD044E6F516}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{C7AF121F-7EAF-4E90-9E32-929AABA9A730}F:\versicherungen\java\arag_jre1.5.0_19\bin\java.exe" = protocol=6 | dir=in | app=f:\versicherungen\java\arag_jre1.5.0_19\bin\java.exe |
"UDP Query User{8C17FDA2-2F46-4DF6-8558-38854A3C642C}F:\versicherungen\java\arag_jre1.5.0_19\bin\java.exe" = protocol=17 | dir=in | app=f:\versicherungen\java\arag_jre1.5.0_19\bin\java.exe |
"UDP Query User{F4976A73-6FC9-4999-B3C0-578E45A3AC31}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00180407-78E1-11D2-B60F-006097C998E7}" = Microsoft Access 2000 SR-1 Runtime
"{01FE12C6-DEEA-492F-86F9-DD94D8E5DC95}" = MAGIX Foto Premium 9
"{02602409-9189-4567-BC07-562605243B69}" = Windows Live Remote Client Resources
"{02DDD716-E180-4367-9E18-576BD000EEFC}" = Swiss Life BeraterBüro
"{0340FC65-9ED5-42AF-9791-961F5AB154DA}" = CAP GEV Child
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{060c0bc3-df11-4bb3-8815-627c8c243fb0}.sdb" = MV-Makler-und-ADP
"{0712638F-559B-4F49-B8BE-BF3AAEE54A38}" = ScanSnap
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C524D20-0407-0050-8A9E-0C4C490E4E54}" = Microsoft Dynamics CRM 2011 für Microsoft Office Outlook
"{0C524DC1-0407-0050-8121-88490F4D5549}" = Microsoft Dynamics CRM 2011 Language Pack für German
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0F6F6876-6334-4977-B5DD-CFC12E193420}" = iTunes
"{1269ED0D-BFDB-439D-988C-01AC2125FD10}" = Dialog Tarifprogramm
"{13F054F3-0B07-4D15-9E80-C55B496AB557}" = Garmin Communicator Plugin
"{150F9D4D-F555-41BB-AF49-D9DA8F53A82D}" = KUBUS light ERGO
"{159EC8B7-6866-42BE-9CC6-46E7FC2A9A73}" = TransSELEKT
"{172423F9-522A-483A-AD65-03600CE4CA4F}" = Microsoft Works 6-9 Converter
"{17E7B2A7-5724-4512-ACAF-C8A8A7B31587}" = MAGIX Speed 2 (MSI)
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{24C4AC5A-67A4-4E1D-B30C-8C7A01712607}" = RSA SecurID Software Token
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{26FA3721-E325-44DE-8318-6FA434F2A064}" = CardMinder V4.0
"{280E91D7-BBA8-42A2-8F45-00FD89E454B0}_is1" = HanseMerkur ISA Service Extensions
"{2A0FC4FF-8818-4648-A4F2-93D16DB3EF29}" = Updateservice GEV
"{2A231800-A7CF-4223-B8A3-1FD9057BAE96}" = Unterstützungsdateien für Microsoft SQL Server 2008-Setup
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (KIS)
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{2FF11610-5CB9-4A10-8572-470256CD9878}" = RuntimeInstallieren
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{383217E3-8F0C-4B85-92B5-6B579A52B0F1}" = AOWin2010
"{383217E3-8F0C-4B85-92B5-6B579A52B0FC}" = AOWin2010
"{39D6D822-4BB4-46D5-90C8-8C1E5837CEBD}" = klickTel Telefon- und Branchenbuch + Rückwärtssuche Herbst 2011
"{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}" = Windows Live Remote Service Resources
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{477415F5-93DA-46AA-85C5-640047825995}" = Microsoft SQL Server 2008 Database Engine Shared
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{49C1A51C-7A09-49AE-9447-90D3945FC6A7}" = MAGIX Screenshare
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4AF2248C-B3DF-46FB-9596-87F5DB193689}" = Microsoft SQL Server 2008 Browser
"{4E266E5D-F9A6-4AF4-9431-679CF35C25AD}" = Moreba GEV
"{4E8026BF-F024-44D4-8299-3F4694636825}" = ScanSoft PDF Converter 3.0
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{539A0EAA-E1BB-4163-9C1E-6C8BF4A17FA2}" = Microsoft SQL Server 2008 Native Client
"{53CFF9B1-4ED7-4114-8ECF-ADD13BC8AC57}" = VHV RECOMAX
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{5482DCBE-D2D1-47B0-A621-DF8E2B0D174C}" = Windows Live Family Safety
"{54FA5000-9FF8-47D5-BF65-4A17BE040242}" = klickTel Telefon- und Branchenbuch + Rückwärtssuche Herbst 2010
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Anti-Virus 2013
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5AE34761-0D70-4E9A-BF4B-BE366D9E0478}" = ElektrALight
"{5F8F65CC-787E-4DD6-95ED-07DF214DBDB3}" = trixiKfz
"{5FC7AB5C-61FC-42DF-A923-5139BCF10D42}" = Microsoft LifeCam
"{602A58C3-BDF2-4B8A-B9D3-B6D9BACA386A}" = Dir-It!
"{61ED7FB5-495E-4BA7-B4EA-D8E0077353FE}_is1" = Power Druckstudio Gold 1
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{6474E823-3AB2-FFE2-08B2-D1AF0DA1AAA7}" = myphotobook.de
"{6481496E-555D-4BE5-83F2-55C6C2851A48}" = Beratungsprotokolle
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6C12B6BF-3891-497B-B5CA-3D64DA093947}" = Motorola Mobile Drivers Installation 5.4.0
"{6DD40B68-1851-4BBD-AED6-CD82CB884735}" = Moreba
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6E5410F7-6FDF-412D-B3D5-9EC985F8FEF4}" = Generali Tarifierungen Gev
"{6E75A7A0-DA88-4F78-8068-2DE42ECBB91E}" = WebKIS Offline
"{6E9CFEF5-0245-411F-8587-CF83DF9D4B05}" = Microsoft SQL Server 2008 Database Engine Services
"{6F3D2F66-F050-45E3-BEB1-6523FE6D6690}" = MotoHelper MergeModules
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7148F0A8-6813-11D6-A77B-00B0D0142100}" = Java 2 Runtime Environment, SE v1.4.2_10
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{735DEB9C-61BD-4D31-994B-92395BBB4E45}" = Microsoft XML Parser
"{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7B29AA98-B40C-4D6B-A15B-B6A00D71F133}" = Abgeltungsteuer GEV
"{7EB65C13-CFDC-4312-97B7-92AFBFC2AA18}" = VHV Maklerverwaltungsprogramm
"{832BFF4E-B65C-4AF0-AA0E-52A64705C5F6}" = MAGIX Xtreme Grafik Designer 5
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8393592A-B977-489E-8C78-84E19DE9FE21}" = MAGIX 3D Maker (embedded MSI)
"{83B34C33-5337-4EA9-A886-04D63F486861}" = Stufenmodell GEV
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{85530EE5-B265-4F84-BD2A-DE2BBBC990B7}" = Beratungsprogramme W&W-Konzern
"{859258F8-3F00-4335-BBD5-318F17369012}" = MAGIX Online Druck Service
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{891F6136-6540-495D-95D9-703DA7EDE3AD}" = SDK - Angebotsprogramm
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A6BB58D-82A9-4FC7-B65F-A4EA87A4C138}" = Microsoft Online Services-Anmeldeassistent
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CC68433-5837-4075-B81F-EA7E4F14CE60}" = iCloud
"{8D86B3AE-F744-4F97-ADDD-6B13345C62FF}_is1" = VorsorgePLANER
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROPLUS_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROPLUS_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}" = MobileMe Control Panel
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95140000-0137-0407-0000-0000000FF1CE}" = Microsoft Works 6-9 Converter
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9BD2DD45-8763-4F12-BDC6-958FCFEF0FCB}" = Microsoft IntelliType Pro 8.2
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9EFC9E98-A218-4D83-BFC5-5E67E318767F}" = GEV Excelloesungen
"{A2397CA0-C472-46CC-83CD-EE54CE2A2117}" = Vera Kompas GEV
"{A31AB657-D929-4B80-A2B2-45E03902A3DD}" = InterRisk WinRisk 4.9.0
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC2E0432-9092-42F8-B4C2-E95DF8ADE82C}" = VHV-Tarifprogramm
"{AC2F9FCC-170E-4B0B-84AB-7307A373570F}" = RSA Smart Card Middleware 3.5
"{AC63EF8A-ABE1-79BB-F8B3-06C06BCA8B3C}" = HanseMerkur ISA Makler
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{ADA12202-A22B-445D-987F-D4CFADA12202}" = VIA-P
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B1275E23-717A-4D52-997A-1AD1E24BC7F3}" = T-Online 6.0
"{B2023017-DEE4-44F7-8A71-CA6084BF534C}" = Brother P-touch Address Book 1.1
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B8381511-3832-4449-B33A-763931D2590B}" = BB-Euro-Tarifrechner
"{B8777FFC-165B-4DDE-B60B-AD5533D9EAD3}" = AquaSoft PhotoKalender 3
"{B8E9F8A1-9F4D-43D5-ABD6-1DF067FAA469}" = Microsoft SQL Server 2008 Database Engine Services
"{BBF0B1C3-EEC1-4AA6-916B-126E895A46D8}" = Fujitsu NetCOBOL Free Run-time
"{BCF16F16-AC0E-4ABE-A9EF-412CF484BA51}" = Windows Live Family Safety
"{C19B3EB6-B54C-3204-A4DF-88432E0C79F7}" = Microsoft ReportViewer 2010 Redistributable
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C821456C-43B2-4A7E-B3E3-BB24DE58705A}" = MEAG-Angebotssoftware
"{C8320AEC-2E97-4C78-81EC-43CF6D248B01}" = Microsoft XML Parser
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE7D48A0-CB2A-4293-8C41-68A116430BE9}" = AXA Beratungstechnologie
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D074DC76-F6C9-440E-A1D0-1DE958417FDB}" = Microsoft SQL Server VSS Writer
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}" = Apple Mobile Device Support
"{D4F2AFD3-0167-4464-B92F-78AB6DA8A0AA}" = CardMinder
"{DBCDB997-EEEB-4BE9-BAFF-26B4094DBDE6}" = ScanSnap Manager
"{DE5CF410-90B1-4963-ABC3-C23289E52255}" = Angebots Msi
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF38C72B-8A86-4727-99D2-FA7CC5E17A24}" = Microsoft SQL Server 2008 RsFx Driver
"{DF9A6075-9308-4572-8932-A4316243C4D9}" = Brother P-touch Editor 5.0
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2A69F09-B3A1-4E4B-AB8F-16B94981A67B}" = Geldgeschenke DruckShop
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E58F3B88-3B3E-4F85-9323-04789D979C15}" = ScanSnap Organizer
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E6B43401-E818-4961-AFED-118DD8E87642}" = RAF
"{ED7BE5AA-4E2D-4030-95BA-6CCA4BFABB03}" = BEG-Rechner GEV
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EFA462DC-DF28-49B4-A82B-D47D2A94AB1E}" = ELBE SL
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0DA699A-5279-49F2-AC5C-1BA58B3CC613}" = Microsoft SQL Server Compact 3.5 SP2 DEU
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FDC7BD51-0E41-4743-A843-41055F0BCB61}" = FIT GEV
"{FE83F463-7E61-4B18-9FA0-B94B90A0B6B9}" = Nero Burning ROM 10
"{FF0F7090-18DC-43ED-8A3F-F04DBAEC5600}" = Beraterplatz GEV
"{FF460B05-3F84-4A44-886A-13DA143C7C26}" = ScanSnap Organizer
"{FF6F95A4-E59B-45C8-BEA8-0BDC8D9CAB51}" = Microsoft SQL Server 2008 Common Files
"812A5AC8-50DA-43D8-B36E-30CDD7FCCAA1_is1" = Outlook Backup Assistant 5 (Vollversion)
"ABACUS" = ABACUS
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v1.20
"AquaSoft PhotoKalender 3" = AquaSoft PhotoKalender 3
"ASC Easy Updater_is1" = ASC Easy Update auf Version 4.5.0
"ASC Easy_is1" = ASC Easy 3.9.3
"CCleaner" = CCleaner
"CleverPrint_is1" = CleverPrint
"CodedColor_is1" = CodedColor FotoStudio 2010, 6.1.2
"CONDOR Angebotssystem" = CONDOR Angebotssystem
"Data Access Objects (DAO) 3.5" = Data Access Objects (DAO) 3.5
"DB_Firebird 1.5.0.4306" = DB_Firebird 1.5.0.4306
"de.myphotobook.creator.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1" = myphotobook.de
"E38B2136962D21A7BDE5AAC98CD1C6EA6B6D0687" = Windows-Treiberpaket - Microsoft (USBCCID) SmartCardReader (05/17/2005 5.2.3790.2444)
"FinePix Genie_is1" = FUJIFILM MyFinePix Studio 2.0
"Generali Versicherungen Beratungssoftware" = Generali Versicherungen Beratungssoftware
"GEWA KVRATIO" = GEWA KVRATIO
"GEWA KV-Rational" = GEWA KV-Rational
"GSPDEINSTALL" = Gothaer Softwarepaket, komplette Deinstallation
"HanseMerkurISAMA" = HanseMerkur ISA Makler
"HanseMerkur-Tarife" = HanseMerkur-Tarife
"Hardcopy(C__Program Files_Hardcopy)" = Hardcopy (C:\Program Files\Hardcopy)
"HartlauerFotoService3_is1" = Direkt Foto System 3.x
"Helvetia Porta" = Helvetia Porta
"InstallShield_{150F9D4D-F555-41BB-AF49-D9DA8F53A82D}" = KUBUS light ERGO
"InstallShield_{B2023017-DEE4-44F7-8A71-CA6084BF534C}" = Brother P-touch Address Book 1.1
"InstallShield_{BBF0B1C3-EEC1-4AA6-916B-126E895A46D8}" = Fujitsu NetCOBOL Free Run-time
"InstallShield_{DF9A6075-9308-4572-8932-A4316243C4D9}" = Brother P-touch Editor 5.0
"InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Anti-Virus 2013
"IrfanView" = IrfanView (remove only)
"Janitos Offline-Tarifrechner 3_is1" = Janitos Offline-Tarifrechner 3.2.4.0
"LAN-Fax Dienstprogramme" = LAN-Fax Dienstprogramme
"MAGIX_MSI_Fotos_auf_CD_DVD_9_dlx" = MAGIX Foto Premium 9
"MAGIX_MSI_XtremeGrafik5" = MAGIX Xtreme Grafik Designer 5
"MailStore Home_universal1" = MailStore Home 5.0.1.6919
"Maitre" = Maitre
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft CRM Client" = Microsoft Dynamics CRM 2011 für Microsoft Office Outlook
"Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MKVWin_XX-X_is1" = MKVWin 12-1
"MotoHelper" = MotoHelper 2.1.32 Driver 5.4.0
"MUENCHENER VEREIN" = MÜNCHENER VEREIN Software-Service
"PhotoCleaner" = PhotoCleaner
"pixpedia-de_is1" = Pixpedia Publisher 3.1.1
"POLARIS" = POLARIS
"PROPLUS" = Microsoft Office Professional Plus 2007
"R:BASE 76 Runtime for VV" = Vereins-Verwaltung
"RV-Win" = RV-Win
"SIGNAL IDUNA Beratungssoftware externe Vertriebe" = SIGNAL IDUNA Beratungssoftware freie Vertriebe
"SQLAnywhere11" = SQLAnywhere11
"Swiss Life EVA" = Swiss Life EVA
"TeamViewer 7" = TeamViewer 7
"VIA-P 12.20" = VIA-P 12.20
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.11 (32-Bit)
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"YTdetect" = Yahoo! Detect
"ZonerPhotoStudio12_DE_is1" = Zoner Photo Studio 12
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"KS-Win 2008" = KS-Win 2008
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 03.08.2012 03:59:00 | Computer Name = Haupt-PC | Source = Windows Search Service | ID = 9000
Description =
Error - 03.08.2012 03:59:00 | Computer Name = Haupt-PC | Source = Windows Search Service | ID = 7040
Description =
Error - 03.08.2012 03:59:00 | Computer Name = Haupt-PC | Source = Windows Search Service | ID = 7042
Description =
Error - 03.08.2012 03:59:00 | Computer Name = Haupt-PC | Source = Windows Search Service | ID = 9002
Description =
Error - 03.08.2012 03:59:00 | Computer Name = Haupt-PC | Source = Windows Search Service | ID = 3029
Description =
Error - 03.08.2012 03:59:02 | Computer Name = Haupt-PC | Source = Windows Search Service | ID = 3029
Description =
Error - 03.08.2012 03:59:02 | Computer Name = Haupt-PC | Source = Windows Search Service | ID = 3028
Description =
Error - 03.08.2012 03:59:02 | Computer Name = Haupt-PC | Source = Windows Search Service | ID = 3058
Description =
Error - 03.08.2012 03:59:02 | Computer Name = Haupt-PC | Source = Windows Search Service | ID = 7010
Description =
Error - 07.08.2012 13:36:17 | Computer Name = Haupt-PC | Source = Application Hang | ID = 1002
Description = Programm OUTLOOK.EXE, Version 12.0.6661.5003 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 1224 Startzeit: 01cd74c228e37cdd Endzeit: 15 Anwendungspfad:
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE Berichts-ID: 53acf146-e0b6-11e1-b540-002215263d69
Error - 08.08.2012 04:27:13 | Computer Name = Haupt-PC | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 9.0.8112.16447 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 15b4 Startzeit: 01cd753f43653bdc Endzeit: 15 Anwendungspfad:
C:\Program Files\Internet Explorer\iexplore.exe Berichts-ID:
[ OSession Events ]
Error - 01.06.2011 05:33:16 | Computer Name = Haupt-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 37
seconds with 0 seconds of active time. This session ended with a crash.
Error - 16.11.2011 12:47:14 | Computer Name = Haupt-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 17972
seconds with 420 seconds of active time. This session ended with a crash.
Error - 08.12.2011 08:54:44 | Computer Name = Haupt-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5452
seconds with 60 seconds of active time. This session ended with a crash.
Error - 22.12.2011 12:11:12 | Computer Name = Haupt-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 426
seconds with 60 seconds of active time. This session ended with a crash.
Error - 06.06.2012 12:28:28 | Computer Name = Haupt-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1314
seconds with 360 seconds of active time. This session ended with a crash.
Error - 13.08.2012 05:49:46 | Computer Name = Haupt-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2772
seconds with 240 seconds of active time. This session ended with a crash.
Error - 07.09.2012 11:19:20 | Computer Name = Haupt-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6661.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 30
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 01.11.2012 22:02:14 | Computer Name = Haupt-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 01.11.2012 22:02:14 | Computer Name = Haupt-PC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 01.11.2012 22:03:41 | Computer Name = Haupt-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
KLIM6
Error - 01.11.2012 22:08:31 | Computer Name = Haupt-PC | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Windows Search" wurde nicht richtig gestartet.
Error - 01.11.2012 22:14:17 | Computer Name = Haupt-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 01.11.2012 22:14:17 | Computer Name = Haupt-PC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 01.11.2012 22:15:25 | Computer Name = Haupt-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
KLIM6
Error - 01.11.2012 22:34:39 | Computer Name = Haupt-PC | Source = DCOM | ID = 10010
Description =
Error - 01.11.2012 22:34:44 | Computer Name = Haupt-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x80080005 fehlgeschlagen: Sicherheitsupdate für Windows 7 (KB2731847)
Error - 01.11.2012 22:34:57 | Computer Name = Haupt-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x80070643 fehlgeschlagen: Updaterollup 11 für Microsoft Dynamics CRM 2011
für Outlook (KB2739504)
< End of report >
|
| Themen zu Google Suchergebnisse - leitet beim Klick auf das Suchergebnis um |
| ad-aware, avp.exe, bho, defender, emsisoft, error, excel, firefox, flash player, google, home, homepage, iexplore.exe, install.exe, karte, kaspersky, nodrives, office 2007, plug-in, problem, registry, rundll, security, server, software, starten, storm, svchost.exe, symantec, taskhost.exe, tastatur, udp, windows |
Baum-Darstellung