| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Software.updater.ui.exe möchte an meinen LaptopWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
12.06.2013, 18:37
| #1 |
 |  Software.updater.ui.exe möchte an meinen Laptop Nach dem Systemstart (manchmal auch während dem normalen Surfen) möchte eine Datei Software.updater.Ui.exe Unbekannter Herausgeber auf meinen Laptop zugreifen. Evtl. ist es mir vor einigen Wochen auch passiert, daß ich versehentlich einmal dies zugelassen habe. Sonst verneine ich immer. Wenn ich alle Berichte hier so verfolgt habe, mache ich mir Sorgen, daß ich mir einen Trojaner o.ä. eingefangen haben könnte. Ich habe die ersten Schritte nach Eurer Anleitung durchgeführt. Anbei die Ergebnisse zu OTL und Extra. Das Programm GMER habe ich 2 x versucht und mir ist 2 x der Computer komplett gecrasht. Beim 1 x hieß die Windowsfehlermeldung PFN_LIST_CORRUPT, beim 2 x war es ein anderer Fehlerhinweis von Windows. Nach Neustart läuft aktuell alles wieder fehlerfrei. Könnt Ihr mir bitte helfen? OTL OTL logfile created on: 12.06.2013 18:20:08 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Rainer\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,89 Gb Available Physical Memory | 63,01% Memory free 6,20 Gb Paging File | 4,98 Gb Available in Paging File | 80,43% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 286,37 Gb Total Space | 39,46 Gb Free Space | 13,78% Space Free | Partition Type: NTFS Drive D: | 298,09 Gb Total Space | 26,62 Gb Free Space | 8,93% Space Free | Partition Type: NTFS Computer Name: AMILO-LAPTOP | User Name: Rainer | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.06.12 18:18:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Rainer\Downloads\OTL.exe PRC - [2013.05.10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013.05.06 12:39:03 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2013.04.02 18:43:22 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2013.04.02 18:43:10 | 000,079,584 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2013.04.02 18:43:08 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2012.12.12 11:28:14 | 000,163,000 | ---- | M] (Geek Software GmbH) -- C:\Programme\PDF24\pdf24.exe PRC - [2011.10.07 11:40:42 | 001,387,288 | ---- | M] (Logitech, Inc.) -- C:\Programme\Logitech\SetPointP\SetPoint.exe PRC - [2011.09.27 21:05:24 | 000,149,784 | ---- | M] (Logitech, Inc.) -- C:\Programme\Common Files\Logishrd\KHAL3\KHALMNPR.exe PRC - [2011.03.28 20:31:16 | 000,193,920 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PRC - [2011.03.28 20:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PRC - [2010.07.28 19:05:34 | 000,472,664 | ---- | M] (PacketVideo) -- C:\Programme\TwonkyMedia\twonkymediaserverwatchdog.exe PRC - [2009.04.10 23:28:04 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe PRC - [2009.04.10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009.04.10 23:27:30 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe PRC - [2008.06.02 14:43:58 | 003,915,784 | ---- | M] () -- C:\Programme\RKS Fax\rksfax_control.exe PRC - [2008.01.18 23:33:40 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe PRC - [2008.01.18 23:33:40 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe PRC - [2007.09.20 16:32:50 | 000,561,152 | ---- | M] (C&E) -- C:\Programme\C&E\OSD\osd.exe PRC - [2007.05.10 17:10:06 | 004,468,736 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2007.01.11 13:57:20 | 000,291,760 | ---- | M] () -- C:\Programme\Lexmark 9300 Series\lxcqmon.exe PRC - [2006.12.08 10:52:04 | 000,204,800 | ---- | M] (Fujitsu Siemens Computers) -- C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe PRC - [2006.12.05 09:36:10 | 000,537,520 | ---- | M] ( ) -- C:\Windows\System32\lxcqcoms.exe PRC - [2006.12.05 09:35:58 | 000,082,864 | ---- | M] (Lexmark International Inc.) -- C:\Programme\Lexmark 9300 Series\ezprint.exe PRC - [2006.11.22 18:31:26 | 000,630,784 | ---- | M] (Motorola Inc.) -- C:\Programme\Motorola\SMSERIAL\sm56hlpr.exe ========== Modules (No Company Name) ========== MOD - [2013.05.16 13:11:18 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e9ea3e70247b4aa4a8b260426db3aa6b\System.Windows.Forms.ni.dll MOD - [2013.02.13 10:25:35 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\dab997283369b95e0fc398cdb89d371c\System.Web.ni.dll MOD - [2013.01.10 12:49:15 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f042f66c2ad8fd5b8c34fa22cd22079e\System.Management.ni.dll MOD - [2013.01.10 08:50:02 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b5df40c22ab563a816103629e2ca99d4\System.Runtime.Remoting.ni.dll MOD - [2013.01.10 08:49:25 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll MOD - [2013.01.10 08:48:27 | 001,593,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll MOD - [2013.01.10 08:47:18 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll MOD - [2013.01.10 08:47:09 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll MOD - [2012.10.11 22:56:46 | 000,087,952 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2012.10.11 22:56:22 | 001,242,512 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011.10.07 11:41:16 | 000,879,896 | ---- | M] () -- C:\Programme\Logitech\SetPointP\Macros\MacroCore.dll MOD - [2009.03.29 21:42:14 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll MOD - [2009.03.29 21:42:12 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2008.06.02 14:43:58 | 003,915,784 | ---- | M] () -- C:\Programme\RKS Fax\rksfax_control.exe MOD - [2008.05.07 18:33:46 | 001,675,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2895.26476__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dl l MOD - [2008.05.07 18:33:46 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2895.26689__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll MOD - [2008.05.07 18:33:46 | 000,364,544 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2895.26666__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll MOD - [2008.05.07 18:33:46 | 000,249,856 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2895.26436__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll MOD - [2008.05.07 18:33:46 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2895.26488__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll MOD - [2008.05.07 18:33:46 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2895.26659__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll MOD - [2008.05.07 18:33:46 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2895.26623__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll MOD - [2008.05.07 18:33:46 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2895.26467__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll MOD - [2008.05.07 18:33:46 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2895.26582__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dl l MOD - [2008.05.07 18:33:46 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2895.26455__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime. dll MOD - [2008.05.07 18:33:39 | 000,352,256 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2895.26631__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll MOD - [2008.05.07 18:33:39 | 000,192,512 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Dashboard\2.0.1.0__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Dashboard.dll MOD - [2008.05.07 18:33:39 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2895.26695__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll MOD - [2008.05.07 18:33:39 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2895.26638__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll MOD - [2008.05.07 18:33:39 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2895.26448__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll MOD - [2008.05.07 18:33:39 | 000,012,288 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.2895.26713__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll MOD - [2008.05.07 18:33:39 | 000,008,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.2895.26712__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll MOD - [2008.05.07 18:33:39 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.2895.26713__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll MOD - [2008.05.07 18:33:38 | 000,794,624 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2895.26590__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll MOD - [2008.05.07 18:33:38 | 000,585,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2895.26501__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashbo ard.dll MOD - [2008.05.07 18:33:38 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2895.26456__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashbo ard.dll MOD - [2008.05.07 18:33:38 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2895.26651__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll MOD - [2008.05.07 18:33:38 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2895.26495__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll MOD - [2008.05.07 18:33:38 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.2895.26688__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard. dll MOD - [2008.05.07 18:33:38 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2895.26603__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashbo ard.dll MOD - [2008.05.07 18:33:38 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2895.26589__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll MOD - [2008.05.07 18:33:38 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2895.26631__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll MOD - [2008.05.07 18:33:38 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.2895.26687__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll MOD - [2008.05.07 18:33:38 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2895.26603__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime. dll MOD - [2008.05.07 18:33:37 | 000,901,120 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2895.26661__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll MOD - [2008.05.07 18:33:37 | 000,479,232 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2895.26584__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll MOD - [2008.05.07 18:33:37 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.2895.26616__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll MOD - [2008.05.07 18:33:37 | 000,331,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.2895.26577__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll MOD - [2008.05.07 18:33:37 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.2895.26507__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll MOD - [2008.05.07 18:33:37 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2858.39394__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll MOD - [2008.05.07 18:33:37 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2895.26582__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll MOD - [2008.05.07 18:33:37 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2858.39381__90ba9c70f846762e\CLI.Foundation.dll MOD - [2008.05.07 18:33:37 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2858.39421__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll MOD - [2008.05.07 18:33:37 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll MOD - [2008.05.07 18:33:37 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2858.39454__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll MOD - [2008.05.07 18:33:37 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2895.26506__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime. dll MOD - [2008.05.07 18:33:37 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2895.26589__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll MOD - [2008.05.07 18:33:37 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2858.39378__90ba9c70f846762e\LOG.Foundation.dll MOD - [2008.05.07 18:33:37 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2895.26615__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll MOD - [2008.05.07 18:33:37 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2858.39490__90ba9c70f846762e\CLI.Foundation.XManifest.dll MOD - [2008.05.07 18:33:37 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2858.39384__90ba9c70f846762e\NEWAEM.Foundation.dll MOD - [2008.05.07 18:33:37 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.2858.39453__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll MOD - [2008.05.07 18:33:37 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2858.39448__90ba9c70f846762e\DEM.OS.I0602.dll MOD - [2008.05.07 18:33:37 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2858.39397__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll MOD - [2008.05.07 18:33:37 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2858.39396__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll MOD - [2008.05.07 18:33:37 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2858.39386__90ba9c70f846762e\CLI.Component.Client.Shared.dll MOD - [2008.05.07 18:33:37 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2858.39392__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll MOD - [2008.05.07 18:33:37 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2858.39389__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll MOD - [2008.05.07 18:33:37 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2858.39411__90ba9c70f846762e\MOM.Foundation.dll MOD - [2008.05.07 18:33:37 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2858.39449__90ba9c70f846762e\DEM.OS.dll MOD - [2008.05.07 18:33:37 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll MOD - [2008.05.07 18:33:37 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2858.39447__90ba9c70f846762e\DEM.Graphics.dll MOD - [2008.05.07 18:33:37 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll MOD - [2008.05.07 18:33:37 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2858.39392__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll MOD - [2008.05.07 18:33:37 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2858.39425__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll MOD - [2008.05.07 18:33:37 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2858.39446__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll MOD - [2008.05.07 18:33:37 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2858.39450__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll MOD - [2008.05.07 18:33:37 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2858.39398__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll MOD - [2008.05.07 18:33:37 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2858.39451__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll MOD - [2008.05.07 18:33:37 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll MOD - [2008.05.07 18:33:36 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2858.39457__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll MOD - [2008.05.07 18:33:36 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2858.39415__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll MOD - [2008.05.07 18:33:36 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2868.26817__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll MOD - [2008.05.07 18:33:36 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2858.39414__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll MOD - [2008.05.07 18:33:36 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2858.39420__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll MOD - [2008.05.07 18:33:36 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2858.39399__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll MOD - [2008.05.07 18:33:36 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2858.39423__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dl l MOD - [2008.05.07 18:33:36 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2858.39445__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll MOD - [2008.05.07 18:33:36 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2858.39418__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dl l MOD - [2008.05.07 18:33:36 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2858.39412__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll MOD - [2008.05.07 18:33:36 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2858.39379__90ba9c70f846762e\AEM.Foundation.dll MOD - [2008.05.07 18:33:36 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll MOD - [2008.05.07 18:33:36 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2858.39445__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dl l MOD - [2008.05.07 18:33:36 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2858.39410__90ba9c70f846762e\APM.Foundation.dll MOD - [2008.05.07 18:33:36 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2858.39391__90ba9c70f846762e\AEM.Server.Shared.dll MOD - [2008.05.07 18:33:34 | 000,005,120 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.2895.26673_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll MOD - [2008.05.07 18:33:33 | 001,507,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2895.26443__90ba9c70f846762e\CLI.Component.Dashboard.dll MOD - [2008.05.07 18:33:33 | 000,471,040 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2895.26462__90ba9c70f846762e\CLI.Component.Wizard.dll MOD - [2008.05.07 18:33:33 | 000,466,944 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2895.26673__90ba9c70f846762e\CLI.Component.Systemtray.dll MOD - [2008.05.07 18:33:33 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2895.26680__90ba9c70f846762e\MOM.Implementation.dll MOD - [2008.05.07 18:33:33 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2895.26429__90ba9c70f846762e\CLI.Component.Runtime.dll MOD - [2008.05.07 18:33:33 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.2895.26430__90ba9c70f846762e\ATIDEMOS.dll MOD - [2008.05.07 18:33:33 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2895.26679__90ba9c70f846762e\LOG.Foundation.Implementation.dll MOD - [2008.05.07 18:33:33 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.2895.26429__90ba9c70f846762e\APM.Server.dll MOD - [2008.05.07 18:33:33 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.2895.26428__90ba9c70f846762e\AEM.Server.dll MOD - [2008.05.07 18:33:33 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2858.39387__90ba9c70f846762e\CLI.Foundation.Private.dll MOD - [2008.05.07 18:33:33 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2858.39400__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll MOD - [2008.05.07 18:33:33 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2858.39393__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll MOD - [2008.05.07 18:33:33 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2895.26704__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll MOD - [2008.05.07 18:33:33 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2858.39389__90ba9c70f846762e\LOG.Foundation.Private.dll MOD - [2008.05.07 18:33:33 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2895.26680__90ba9c70f846762e\CCC.Implementation.dll MOD - [2008.05.07 18:33:33 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll MOD - [2008.05.07 18:33:33 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2858.39398__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll MOD - [2008.05.07 18:33:33 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2858.39411__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll MOD - [2008.05.07 18:33:33 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2858.39398__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll MOD - [2008.05.07 18:33:33 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2858.39426__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll MOD - [2008.05.07 18:33:33 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.2858.39384__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll MOD - [2008.05.07 18:33:33 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.2895.26714__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll MOD - [2008.05.07 18:33:33 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2895.26428__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll MOD - [2007.12.04 22:56:42 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll MOD - [2007.01.11 13:57:20 | 000,291,760 | ---- | M] () -- C:\Programme\Lexmark 9300 Series\lxcqmon.exe MOD - [2006.11.22 18:31:30 | 000,065,536 | ---- | M] () -- C:\Programme\Motorola\SMSERIAL\sm56ita.dll MOD - [2006.11.22 18:31:30 | 000,065,536 | ---- | M] () -- C:\Programme\Motorola\SMSERIAL\sm56esp.dll MOD - [2006.11.22 18:31:30 | 000,065,536 | ---- | M] () -- C:\Programme\Motorola\SMSERIAL\sm56brz.dll MOD - [2006.11.22 18:31:30 | 000,053,248 | ---- | M] () -- C:\Programme\Motorola\SMSERIAL\sm56kor.dll MOD - [2006.11.22 18:31:28 | 000,065,536 | ---- | M] () -- C:\Programme\Motorola\SMSERIAL\sm56ger.dll MOD - [2006.11.22 18:31:28 | 000,065,536 | ---- | M] () -- C:\Programme\Motorola\SMSERIAL\sm56fra.dll MOD - [2006.11.22 18:31:28 | 000,065,536 | ---- | M] () -- C:\Programme\Motorola\SMSERIAL\sm56dnk.dll MOD - [2006.11.22 18:31:28 | 000,057,344 | ---- | M] () -- C:\Programme\Motorola\SMSERIAL\sm56jpn.dll MOD - [2006.11.22 18:31:28 | 000,053,248 | ---- | M] () -- C:\Programme\Motorola\SMSERIAL\sm56cht.dll MOD - [2006.11.22 18:31:28 | 000,053,248 | ---- | M] () -- C:\Programme\Motorola\SMSERIAL\sm56chs.dll MOD - [2006.10.23 13:51:08 | 000,278,528 | ---- | M] () -- C:\Programme\Lexmark 9300 Series\lxcqscw.dll MOD - [2006.06.09 01:39:22 | 000,143,360 | ---- | M] () -- C:\Programme\Lexmark 9300 Series\lxcqdrec.dll MOD - [2006.05.25 15:20:44 | 000,241,664 | ---- | M] () -- C:\Programme\Lexmark 9300 Series\iptk.dll MOD - [2004.09.08 13:45:58 | 000,368,128 | ---- | M] () -- C:\Programme\Filzip\fzshext.dll ========== Services (SafeList) ========== SRV - [2013.05.26 22:20:03 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.05.10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013.05.10 07:40:21 | 000,296,448 | ---- | M] () [Auto | Stopped] -- C:\Programme\SoftwareUpdater\SystemStore.exe -- (SystemStoreService) SRV - [2013.04.02 18:43:22 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2013.04.02 18:43:08 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2011.09.27 21:03:28 | 000,295,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2011.06.08 13:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2011.03.28 20:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2010.07.28 19:05:34 | 000,472,664 | ---- | M] (PacketVideo) [Auto | Running] -- C:\Programme\TwonkyMedia\twonkymediaserverwatchdog.exe -- (TwonkyMedia) SRV - [2008.01.18 23:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008.01.18 23:33:40 | 000,896,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) SRV - [2007.09.03 17:01:50 | 000,053,248 | ---- | M] () [Auto | Stopped] -- C:\Programme\C&E\OSD\OsdService\OsdService.exe -- (OsdService) SRV - [2006.12.08 10:52:04 | 000,204,800 | ---- | M] (Fujitsu Siemens Computers) [Auto | Running] -- C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe -- (TestHandler) SRV - [2006.12.05 09:36:10 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxcqcoms.exe -- (lxcq_device) SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\PalmUSBD.sys -- (PalmUSBD) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive) DRV - [2013.04.02 18:43:25 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2013.04.02 18:43:25 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2013.04.02 18:43:25 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2012.08.27 16:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2011.11.16 19:17:48 | 000,144,384 | ---- | M] (1&1 Mail & Media GmbH) [File_System | System | Running] -- C:\Windows\System32\drivers\uigxrdr.SYS -- (uigxrdr) DRV - [2011.09.02 08:31:28 | 000,039,192 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2011.09.02 08:31:28 | 000,030,360 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt) DRV - [2011.09.02 08:31:20 | 000,041,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2011.08.29 16:40:13 | 000,037,920 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tbhsd.sys -- (tbhsd) DRV - [2011.02.16 18:52:46 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM) DRV - [2011.01.24 17:34:02 | 000,082,688 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SD11CL32.sys -- (SD11CL32) DRV - [2011.01.24 17:21:02 | 000,065,408 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SDI01132.sys -- (SDI01132) DRV - [2010.12.24 15:27:44 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(5).sys -- (WsAudio_DeviceS(5) DRV - [2010.12.24 15:27:44 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(4).sys -- (WsAudio_DeviceS(4) DRV - [2010.12.24 15:27:44 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(3).sys -- (WsAudio_DeviceS(3) DRV - [2010.12.24 15:27:44 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(2).sys -- (WsAudio_DeviceS(2) DRV - [2010.12.24 15:27:44 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(1).sys -- (WsAudio_DeviceS(1) DRV - [2010.07.28 10:19:28 | 000,058,112 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\silabser.sys -- (silabser) DRV - [2010.07.28 10:19:28 | 000,047,176 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\silabenm.sys -- (silabenm) DRV - [2009.02.05 18:39:08 | 000,017,064 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SiWinAcc.sys -- (SiFilter) DRV - [2009.02.05 18:39:00 | 000,012,200 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SiRemFil.sys -- (SiRemFil) DRV - [2009.02.05 18:38:24 | 000,212,520 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\Si3531.sys -- (Si3531) DRV - [2008.09.26 20:06:24 | 000,129,824 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\Windows\System32\drivers\Uim_IM.sys -- (Uim_IM) DRV - [2008.09.26 20:06:24 | 000,032,048 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Running] -- C:\Windows\System32\drivers\UimBus.sys -- (UimBus) DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008.05.26 12:55:31 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pfc.sys -- (pfc) DRV - [2007.12.04 23:08:12 | 003,351,040 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2007.09.26 13:12:22 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) DRV - [2007.09.04 16:20:00 | 000,005,120 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Programme\C&E\OSD\OsdService\cebuffer.sys -- (CEBFilter) DRV - [2007.08.31 16:18:06 | 000,004,608 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Programme\C&E\OSD\OsdService\ceio.sys -- (CEIO) DRV - [2007.08.31 14:22:26 | 000,007,168 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Programme\C&E\OSD\OsdService\kbfiltr.sys -- (cKBFilter) DRV - [2007.07.02 17:37:10 | 000,131,616 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvrd32.sys -- (nvrd32) DRV - [2007.07.02 17:37:08 | 000,110,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32) DRV - [2007.06.18 15:10:42 | 000,373,568 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\acedrv09.sys -- (acedrv09) DRV - [2007.06.13 23:47:12 | 000,048,256 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\jraid.sys -- (JRAID) DRV - [2007.06.01 17:10:38 | 000,753,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BisonCam.sys -- (Cam5603D) DRV - [2007.05.30 18:54:22 | 000,201,696 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\acehlp09.sys -- (acehlp09) DRV - [2007.04.30 14:42:14 | 000,081,408 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2007.04.04 05:57:00 | 000,046,592 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\itecir.sys -- (itecir) DRV - [2006.11.22 18:35:00 | 000,982,272 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial) DRV - [2002.03.19 10:29:16 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\Pclepci.sys -- (PCLEPCI) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=FUJD&bmod=FUJD IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FUJC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.msn.com/?ocid=EIE9HP&PC=UP50 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://spiegel.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=GLSV5&o=10168&src=crm&q={searchTerms}&locale=de_DE IE - HKCU\..\SearchScopes\{4FA812D6-4D6B-403E-8EFD-03EBDAAE6D5E}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FUJC_de IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.bing.com/search?FORM=UP50DF&PC=UP50&q={searchTerms}&src=IE-SearchBox IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = hxxp://toolbar.ask.com/toolbarv/askRedirect?gct=&gc=1&q={searchTerms}&crm=1&toolbar=FXT IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: nosquint%40urandom.ca:2.1.9 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0 FF - prefs.js..network.proxy.ftp: "178.33.105.59" FF - prefs.js..network.proxy.ftp_port: 3128 FF - prefs.js..network.proxy.http: "178.33.105.59" FF - prefs.js..network.proxy.http_port: 3128 FF - prefs.js..network.proxy.no_proxies_on: "localhost, 127.0.0.1, stealthy.co" FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "178.33.105.59" FF - prefs.js..network.proxy.socks_port: 3128 FF - prefs.js..network.proxy.ssl: "178.33.105.59" FF - prefs.js..network.proxy.ssl_port: 3128 FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll File not found FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Rainer\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Rainer\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll (Amazon.com, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.04.05 10:42:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rainer\AppData\Roaming\mozilla\Extensions [2013.05.03 09:06:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rainer\AppData\Roaming\mozilla\Firefox\Profiles\3xug5btu.default\extensions [2013.05.03 09:06:13 | 000,114,250 | ---- | M] () (No name found) -- C:\Users\Rainer\AppData\Roaming\mozilla\firefox\profiles\3xug5btu.default\extensions\nosquint@urandom.ca.xpi [2013.05.26 22:20:04 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions [2013.05.26 22:20:04 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google  riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{go ogle:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParam eter}, CHR - homepage: https://www.google.de/webhp?source=search_app CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Rainer\AppData\Local\Google\Chrome\Application\27.0.1453.110\pdf.dll CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Users\Rainer\AppData\Local\Google\Chrome\Application\27.0.1453.110\gears.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Rainer\AppData\Local\Google\Chrome\Application\27.0.1453.110\gcswf32.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.230.5 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U23 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: Angry Birds = C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\ CHR - Extension: YouTube = C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Google-Suche = C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: Google Mail = C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.) O2 - BHO: (AusweisApp 1.8.0.0) - {C9EE92B7-EDD5-4ad9-8029-2EC6818E653A} - C:\Programme\AusweisApp\siqeCardClient.ols (OpenLimit SignCubes AG) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found. O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 9300 Series\ezprint.exe (Lexmark International Inc.) O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe () O4 - HKLM..\Run: [LXCQCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\LXCQtime.DLL (Lexmark International Inc.) O4 - HKLM..\Run: [lxcqmon.exe] C:\Program Files\Lexmark 9300 Series\lxcqmon.exe () O4 - HKLM..\Run: [OSD] C:\Programme\C&E\OSD\osd.exe (C&E) O4 - HKLM..\Run: [PDFPrint] C:\Programme\PDF24\pdf24.exe (Geek Software GmbH) O4 - HKLM..\Run: [recinfo742] c:\RecInfo\RecInfo.exe () O4 - HKLM..\Run: [RKS Fax Print Controller] C:\Program Files\RKS Fax\rksfax_control.exe () O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [SMSERIAL] C:\Programme\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.) O4 - HKLM..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe () O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data] O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: WMPNSCFG = C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation) O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {BB608966-BC14-4875-9F63-853E5851A2B6} hxxp://download.microsoft.com/download/0/4/C/04CF1236-3181-4F87-8382-B56CCA6C15CF/pmupd806.exe (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2E4D4F64-FD95-4731-AC09-CA93409E6231}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{722A890F-3357-4D8C-AE02-1C0390103954}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ACC1DE24-9C8A-425E-8DAF-19BAF870A1A1}: NameServer = 195.50.140.178 195.50.140.252 O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\2013 05 22 14 01 06 Bibione.JPG O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\2013 05 22 14 01 06 Bibione.JPG O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013.06.07 21:06:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2013.06.07 19:27:43 | 000,000,000 | ---D | C] -- C:\Program Files\CDBurnerXP [2013.05.24 12:34:30 | 000,000,000 | ---D | C] -- C:\Users\Rainer\Documents\PC Tipps [2013.05.23 10:17:49 | 000,000,000 | ---D | C] -- C:\Users\Rainer\Documents\WiWo [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [2 C:\Users\Rainer\*.tmp files -> C:\Users\Rainer\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.06.12 18:24:00 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{98615E68-E061-4150-859F-1819AC633BEB}.job [2013.06.12 18:16:36 | 000,000,000 | ---- | M] () -- C:\Users\Rainer\defogger_reenable [2013.06.12 17:47:40 | 000,632,242 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.06.12 17:47:40 | 000,598,900 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.06.12 17:47:40 | 000,127,278 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.06.12 17:47:40 | 000,104,914 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.06.12 17:44:02 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2449479715-2319816545-2623231108-1000UA.job [2013.06.12 17:44:02 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2449479715-2319816545-2623231108-1000Core.job [2013.06.12 17:36:43 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.06.12 17:35:02 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.06.12 17:34:36 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2013.06.12 17:34:35 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2013.06.12 17:34:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.06.12 17:32:57 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2013.06.12 08:33:37 | 000,076,521 | ---- | M] () -- C:\Users\Rainer\Documents\Adressliste.CSV [2013.06.12 08:33:36 | 000,038,434 | ---- | M] () -- C:\Users\Rainer\AppData\Roaming\Kommagetrennte Werte (Windows).ADR [2013.06.11 14:01:26 | 000,046,446 | ---- | M] () -- C:\Users\Rainer\Documents\Paswörter.kdbx [2013.06.10 06:17:09 | 000,007,052 | ---- | M] () -- C:\Users\Rainer\AppData\Local\d3d9caps.dat [2013.06.07 21:16:13 | 000,000,041 | ---- | M] () -- C:\Windows\Filzip.ini [2013.06.04 11:16:45 | 000,002,533 | ---- | M] () -- C:\Users\Rainer\Documents\Schufa.htm [2013.05.24 14:48:42 | 000,095,744 | ---- | M] () -- C:\Users\Rainer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013.05.16 13:05:52 | 000,467,568 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [2 C:\Users\Rainer\*.tmp files -> C:\Users\Rainer\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.06.12 18:16:36 | 000,000,000 | ---- | C] () -- C:\Users\Rainer\defogger_reenable [2013.06.12 08:33:29 | 000,076,521 | ---- | C] () -- C:\Users\Rainer\Documents\Adressliste.CSV [2013.06.07 19:27:44 | 000,001,690 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk [2013.06.04 11:16:45 | 000,002,533 | ---- | C] () -- C:\Users\Rainer\Documents\Schufa.htm [2012.12.02 13:41:38 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012.10.16 08:44:49 | 000,004,096 | -H-- | C] () -- C:\Users\Rainer\AppData\Local\keyfile3.drm [2011.12.24 12:59:16 | 000,032,256 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll [2011.08.28 17:49:57 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2011.08.28 17:47:30 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2011.08.28 17:47:30 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2010.12.04 16:37:53 | 000,019,456 | ---- | C] () -- C:\Users\Rainer\AppData\Local\WebpageIcons.db [2010.04.05 15:02:56 | 000,007,052 | ---- | C] () -- C:\Users\Rainer\AppData\Local\d3d9caps.dat [2009.12.11 10:08:16 | 000,000,048 | ---- | C] () -- C:\Users\Rainer\AppData\Roaming\tigersetting.dll [2009.12.11 09:42:43 | 000,000,701 | ---- | C] () -- C:\Users\Rainer\AppData\Roaming\init.dll [2009.12.11 09:42:43 | 000,000,006 | ---- | C] () -- C:\Users\Rainer\AppData\Roaming\SYSTEM32.dll [2009.12.11 09:42:32 | 000,000,701 | ---- | C] () -- C:\Users\Rainer\AppData\Roaming\sound.dll [2009.09.04 16:27:50 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2009.06.28 13:18:45 | 018,042,880 | ---- | C] () -- C:\Users\Rainer\AppData\Local\filesync.metadata [2009.06.12 15:19:19 | 000,001,542 | ---- | C] () -- C:\Users\Rainer\AppData\Roaming\wklnhst.dat [2008.08.07 17:23:20 | 000,024,206 | ---- | C] () -- C:\Users\Rainer\AppData\Roaming\UserTile.png [2008.07.23 12:09:52 | 000,038,430 | ---- | C] () -- C:\Users\Rainer\AppData\Roaming\Kommagetrennte Werte (DOS).ADR [2008.07.17 11:54:19 | 000,000,011 | ---- | C] () -- C:\ProgramData\.tv [2008.06.30 13:32:50 | 000,678,044 | ---- | C] () -- C:\Users\Rainer\AppData\Roaming\mdbu.bin [2008.06.04 21:37:21 | 000,025,453 | ---- | C] () -- C:\Users\Rainer\AppData\Roaming\mdb.bin [2008.06.04 16:07:41 | 000,012,947 | ---- | C] () -- C:\Users\Rainer\AppData\Roaming\Microsoft Excel.CAL [2008.05.23 09:46:00 | 000,022,036 | ---- | C] () -- C:\Users\Rainer\AppData\Roaming\Microsoft Excel.ADR [2008.05.23 09:42:10 | 000,038,434 | ---- | C] () -- C:\Users\Rainer\AppData\Roaming\Kommagetrennte Werte (Windows).ADR [2008.05.23 09:40:51 | 000,012,965 | ---- | C] () -- C:\Users\Rainer\AppData\Roaming\Kommagetrennte Werte (Windows).CAL [2008.05.22 20:25:55 | 000,004,145 | ---- | C] () -- C:\ProgramData\powjnvfp.pmy [2008.05.22 12:24:26 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2008.05.21 14:24:06 | 000,095,744 | ---- | C] () -- C:\Users\Rainer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ========== ZeroAccess Check ========== [2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.10 23:28:20 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.10 23:28:26 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2008.05.26 12:59:09 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\ACD Systems [2011.02.01 14:40:28 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Amazon [2009.12.23 14:01:32 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Ancient Quest of Saqqarah__intenium [2012.12.20 10:27:51 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Ashampoo [2010.03.21 23:57:59 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\BOM [2010.11.20 15:05:45 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Canneverbe Limited [2010.11.21 15:37:10 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\DeepBurner [2011.06.05 17:16:36 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\dp3d [2013.01.15 13:32:39 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\EAC [2010.02.12 19:25:31 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\eXPert PDF 6 [2010.03.09 14:36:50 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Facebook [2009.12.19 16:06:34 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\FarmingSimulator2008 [2013.05.16 11:01:11 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\foobar2000 [2010.02.12 18:49:09 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Foxit [2009.01.22 11:08:15 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\FTD [2009.12.21 10:15:50 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\GetRightToGo [2009.11.13 16:12:07 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\GlarySoft [2009.09.04 16:13:03 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\GMX [2010.11.05 20:02:06 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Gutscheinmieze [2008.06.04 14:22:40 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\HotSync [2013.06.11 14:23:14 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\KeePass [2008.05.22 11:05:53 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\KeyPass [2008.06.04 14:28:53 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Leadertech [2010.12.16 11:50:45 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\MAGIX [2009.11.13 16:10:49 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\MP3Find [2013.06.11 15:24:40 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Mp3tag [2008.06.14 20:20:23 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Nikon [2011.08.27 16:46:26 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Nokia [2011.08.27 16:46:26 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Nokia Ovi Suite [2010.11.06 12:15:24 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\OpenOffice.org [2013.04.20 15:45:08 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Oracle [2009.07.09 17:02:06 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\PC Suite [2008.08.07 17:23:19 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\PeerNetworking [2011.11.06 20:28:34 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\PersBackup5 [2011.03.13 18:58:18 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\RavensburgerTipToi [2008.05.21 17:34:48 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\TeamViewer [2010.02.18 18:58:39 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Template [2008.11.20 19:11:14 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\TuxPaint [2010.03.19 16:12:04 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Uniblue [2008.05.25 09:59:58 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\XCPCSync.OEM [2011.09.14 21:08:18 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\XMedia Recode [2009.12.11 09:44:46 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\YCanPDF ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 205 bytes -> C:\ProgramData\TEMP:8FF81EB0 < End of report > EXTRAS OTL Extras logfile created on: 12.06.2013 18:20:08 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Rainer\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,89 Gb Available Physical Memory | 63,01% Memory free 6,20 Gb Paging File | 4,98 Gb Available in Paging File | 80,43% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 286,37 Gb Total Space | 39,46 Gb Free Space | 13,78% Space Free | Partition Type: NTFS Drive D: | 298,09 Gb Total Space | 26,62 Gb Free Space | 8,93% Space Free | Partition Type: NTFS Computer Name: AMILO-LAPTOP | User Name: Rainer | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "UacDisableNotify" = 0 "InternetSettingsDisableNotify" = 0 "AutoUpdateDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{12C04B56-FC33-40B1-887F-9053DAF9773C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{212D6A2B-F22D-4773-9E89-805FC35C9598}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{2BFE05C8-F25F-44EB-9672-4E04CB578B3E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{470A039A-833E-4309-825A-EDA01F516E5F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{4C5D5528-8870-4F76-93C9-B9252B991A7F}" = lport=2869 | protocol=6 | dir=in | app=system | "{704D969B-3787-47A7-A394-3857FBD49B13}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{7596385E-AE85-4D8F-AC9E-F82718504B00}" = lport=10243 | protocol=6 | dir=in | app=system | "{7C730BD8-ADDA-4FA3-9950-33D44542355C}" = rport=10243 | protocol=6 | dir=out | app=system | "{86676C27-4E31-48DC-8860-345DA25404F6}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{BC2C98E0-3D91-41E2-9078-216820AC1708}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{E574FB85-BB04-4FE9-AF00-FF0872D10432}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{04E4EF70-5F3B-45B3-B298-3C9B415912F6}" = protocol=6 | dir=in | app=c:\program files\twonkymedia\twonkymedia.exe | "{08DB0A56-7B98-49FB-AEF2-69BC9716CC90}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{0D987FAA-A8A8-4B4C-AFD9-A25C889AA32C}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | "{1D672ABD-8076-49B0-B548-091D71491761}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{2441628A-80F9-465D-B9F0-0652460F114C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{26B1C1D9-AE16-4562-B773-C42DAC6DCC86}" = protocol=6 | dir=in | app=c:\program files\twonkymedia\twonkymediaserver.exe | "{44754781-2D46-4757-8CFE-CA46326D474B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{5764EFDA-EAA1-44FE-9264-E515D46D50DA}" = protocol=6 | dir=in | app=c:\windows\system32\lxcqcoms.exe | "{59CA9FB1-BFC4-463A-B3BE-94B1DF6D651E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{63A132C1-E750-43CA-849E-B93F786A5069}" = dir=in | app=c:\program files\itunes\itunes.exe | "{640BA681-86BD-4F41-BD92-772B812397C7}" = protocol=17 | dir=in | app=c:\program files\twonkymedia\twonkymediaserver.exe | "{6546BB09-15FA-49AE-A424-404ED5EAA3D0}" = protocol=17 | dir=in | app=c:\program files\fujitsu siemens computers\fsclounge\fscwbaseupdaterservice\2\fscwbaseupdaterservice.exe | "{82E1842E-07F6-417F-BBD6-D4D15432D084}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{88375265-EB78-44C3-B109-925E131561AE}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{8AD110F2-79E4-4A10-946A-EAB7894DB63D}" = protocol=6 | dir=out | app=system | "{8BB65E38-0C44-465C-A6A6-B5053E4DFB25}" = protocol=17 | dir=in | app=c:\windows\system32\lxcqcoms.exe | "{9A9BCDBB-178E-4BEF-BABF-7951477FD87E}" = protocol=17 | dir=in | app=c:\windows\system32\lxcqcoms.exe | "{AB95168B-DC4A-4E34-87E1-D96127C26842}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{AE396D1D-3C80-48DD-B40B-EEEB3F509955}" = protocol=6 | dir=in | app=c:\program files\twonkymedia\twonkymediaserverwatchdog.exe | "{B2642678-2334-4ECB-944A-A1236E0063D5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{B49DC05C-B60A-4B46-B542-A8FE7024CAAD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{B71E9097-ECC7-42D5-AA84-304D82CB2173}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{B73EFC94-0559-4E7D-A92B-AACB21CC8F6A}" = protocol=6 | dir=in | app=c:\program files\fujitsu siemens computers\fsclounge\fscwbaseupdaterservice\2\fscwbaseupdaterservice.exe | "{C159A3B9-F9BB-4777-A7D9-D30CAC2E3652}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{C61031C2-64B6-4345-BCD0-D1AB18000472}" = protocol=6 | dir=in | app=c:\windows\system32\lxcqcoms.exe | "{C9ACF5CB-A6DB-4B85-9816-203BEFFE4BCA}" = protocol=17 | dir=in | app=c:\program files\twonkymedia\twonkymedia.exe | "{DE60DEC8-EFAA-4738-919A-4F321D031E62}" = protocol=17 | dir=in | app=c:\program files\twonkymedia\twonkymediaserverwatchdog.exe | "{DEA77B5B-303E-4BA3-9221-F60BFE3EFBD2}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | "{FDB8882A-CE64-4607-AF83-67274D48C18C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{FE06B2C0-1C50-4752-AA18-12772A5EE37B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "TCP Query User{0E6F812F-73DE-4D4E-8952-72AB7A741E3E}C:\users\rainer\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\rainer\appdata\local\google\chrome\application\chrome.exe | "TCP Query User{2D36A106-C649-4F65-B99D-D9621C0A3D2F}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | "TCP Query User{3D59FE12-2598-4433-8380-721586A1E5FF}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "TCP Query User{4C68D8BD-6D05-4BE2-954E-3D407B64AC98}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe | "TCP Query User{9BD4415A-E09B-43B1-9AE6-9758F6EEDA3A}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | "TCP Query User{B1733EC6-CF72-440F-805D-7EC61D7A73EA}C:\program files\twonkymedia\twonkymediaserver.exe" = protocol=6 | dir=in | app=c:\program files\twonkymedia\twonkymediaserver.exe | "UDP Query User{10DBC3EA-7E62-4F97-90F6-1856F1BC6AE5}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | "UDP Query User{2222DC57-358C-47AD-8E0B-5AB19C9F3058}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe | "UDP Query User{2C2D02EC-0C4E-4889-A5DD-6B2C678D719D}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | "UDP Query User{53CFFD83-FCBC-48E1-BCAD-D6C58E9DDBC5}C:\users\rainer\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\rainer\appdata\local\google\chrome\application\chrome.exe | "UDP Query User{C8CC2D8A-76D2-44DC-A0DE-45D20AC72263}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{E9690183-3B4B-499E-A6EF-F244FC192E08}C:\program files\twonkymedia\twonkymediaserver.exe" = protocol=17 | dir=in | app=c:\program files\twonkymedia\twonkymediaserver.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{03CAB33F-D1C2-48C6-8766-DAE84DFC25FE}" = Microsoft Sync Framework Services v1.0 (x86) "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{05742219-6EDB-229B-925C-45434EB327B8}" = Catalyst Control Center Localization Japanese "{0673654C-5296-453B-9798-B61CD7E03FEB}" = SES Driver "{07BA8628-85A9-9A2C-2B3A-60682FD7F663}" = Catalyst Control Center Localization German "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{1C3DA126-D523-4089-BCCA-FA46FE34D6F8}" = Google Drive "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86 "{245109BB-1FF9-DEB6-4A6E-FEF022A098EC}" = CCC Help German "{268278CF-FB69-4D98-B70E-BFEC1CDCA225}" = iTunes "{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 21 "{2D99A593-C841-43A7-B7C9-D6F3AE70B756}" = Nokia Connectivity Cable Driver "{2FE63165-6D35-0F90-1147-7FF4BEFA373A}" = CCC Help Portuguese "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{35EBAC05-5A13-085B-86F9-7AEA83576999}" = Catalyst Control Center Localization Spanish "{36A1E3D6-288A-4EEE-A081-30D9808B2BE3}" = Joe "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack "{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works "{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMB36X Raid Configurer "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg "{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support "{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth "{4864C602-6ED6-8BB6-A423-6037A1D5CAB3}" = Catalyst Control Center Localization Chinese Standard "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A57592C-FF92-4083-97A9-92783BD5AFB4}" = WebCam "{4BE0F5DC-1936-4774-DCAE-23A092D2DBED}" = CCC Help Italian "{4F8697F4-3D30-4BD0-8F26-455C01F4EE8B}" = Integrity Tool "{50EC1829-2F5B-68D3-EA04-159F4EFE2B71}" = CCC Help Dutch "{579784C5-0C5C-39A7-C577-8F2D5CEE97E8}" = Skins "{579DCEAB-A977-7B56-6701-82766CDADEFB}" = Catalyst Control Center Graphics Full New "{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{69ECC898-2C9B-3138-6496-ADF8A0A17D04}" = Catalyst Control Center Graphics Previews Vista "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6C6A0CAE-731C-495D-DCA1-002F3FF38C23}" = CCC Help Spanish "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour "{7D6137CE-AA7F-3097-F043-A0FA6569A679}" = Catalyst Control Center Localization Chinese Traditional "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP "{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 5.2.0 "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{86250F83-AF3E-0A78-3240-BEBEFBE0F14C}" = Catalyst Control Center Localization Korean "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8E014610-ED01-5E15-8114-4581F46395A9}" = Catalyst Control Center Graphics Light "{8F97A88E-7135-A629-A838-4EF3E8F94F60}" = CCC Help English "{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{91B33C97-0FBA-74AE-E802-D782F5C8AA89}_is1" = Ashampoo Burning Studio 2013 v.11.0.5 "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{94D66D71-12F0-48A5-B46A-D4B835A0F1B7}" = FirstSteps Diagnostics "{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German) "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}" = AGEIA PhysX v7.11.13 "{973E7604-4861-3C13-4D93-8B2182C6A964}" = CCC Help Japanese "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9A3BC157-B94F-4EFD-ABA9-1E56DEB00655}" = FSCLounge "{9B050CDA-7803-7989-905D-BCB7CDFC523C}" = CCC Help Swedish "{9B49DB13-5F0F-2A7E-C0EC-16F1B432DCC6}" = Catalyst Control Center Graphics Full Existing "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9E34E568-EE5B-8A11-CE05-446A0B404886}" = Catalyst Control Center Localization Portuguese "{A066194B-DC8F-449A-8E0F-B57BDD3A2072}" = SyncToy 2.1 (x86) "{A8BD5A60-E843-46DC-8271-ABF20756BE0F}" = Microsoft Sync Framework Runtime v1.0 (x86) "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.7) - Deutsch "{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint "{AD1F90F1-98FD-5AD5-9075-A474154B970B}" = ccc-utility "{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86 "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie "{B116E95E-01B1-420A-AECB-B2B330B9BD97}" = Polar Precision Performance SW "{B7515BC5-D109-006A-BC58-C8D58C4F49B7}" = CCC Help Korean "{C07A4CD1-DB39-C7FB-ADD4-EDE9864C4B78}" = Catalyst Control Center Core Implementation "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C373F7C4-05D2-4047-96D1-6AF30661C6AA}" = PC Connectivity Solution "{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant "{CB01ED55-1879-6D0D-7A02-E39B3CAEFF8D}" = CCC Help French "{CB7600E5-E524-11D6-9218-00D0B70768DA}" = piasync "{CB7A367B-8CDD-A2AA-E806-79D1DE611159}" = CCC Help Chinese Standard "{CC795547-983F-D95B-5BB0-3BA544EBD97C}" = Catalyst Control Center Localization French "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0D14551-3A2D-433B-861F-F4DCE5422759}" = Nokia PC Suite "{D0ED9100-DFFB-482C-8DB6-C626264757BD}" = SDI011 dual interface reader "{D3A80508-CD83-4CA3-8671-914A1BC78B61}" = Microsoft Sync Framework 2.0 Provider Services (x86) ENU "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D5E08D30-3AEE-822C-A4F9-1255E61DDB97}" = CCC Help Chinese Traditional "{D5E409E8-3AF3-4B19-A291-E27AECC905B3}" = Janosch Vorschule Englisch "{DC9A378D-FA0F-140F-8FD8-C8D2951DED04}" = ccc-core-static "{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}" = OpenOffice.org 3.2 "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E0B4DFB8-3D06-9767-0F3C-4F3023662752}" = Catalyst Control Center Localization Italian "{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support "{E441D229-FBD9-6632-579F-EB618D4F9ED6}" = Catalyst Control Center Localization Swedish "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker "{E53270E8-C27B-2C21-3819-C0FA52EFDA87}" = Catalyst Control Center Localization Dutch "{EA561FC0-A965-11E2-94D3-B8AC6F98CCE3}" = Google Earth Plug-in "{EB863CFD-6889-47B0-9D79-492DE0D07EE7}" = OSDInstall "{EE56DCD1-13FD-435B-BC4C-EE8CD83FF17A}" = AusweisApp "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5 "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{FF63121D-91C6-42CC-B341-F1AA729728E7}" = Microsoft Sync Framework 2.0 Core Components (x86) ENU "504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) "72A50F48CC5601190B9C4E74D81161693133E7F7" = Windows-Treiberpaket - Nokia Modem (02/25/2011 7.01.0.9) "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 12.0 "Album Art Downloader XUI" = Album Art Downloader XUI 0.45 "Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.17 "Audiograbber" = Audiograbber 1.83 SE "Audiograbber-Lame" = Audiograbber Lame-MP3-Plugin "Avira AntiVir Desktop" = Avira Free Antivirus "Bengal (VOLLVERSION)" = Bengal (VOLLVERSION) "CCleaner" = CCleaner "ClocX" = ClocX (1.4) "Dream Pinball 3D Demo" = Dream Pinball 3D Demo "DSGPlayer" = DEUTSCHLAND SPIELT GAME CENTER "Duden Deutsch 3_is1" = Duden Deutsch 3 "Duden Langenscheidt Englisch 3_is1" = Duden Langenscheidt Englisch 3 "Duden Mathematik 3_is1" = Duden Mathematik 3 "E0AC723A3DE3A04256288CADBBB011B112AED454" = Windows-Treiberpaket - Nokia Modem (02/25/2011 4.7) "EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v4.60 "Exact Audio Copy" = Exact Audio Copy 1.0beta3 "FastStone Capture" = FastStone Capture 5.3 "Filzip 3.0.6.93_is1" = Filzip 3.06 "foobar2000" = foobar2000 v1.2.2 "FormatFactory" = FormatFactory 3.0.1 "GMX Upload-Manager" = GMX Upload-Manager "KeePassPasswordSafe2_is1" = KeePass Password Safe 2.14 "Leseabenteuer_is1" = Toggolino - Leseabenteuer "Lexmark 9300 Series" = Lexmark 9300 Series "Lidl-Fotos_is1" = Lidl-Fotos "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "Mp3tag" = Mp3tag v2.49a "Mystery Case Files - Prime Suspects" = Mystery Case Files - Prime Suspects (remove only) "Nokia PC Suite" = Nokia PC Suite "pdfsam" = pdfsam "Picasa 3" = Picasa 3 "ProtectDisc Driver" = ProtectDisc Helper Driver "Ravensburger tiptoi" = Ravensburger tiptoi "RKSFaxVersion1_is1" = RKS Fax "s25atonce_is1" = s25atonce 3.6.9 "SLABCOMM&10C4&EA60" = Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) "SMSERIAL" = Motorola SM56 Data Fax Modem "sp6" = Logitech SetPoint 6.32 "SpO2_is1" = SpO2 V1.2 "TwInbox" = TwInbox (remove only) "TwonkyMediaTwonkyMedia" = TwonkyMedia "TwonkyvisionUPnPTwonkyMedia" = TwonkyMedia "VLC media player" = VLC media player 2.0.6 "WinLiveSuite" = Windows Live Essentials "WMV9_VCM" = Microsoft Windows Media Video 9 VCM "Zattoo4" = Zattoo4 4.0.5 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 10.06.2013 09:19:40 | Computer Name = Amilo-Laptop | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 2215 Error - 10.06.2013 15:05:37 | Computer Name = Amilo-Laptop | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 10.06.2013 15:05:37 | Computer Name = Amilo-Laptop | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 1513 Error - 10.06.2013 15:05:37 | Computer Name = Amilo-Laptop | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 1513 Error - 12.06.2013 11:07:53 | Computer Name = Amilo-Laptop | Source = Microsoft-Windows-CAPI2 | ID = 131585 Description = Error - 12.06.2013 11:07:54 | Computer Name = Amilo-Laptop | Source = Microsoft-Windows-CAPI2 | ID = 131585 Description = Error - 12.06.2013 11:16:48 | Computer Name = Amilo-Laptop | Source = Microsoft-Windows-CAPI2 | ID = 131585 Description = Error - 12.06.2013 11:16:48 | Computer Name = Amilo-Laptop | Source = Microsoft-Windows-CAPI2 | ID = 131585 Description = Error - 12.06.2013 11:45:22 | Computer Name = Amilo-Laptop | Source = Microsoft-Windows-CAPI2 | ID = 131585 Description = Error - 12.06.2013 11:45:27 | Computer Name = Amilo-Laptop | Source = Microsoft-Windows-CAPI2 | ID = 131585 Description = [ System Events ] Error - 09.06.2013 07:06:03 | Computer Name = Amilo-Laptop | Source = bowser | ID = 8003 Description = Error - 10.06.2013 08:29:01 | Computer Name = Amilo-Laptop | Source = Print | ID = 6161 Description = Das Dokument Lufu Gesamttabelle.xls im Besitz von Rainer konnte nicht auf dem Drucker Lexmark 9300 Series gedruckt werden. Versuchen Sie erneut, das Dokument zu drucken, oder starten Sie den Druckspooler erneut. Datentyp: LEMF. Größe der Spooldatei in Bytes: 1576684. Anzahl der gedruckten Bytes: 1576684. Gesamtanzahl der Seiten des Dokuments: 2. Anzahl der gedruckten Seiten: 0. Clientcomputer: \\AMILO-LAPTOP. Vom Druckprozessor zurückgegebener Win32-Fehlercode: 0. Der Vorgang wurde erfolgreich beendet. Error - 10.06.2013 11:38:38 | Computer Name = Amilo-Laptop | Source = bowser | ID = 8003 Description = Error - 11.06.2013 03:55:23 | Computer Name = Amilo-Laptop | Source = bowser | ID = 8003 Description = Error - 11.06.2013 03:58:23 | Computer Name = Amilo-Laptop | Source = bowser | ID = 8003 Description = Error - 11.06.2013 09:47:03 | Computer Name = Amilo-Laptop | Source = bowser | ID = 8003 Description = Error - 12.06.2013 11:29:45 | Computer Name = Amilo-Laptop | Source = DCOM | ID = 10010 Description = Error - 12.06.2013 11:36:21 | Computer Name = Amilo-Laptop | Source = Service Control Manager | ID = 7009 Description = Error - 12.06.2013 11:36:21 | Computer Name = Amilo-Laptop | Source = Service Control Manager | ID = 7000 Description = Error - 12.06.2013 11:36:31 | Computer Name = Amilo-Laptop | Source = Service Control Manager | ID = 7034 Description = < End of report > |
| Themen zu Software.updater.ui.exe möchte an meinen Laptop |
| antivir, audiograbber, avira, bho, bonjour, browser, computer, desktop, error, excel, expert pdf, firefox, flash player, helper, home, homepage, iexplore.exe, install.exe, logfile, plug-in, programm, realtek, registry, scan, security, software.updater.ui.exe, softwareupdater, starten, svchost.exe, trojaner, vista |
Baum-Darstellung