Vielen Dank für die Hilfe bis hier! Hier sind die Logfiles:
MWB: Code:
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org
Datenbank Version: v2012.08.13.07
Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Markus :: MARKUS-PC [Administrator]
14.08.2012 00:58:11
mbam-log-2012-08-14 (00-58-11).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 453442
Laufzeit: 10 Stunde(n), 4 Minute(n), 35 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 9
C:\ProgramData\Microsoft\Windows Defender\LocalCopy\{17FB29FF-8B42-4F1B-9708-2874BF94B03D}-refog_setup_kl_641.exe (PUP.Keylogger) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\Microsoft\Windows Defender\LocalCopy\{3833E32A-A849-4F66-956D-88E6C9780130}-refog_setup_kl_641.exe (PUP.Keylogger) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\Microsoft\Windows Defender\LocalCopy\{89EE3757-5190-4AB3-A7A3-C0185659D036}-refog_setup_kl_641.exe (PUP.Keylogger) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\Microsoft\Windows Defender\LocalCopy\{D96933AF-F72F-4020-9434-25DD73E5D6F6}-refog_setup_kl_641.exe (PUP.Keylogger) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Installer\{41ab0301-c869-6c13-ffc8-e661c2448e70}\U\00000001.@ (RootKit.0Access.H) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Downloads\SoftonicDownloader_fuer_der-einrichtungsplaner.exe (PUP.OfferBundler.ST) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Downloads\SoftonicDownloader_fuer_driving-speed-2.exe (PUP.ToolbarDownloader) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\System32\drivers\str.sys (Rootkit.Agent) -> Löschen bei Neustart.
C:\Windows\SysWOW64\drivers\str.sys (Rootkit.Agent) -> Löschen bei Neustart.
(Ende)
OTL extras.txt Code:
OTL Extras logfile created on: 14.08.2012 11:39:22 - Run 1
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\Markus\AppData\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,93 Gb Total Physical Memory | 1,93 Gb Available Physical Memory | 49,08% Memory free
7,86 Gb Paging File | 5,43 Gb Available in Paging File | 69,06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 69,10 Gb Total Space | 7,55 Gb Free Space | 10,93% Space Free | Partition Type: NTFS
Drive D: | 68,13 Gb Total Space | 2,95 Gb Free Space | 4,33% Space Free | Partition Type: NTFS
Computer Name: MARKUS-PC | User Name: Markus | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2707230796-2936079349-1780800176-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [MediaMonkey.1Play] -- "C:\PROGRA~2\MEDIAM~1\MEDIAM~1.EXE" "%1"
Directory [MediaMonkey.2PlayNext] -- "C:\PROGRA~2\MEDIAM~1\MEDIAM~1.EXE" /NEXT "%1"
Directory [MediaMonkey.3Enqueue] -- "C:\PROGRA~2\MEDIAM~1\MEDIAM~1.EXE" /ADD "%1"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [MediaMonkey.1Play] -- "C:\PROGRA~2\MEDIAM~1\MEDIAM~1.EXE" "%1"
Directory [MediaMonkey.2PlayNext] -- "C:\PROGRA~2\MEDIAM~1\MEDIAM~1.EXE" /NEXT "%1"
Directory [MediaMonkey.3Enqueue] -- "C:\PROGRA~2\MEDIAM~1\MEDIAM~1.EXE" /ADD "%1"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{2CF025A4-321E-C776-B04C-3AC66DC50907}" = ATI AVIVO64 Codecs
"{4968C926-8496-9FC1-13A8-4AC1FE8B5B46}" = ATI Catalyst Install Manager
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{57019733-78E6-43DE-8E6D-55349F0FDE6F}" = inSSIDer 2.0
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{8B485965-8EFE-464A-842F-CF8F18C3DFD7}" = iCloud
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B26B41EB-32E0-2680-D524-2558541933DD}" = ccc-utility64
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BA9A297F-0198-4EE8-90CB-F5036C180E1D}" = Novacomd
"{D617DF82-6046-44EB-AD4A-D3423319E12C}" = Geosense for Windows
"{E65099C4-9110-4C31-BD03-5C17EFB5FE92}" = HP LaserJet Professional M1210 MFP Series Fax Installer
"{E8A34AC8-0137-4515-A94B-0A0946DDC251}" = Scan To
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"332CCC08910F1AE2E4D90D25DEDE87E3EF797832" = Windows Driver Package - Palm (WinUSB) Palm Devices (10/09/2009 1.0.1)
"3932CA781A7894D20116FDF60F878301800EA8AB" = Windows Driver Package - Broadcom Bluetooth (09/11/2009 6.2.0.9407)
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1" = Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)
"CCleaner" = CCleaner
"CyberGhost VPN_is1" = CyberGhost VPN
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"HP LaserJet Professional M1130-M1210 MFP Series" = HP LaserJet Professional M1130-M1210 MFP Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{07D77970-B205-460C-84E4-263F30455597}" = Nokia Ovi Suite
"{086CF780-DA3F-6757-D834-C84BC58A87D1}" = CCC Help English
"{0AC84F2E-640B-FB92-779A-D6FFACBB7CE5}" = CCC Help French
"{0CC1DAFB-40C8-4903-953D-471E541477C7}" = WISO Steuer-Sparbuch 2012
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{12451AF7-EFF8-4B5B-8255-282D7CC7CAEE}" = OviMPlatform
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{14F3F3DD-E409-4043-B4BF-1D0C3C17A1AA}" = StarMoney
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1A95E365-9CF8-0391-661B-F4C2AF7F34FB}" = CCC Help Czech
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{26539C2E-B21D-4A95-930B-8FE9BE0401E5}" = StarMoney 7.0
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 23
"{28938B7C-B11B-49BD-84E4-44C8416D4C07}" = Mobilink Lite
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}" = GTA2
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{2CC53A53-44F4-4667-8584-2FFC9ACB2242}" = Ovi Desktop Sync Engine
"{2D99A593-C841-43A7-B7C9-D6F3AE70B756}" = Nokia Connectivity Cable Driver
"{3060CA42-22A3-4B68-887F-2443D9CEF6D1}" = StarMoney 6.0
"{31CA28D1-CAE0-48EF-BFFF-BA9C81BA055A}" = StarMoney
"{3248F0A8-6813-11D6-A77B-00B0D0150080}" = J2SE Runtime Environment 5.0 Update 8
"{34A0D249-747E-4D6C-803D-329C120C6B79}" = Catalyst Control Center - Branding
"{34D9F830-3A03-7F79-251B-C15B002633E1}" = Catalyst Control Center Graphics Light
"{34DBCB78-C244-0AD0-3D8F-F272067C79FA}" = CCC Help Greek
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer PowerSmart Manager
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{40184457-4514-4B18-84A8-6BB8A3AB6A81}" = AirPort
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{42A2ED4D-332B-11C1-251D-3EB716781621}" = CCC Help Chinese Traditional
"{49AB94D9-8FBB-5B8C-9F2E-AF4460D19CD9}" = ccc-core-static
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EF669B9-BA18-D426-24B0-841D19B7FBF3}" = Catalyst Control Center Graphics Full Existing
"{5118AC20-6A87-01CD-B036-10E11FA663B6}" = CCC Help German
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{533A30F7-C3CE-4409-BDA1-DFAE1DA817DF}" = StarMoney 8.0
"{54A32A13-E55D-00E3-A4CF-D91752D95447}" = Catalyst Control Center Core Implementation
"{59A443A7-FFBF-41F1-B033-51D7B9A4AF5C}" = Mobile Broadband Generic Drivers
"{5D4C60AA-84E6-4E1A-8A68-69970D387BE1}" = TuneUp Utilities Language Pack (de-DE)
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{60CBBC35-75D4-D0E8-8B6A-000E6F9957F1}" = CCC Help Spanish
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}" = Logitech Harmony Remote Software
"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{7453E7D0-AA0D-E702-ACBE-FE60D94D5CFF}" = CCC Help Swedish
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B62C240-5658-4803-84E2-59674838788C}" = StarMoney
"{7C056FA6-E362-467B-8160-062E9474FEE5}" = SlimDX Redistributable for .NET 2.0 (March 2011)
"{7C7841EB-DE0C-E931-DCAD-0929FB6406A5}" = CCC Help Hungarian
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}" = Granny In Paradise
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115208410}" = First Class Flurry
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AFEE9BF-D99C-4FEB-7E33-EFBBE25A8ABC}" = Catalyst Control Center InstallProxy
"{8DA9DA10-E01F-12AD-60D9-BAD83B32D291}" = CCC Help Russian
"{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1" = Acer GameZone Console
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2007
"{90120000-0017-0407-0000-0000000FF1CE}_OMUI.de-de_{0B9EAEAC-F271-45DC-BDCB-06ABEEF19825}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.de-de_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_OMUI.de-de_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0407-1000-0000000FF1CE}_OMUI.de-de_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_OMUI.de-de_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2007
"{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007
"{90120000-0101-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90470DB8-70FC-2A03-8B53-7FE312AC245C}" = CCC Help Thai
"{90C67C7D-E918-402C-9856-7B13999E1786}" = StarMoney
"{92633C0F-C9BE-41E3-B439-0B508F859DB5}" = StarMoney
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9B4D5767-98CE-D0F0-8156-4E3601826F3F}" = PX Profile Update
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A7E6880B-7118-A96A-609F-14D7360E7D61}" = CCC Help Danish
"{A8F7FCEF-3CA6-4CE9-8FEA-8BB18F8686F0}" = Nokia Ovi Suite Software Updater
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-1033-F400-7760-000000000004}_942" = Adobe Acrobat 9.4.2 - CPSID_83708
"{AC76BA86-1033-F400-7760-000000000004}{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AE09C972-EEB2-4DA5-8090-0FCF54576854}" = Optical Drive Power Management
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B2107940-7236-213E-C220-6046712063F8}" = CCC Help Portuguese
"{B3CEA4A7-03EC-8962-3C5F-A214FE039AA5}" = Catalyst Control Center Graphics Previews Vista
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B863D083-8782-C588-74EB-3B4F42AD737A}" = Catalyst Control Center Graphics Full New
"{BB9AC6BF-71B6-42A4-9689-C17D9F44E79A}" = Brother MFL-Pro Suite MFC-215C
"{C07F0490-7FC9-4D81-AD90-C8D923EB55FF}" = Fast
"{C373F7C4-05D2-4047-96D1-6AF30661C6AA}" = PC Connectivity Solution
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CE825A45-067E-41AF-2E6B-BE1B8BC23628}" = CCC Help Norwegian
"{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam Ver:1.1.124.1120
"{DDA475ED-DC7B-44E5-7680-EF6407065176}" = CCC Help Italian
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3F7E760-CD3F-7317-3E9B-DEEAF12B93DC}" = CCC Help Turkish
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E751664E-7AB9-36E2-344D-26A2D38783BC}" = CCC Help Dutch
"{E7E27B47-BD17-46C3-2232-C82269C958F8}" = CCC Help Polish
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F08348FE-F080-706C-FD13-ABEACB5E6D15}" = CCC Help Korean
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F66F8651-4666-D528-6B19-E124E11D2B7D}" = CCC Help Japanese
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F90F3043-6DD4-4596-44AF-85AE350AB02E}" = Catalyst Control Center Localization All
"{F994030D-1E19-944F-D35F-6124CD5424AF}" = CCC Help Chinese Standard
"{FE58B892-3825-4610-A6A2-E6EFCA83BD97}" = Ulead PhotoImpact 10 TBYB
"{FED25C64-2FA3-D409-ABCC-D0668D5274F5}" = CCC Help Finnish
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"4Captains" = 4Captains
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Airfoil" = Airfoil
"AnyDVD" = AnyDVD
"AutoBINGOOO_is1" = AutoBINGOOO 3.0
"Avira AntiVir Desktop" = Avira Free Antivirus
"Biet-O-Matic v2.14.8" = Biet-O-Matic v2.14.8
"CloneDVD2" = CloneDVD2
"CrystalDiskInfo_is1" = CrystalDiskInfo 3.7.0a
"DivX Setup.divx.com" = DivX-Setup
"Driving Speed 2_is1" = Driving Speed 2.0
"FLV Player" = FLV Player 2.0 (build 25)
"GridVista" = Acer GridVista
"Identity Card" = Identity Card
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"IrfanView" = IrfanView (remove only)
"JAP" = JAP
"KVS_AvailabilityTool" = KVS Availability Tool [6.8.1]
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"MediaMonkey_is1" = MediaMonkey 3.2
"Miranda IM" = Miranda IM 0.8.27
"Mobile Broadband Generic Drivers" = Mobile Broadband Generic Drivers
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MUU_20417866B" = MUU_20417866B
"MUU_20417960" = MUU_20417960
"Nokia Ovi Suite" = Nokia Ovi Suite
"Office14.SingleImage" = Microsoft Office Home and Business 2010
"OMUI.de-de" = Microsoft Office Language Pack 2007 - German/Deutsch
"Passbild-Generator_is1" = Bewerbungsfoto-/Passbild-Generator v3.5a
"Revo Uninstaller" = Revo Uninstaller 1.89
"RollerCoaster Tycoon 3_is1" = RollerCoaster Tycoon 3
"RollerCoaster Tycoon Setup" = Roll
"Safelog - CAA/JAA Logbook_is1" = Safelog - CAA/JAA Logbook
"SkyTest® BU-Trainingssoftware_is1" = SkyTest® BU-Trainingssoftware 2.3
"Sweet Home 3D_is1" = Sweet Home 3D version 3.2
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"VLC media player" = VLC media player 1.1.11
"VueScan" = VueScan
"WinLiveSuite_Wave3" = Windows Live Essentials
"WMS" = Wild Media Server (UPnP, DLNA, HTTP)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2707230796-2936079349-1780800176-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"HP webOS(R) Doctor(tm) Build 236.222, webOS 1.4.5" = HP webOS(R) Doctor(tm) Build 236.222, webOS 1.4.5
"STANLY Track" = STANLY Track
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 13.08.2012 21:15:33 | Computer Name = Markus-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 13.08.2012 21:15:33 | Computer Name = Markus-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4087
Error - 13.08.2012 21:15:33 | Computer Name = Markus-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4087
Error - 13.08.2012 21:15:35 | Computer Name = Markus-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 13.08.2012 21:15:35 | Computer Name = Markus-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6021
Error - 13.08.2012 21:15:35 | Computer Name = Markus-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6021
Error - 13.08.2012 21:15:36 | Computer Name = Markus-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 13.08.2012 21:15:36 | Computer Name = Markus-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 7269
Error - 13.08.2012 21:15:36 | Computer Name = Markus-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 7269
Error - 14.08.2012 05:20:46 | Computer Name = Markus-PC | Source = SideBySide | ID = 16842827
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe". Fehler in Manifest-
oder Richtliniendatei "C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe"
in Zeile 2. Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.
[ System Events ]
Error - 13.08.2012 18:21:10 | Computer Name = Markus-PC | Source = Service Control Manager | ID = 7003
Description =
Error - 13.08.2012 18:21:10 | Computer Name = Markus-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 13.08.2012 18:21:11 | Computer Name = Markus-PC | Source = Service Control Manager | ID = 7003
Description =
Error - 13.08.2012 18:21:28 | Computer Name = Markus-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 13.08.2012 18:21:44 | Computer Name = Markus-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 13.08.2012 18:21:44 | Computer Name = Markus-PC | Source = Service Control Manager | ID = 7023
Description =
Error - 13.08.2012 18:22:09 | Computer Name = Markus-PC | Source = DCOM | ID = 10016
Description =
Error - 14.08.2012 03:23:24 | Computer Name = Markus-PC | Source = Service Control Manager | ID = 7011
Description =
Error - 14.08.2012 03:24:01 | Computer Name = Markus-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 14.08.2012 03:24:01 | Computer Name = Markus-PC | Source = Service Control Manager | ID = 7023
Description =
< End of report >
OTL otl.txt Code:
OTL logfile created on: 14.08.2012 11:39:22 - Run 1
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\Markus\AppData\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,93 Gb Total Physical Memory | 1,93 Gb Available Physical Memory | 49,08% Memory free
7,86 Gb Paging File | 5,43 Gb Available in Paging File | 69,06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 69,10 Gb Total Space | 7,55 Gb Free Space | 10,93% Space Free | Partition Type: NTFS
Drive D: | 68,13 Gb Total Space | 2,95 Gb Free Space | 4,33% Space Free | Partition Type: NTFS
Computer Name: MARKUS-PC | User Name: Markus | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Markus\AppData\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\Markus\AppData\Local\Temp\DAT696D.tmp.exe (YUAN)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_270.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH)
PRC - C:\Program Files (x86)\WISO\Steuersoftware 2012\mshaktuell.exe ()
PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
PRC - C:\Program Files (x86)\StarMoney 7.0\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH)
PRC - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
PRC - C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
PRC - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
PRC - C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe (Nokia)
PRC - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Programme\S.A.D\CyberGhost VPN\CGVPNCliService.exe (mobile concepts GmbH)
PRC - C:\Windows\PLFSetI.exe ()
PRC - C:\Program Files (x86)\AirPort\APAgent.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
PRC - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
PRC - C:\Windows\SysWOW64\brss01a.exe (brother Industries Ltd)
PRC - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
PRC - C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer)
PRC - C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe (Brother Industries, Ltd.)
PRC - C:\PROGRA~2\NOVATE~1\Mobilink\Phoenix.exe (Novatel Wireless Inc.)
PRC - C:\Program Files (x86)\Novatel Wireless\Mobilink\Lite.exe (Novatel Wireless)
PRC - C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe (Macrovision Corporation)
PRC - C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\Monitor.exe (Ulead Systems, Inc.)
PRC - C:\Windows\SysWOW64\brsvc01a.exe (brother Industries Ltd)
========== Modules (No Company Name) ==========
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\WISO\Steuersoftware 2012\wfvie12.dll ()
MOD - C:\Program Files (x86)\WISO\Steuersoftware 2012\rsguiwinapi47.dll ()
MOD - C:\Program Files (x86)\WISO\Steuersoftware 2012\wsteu12.dll ()
MOD - C:\Program Files (x86)\WISO\Steuersoftware 2012\rscorewinapi47.dll ()
MOD - C:\Program Files (x86)\WISO\Steuersoftware 2012\wgui12.dll ()
MOD - C:\Program Files (x86)\WISO\Steuersoftware 2012\wcore12.dll ()
MOD - C:\Program Files (x86)\WISO\Steuersoftware 2012\wauff12.dll ()
MOD - C:\Program Files (x86)\WISO\Steuersoftware 2012\wreli12.dll ()
MOD - C:\Program Files (x86)\WISO\Steuersoftware 2012\mshaktuell.exe ()
MOD - C:\Program Files (x86)\WISO\Steuersoftware 2012\rsodbc47.dll ()
MOD - C:\Program Files (x86)\WISO\Steuersoftware 2012\rsdcom47.dll ()
MOD - C:\Program Files (x86)\WISO\Steuersoftware 2012\QtSqlrs47.dll ()
MOD - C:\Program Files (x86)\WISO\Steuersoftware 2012\QtCLuceners47.dll ()
MOD - C:\Program Files (x86)\WISO\Steuersoftware 2012\QtWebKitrs47.dll ()
MOD - C:\Program Files (x86)\WISO\Steuersoftware 2012\phononrs47.dll ()
MOD - C:\Program Files (x86)\WISO\Steuersoftware 2012\QtScriptrs47.dll ()
MOD - C:\Program Files (x86)\WISO\Steuersoftware 2012\QtTestrs47.dll ()
MOD - C:\Program Files (x86)\WISO\Steuersoftware 2012\Qt3Supportrs47.dll ()
MOD - C:\Program Files (x86)\WISO\Steuersoftware 2012\QtSvgrs47.dll ()
MOD - C:\Program Files (x86)\WISO\Steuersoftware 2012\QtGuirs47.dll ()
MOD - C:\Program Files (x86)\WISO\Steuersoftware 2012\QtNetworkrs47.dll ()
MOD - C:\Program Files (x86)\WISO\Steuersoftware 2012\QtXmlrs47.dll ()
MOD - C:\Program Files (x86)\WISO\Steuersoftware 2012\QtCorers47.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Maps Service API.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtWebKit4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtGui4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtXmlPatterns4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtCore4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtScript4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtOpenGL4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\sqldrivers\qsqlite4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtXml4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\phonon4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\imageformats\qjpeg4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtSql4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\imageformats\qgif4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtDeclarative4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtMultimediaKit1.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\mediaservice\dsengine.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QxtCore.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QxtWeb.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\qjson.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\ssoengine.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\OviShareLib.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\securestorage.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\CommonUpdateChecker.dll ()
MOD - C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf ()
MOD - C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll ()
MOD - C:\Windows\PLFSetI.exe ()
MOD - C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll ()
MOD - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.deu ()
MOD - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\AcroTray.FRA ()
MOD - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\DetMethod.dll ()
========== Win32 Services (SafeList) ==========
SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (HPSIService) -- C:\Windows\SysNative\HPSIsvc.exe (HP)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (lgzlkwecejohf) -- C:\Users\Markus\AppData\Local\Temp\DAT696D.tmp.exe (YUAN)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (StarMoney 8.0 OnlineUpdate) -- C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH)
SRV - (StarMoney 7.0 OnlineUpdate) -- C:\Program Files (x86)\StarMoney 7.0\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH)
SRV - (NovacomD) -- C:\Programme\Palm, Inc\novacomd\amd64\novacomd.exe (Palm)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (CGVPNCliSrvc) -- C:\Programme\S.A.D\CyberGhost VPN\CGVPNCliService.exe (mobile concepts GmbH)
SRV - (HPM1210RcvFaxSrvc) -- C:\Programme\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe (HP)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (ePowerSvc) -- C:\Programme\Acer\Acer PowerSmart Manager\ePowerSvc.exe (Acer Incorporated)
SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
SRV - (MWLService) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe ()
SRV - (ODDPwrSvc) -- C:\Programme\Acer\Optical Drive Power Management\ODDPWRSvc.exe (Acer Incorporated)
SRV - (Greg_Service) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)
SRV - (DsiWMIService) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
SRV - (RS_Service) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
SRV - (Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (Brother XP spl Service) -- C:\Windows\SysWOW64\brsvc01a.exe (brother Industries Ltd)
========== Driver Services (SafeList) ==========
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (AnyDVD) -- C:\Windows\SysNative\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys (Nokia)
DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Nokia)
DRV:64bit: - (nmwcdc) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia)
DRV:64bit: - (nmwcd) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)
DRV:64bit: - (nmwcdnsux64) -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys (Nokia)
DRV:64bit: - (nmwcdnsucx64) -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys (Nokia)
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:64bit: - (NWADI) -- C:\Windows\SysNative\drivers\NWADIenum.sys (Novatel Wireless Inc)
DRV:64bit: - (NWUSBCDFIL64) -- C:\Windows\SysNative\drivers\NwUsbCdFil64.sys (Novatel Wireless Inc.)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (NWUSBPort) -- C:\Windows\SysNative\drivers\nwusbser.sys (Novatel Wireless Inc.)
DRV:64bit: - (NWUSBModem) -- C:\Windows\SysNative\drivers\nwusbmdm.sys (Novatel Wireless Inc.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (NETw5s64) -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atipmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (intelkmd) -- C:\Windows\SysNative\drivers\igdpmd64.sys (Intel Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.)
DRV:64bit: - (L1E) -- C:\Windows\SysNative\drivers\L1E62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (netw5v64) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
DRV:64bit: - (PCASp50a64) -- C:\Windows\SysNative\drivers\PCASp50a64.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (AnyDVD) -- C:\Windows\SysWOW64\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_4810t&r=273608100616l03d8z1k5t5811b11p
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_4810t&r=273608100616l03d8z1k5t5811b11p
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_4810t&r=273608100616l03d8z1k5t5811b11p
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_4810t&r=273608100616l03d8z1k5t5811b11p
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2707230796-2936079349-1780800176-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_4810t&r=273608100616l03d8z1k5t5811b11p
IE - HKU\S-1-5-21-2707230796-2936079349-1780800176-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_4810t&r=273608100616l03d8z1k5t5811b11p
IE - HKU\S-1-5-21-2707230796-2936079349-1780800176-1000\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\S-1-5-21-2707230796-2936079349-1780800176-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2707230796-2936079349-1780800176-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE393
IE - HKU\S-1-5-21-2707230796-2936079349-1780800176-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-2707230796-2936079349-1780800176-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2707230796-2936079349-1780800176-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 46.4.37.196:3128
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de"
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: {d39a0050-191f-11df-8a39-0800200c9a66}:1.2.2
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_270.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@logitech.com/HarmonyRemote,version=1.0.0: C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.08.03 04:53:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.07.04 11:36:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.07.20 18:28:44 | 000,000,000 | ---D | M]
[2010.08.20 11:30:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Markus\AppData\Roaming\mozilla\Extensions
[2010.08.20 14:37:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Markus\AppData\Roaming\mozilla\Firefox\Profiles\0p065e2d.default\extensions
[2010.08.20 14:37:05 | 000,000,000 | ---D | M] (Web Developer) -- C:\Users\Markus\AppData\Roaming\mozilla\Firefox\Profiles\0p065e2d.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2010.08.20 14:37:06 | 000,000,000 | ---D | M] (StockFox) -- C:\Users\Markus\AppData\Roaming\mozilla\Firefox\Profiles\0p065e2d.default\extensions\{d39a0050-191f-11df-8a39-0800200c9a66}
[2010.08.20 14:37:05 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\Markus\AppData\Roaming\mozilla\Firefox\Profiles\0p065e2d.default\extensions\moveplayer@movenetworks.com
[2012.05.02 10:53:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Markus\AppData\Roaming\mozilla\Firefox\Profiles\c4s1l0g0.default2\extensions
[2012.03.30 21:02:20 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Markus\AppData\Roaming\mozilla\Firefox\Profiles\c4s1l0g0.default2\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011.03.25 01:19:05 | 000,000,000 | ---D | M] (Web Developer) -- C:\Users\Markus\AppData\Roaming\mozilla\Firefox\Profiles\c4s1l0g0.default2\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2011.03.25 01:19:05 | 000,000,000 | ---D | M] (StockFox) -- C:\Users\Markus\AppData\Roaming\mozilla\Firefox\Profiles\c4s1l0g0.default2\extensions\{d39a0050-191f-11df-8a39-0800200c9a66}
[2010.08.20 14:40:22 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\Markus\AppData\Roaming\mozilla\Firefox\Profiles\c4s1l0g0.default2\extensions\moveplayer@movenetworks.com
[2010.08.20 11:30:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Markus\AppData\Roaming\mozilla\Firefox\Profiles\sj3h80z5.default\extensions
[2011.11.11 20:27:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.12.02 17:59:31 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010.08.20 14:37:06 | 000,000,000 | ---D | M] (StockFox) -- C:\DOKUMENTE UND EINSTELLUNGEN\MARKUS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0P065E2D.DEFAULT\EXTENSIONS\{D39A0050-191F-11DF-8A39-0800200C9A66}
[2010.08.20 14:37:05 | 000,000,000 | ---D | M] (Move Media Player) -- C:\DOKUMENTE UND EINSTELLUNGEN\MARKUS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\0P065E2D.DEFAULT\EXTENSIONS\MOVEPLAYER@MOVENETWORKS.COM
File not found (No name found) -- D:\INTERNET\FIREFOX3011\EXTENSIONS\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
[2012.08.03 04:53:18 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.01.10 01:37:15 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.10.07 12:55:22 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.10.07 12:55:22 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.10.07 12:55:22 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.10.07 12:55:22 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.10.07 12:55:22 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.10.07 12:55:22 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2010.08.31 17:47:07 | 000,000,889 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 192.168.112.2O7.net
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7529.1424\swg64.dll (Google Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-2707230796-2936079349-1780800176-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-2707230796-2936079349-1780800176-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [ODDPwr] C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [AirPort Base Station Agent] C:\Program Files (x86)\AirPort\APAgent.exe (Apple Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [PDVD8LanguageShortcut] c:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl8] c:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Ulead AutoDetector v2] C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe (Ulead Systems, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2707230796-2936079349-1780800176-1000..\Run: [] File not found
O4 - HKU\S-1-5-21-2707230796-2936079349-1780800176-1000..\Run: [AnyDVD] C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
O4 - HKU\S-1-5-21-2707230796-2936079349-1780800176-1000..\Run: [ISUSPM] C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe (Macrovision Corporation)
O4 - HKU\S-1-5-21-2707230796-2936079349-1780800176-1000..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKU\S-1-5-21-2707230796-2936079349-1780800176-1000..\Run: [MobiLink Lite] C:\Program Files (x86)\Novatel Wireless\MobiLink\Lite.exe (Novatel Wireless)
O4 - HKU\S-1-5-21-2707230796-2936079349-1780800176-1000..\Run: [NokiaOviSuite2] C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2707230796-2936079349-1780800176-1000\..Trusted Domains: lufthansa.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-2707230796-2936079349-1780800176-1000\..Trusted Domains: miles-and-more.com ([]https in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0_08-windows-i586.cab (Reg Error: Key error.)
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx (WRC Class)
O16 - DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_08-windows-i586.cab (Java Plug-in 1.5.0_08)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 193.189.244.194 193.189.244.202
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A789E849-A0E9-4CAB-9E69-47227C34A73E}: DhcpNameServer = 192.168.1.1 193.189.244.194 193.189.244.202
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{10fec2f3-ac8a-11df-8937-0024d60d5186}\Shell - "" = AutoRun
O33 - MountPoints2\{10fec2f3-ac8a-11df-8937-0024d60d5186}\Shell\AutoRun\command - "" = F:\MobilinkLite/LiteAuto.exe
O33 - MountPoints2\{a345fe57-82d6-11e0-8cc4-00262d72dbd2}\Shell - "" = AutoRun
O33 - MountPoints2\{a345fe57-82d6-11e0-8cc4-00262d72dbd2}\Shell\AutoRun\command - "" = E:\MobilinkLite/LiteAuto.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.08.14 00:58:57 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\Markus\AppData\Desktop\OTL.exe
[2012.08.14 00:21:24 | 000,000,000 | R--D | C] -- C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 8
[2012.08.14 00:08:52 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Roaming\Malwarebytes
[2012.08.14 00:08:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.08.14 00:08:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.08.14 00:08:36 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.08.14 00:08:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.08.12 09:52:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.08.12 09:51:58 | 000,132,832 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2012.08.12 09:51:58 | 000,098,848 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2012.08.12 09:51:58 | 000,027,760 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2012.08.02 17:27:35 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Local\BlueStacksSetup
[2009.10.29 05:39:15 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe
========== Files - Modified Within 30 Days ==========
[2012.08.14 11:50:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.14 11:44:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.14 09:23:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.14 00:58:42 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Markus\AppData\Desktop\OTL.exe
[2012.08.14 00:42:32 | 000,140,827 | ---- | M] () -- C:\Windows\SysWow64\drivers\str.sys
[2012.08.14 00:28:33 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.14 00:28:33 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.14 00:21:23 | 000,000,125 | -HS- | M] () -- C:\ProgramData\.zreglib
[2012.08.14 00:21:13 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.08.14 00:20:59 | 3167,580,160 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.14 00:08:38 | 000,001,119 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.08.13 00:15:44 | 001,507,106 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.13 00:15:44 | 000,657,676 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.08.13 00:15:44 | 000,618,912 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.13 00:15:44 | 000,131,016 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.08.13 00:15:44 | 000,107,232 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.08.13 00:10:38 | 000,196,608 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2012.08.12 09:52:03 | 000,002,076 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.08.09 09:21:34 | 000,000,638 | ---- | M] () -- C:\Windows\wiso.ini
[2012.08.05 13:47:57 | 000,057,402 | ---- | M] () -- C:\Users\Markus\AppData\Desktop\2.pdf
[2012.08.05 13:46:35 | 000,084,796 | ---- | M] () -- C:\Users\Markus\AppData\Desktop\Off-Road-Zentrum*- ADAC Fahrsicherheitszentrum Rhein-Main.pdf
[2012.08.05 13:44:34 | 000,072,463 | ---- | M] () -- C:\Users\Markus\AppData\Desktop\Off-Road-Training*- ADAC Fahrsicherheitszentrum Rhein-Main.pdf
[2012.08.04 22:05:18 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.08.04 22:05:18 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.07.30 18:17:11 | 000,000,582 | ---- | M] () -- C:\Windows\ulead32.ini
[2012.07.18 18:04:42 | 000,132,832 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2012.07.18 18:04:42 | 000,027,760 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2012.07.18 18:04:41 | 000,098,848 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
========== Files Created - No Company Name ==========
[2012.08.14 11:37:11 | 000,001,712 | ---- | C] () -- C:\Windows\Installer\{41ab0301-c869-6c13-ffc8-e661c2448e70}\U\00000001.@
[2012.08.14 00:19:02 | 000,023,552 | ---- | C] () -- C:\Windows\Installer\{41ab0301-c869-6c13-ffc8-e661c2448e70}\U\800000cb.@
[2012.08.14 00:19:02 | 000,016,896 | ---- | C] () -- C:\Windows\Installer\{41ab0301-c869-6c13-ffc8-e661c2448e70}\U\80000000.@
[2012.08.14 00:08:38 | 000,001,119 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.08.12 10:40:57 | 000,140,827 | ---- | C] () -- C:\Windows\SysWow64\drivers\str.sys
[2012.08.12 09:52:03 | 000,002,076 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.08.05 13:47:57 | 000,057,402 | ---- | C] () -- C:\Users\Markus\AppData\Desktop\2.pdf
[2012.08.05 13:46:35 | 000,084,796 | ---- | C] () -- C:\Users\Markus\AppData\Desktop\Off-Road-Zentrum*- ADAC Fahrsicherheitszentrum Rhein-Main.pdf
[2012.08.05 13:44:34 | 000,072,463 | ---- | C] () -- C:\Users\Markus\AppData\Desktop\Off-Road-Training*- ADAC Fahrsicherheitszentrum Rhein-Main.pdf
[2012.06.06 17:40:53 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{41ab0301-c869-6c13-ffc8-e661c2448e70}\@
[2012.06.06 17:40:53 | 000,002,048 | -HS- | C] () -- C:\Users\Markus\AppData\Local\{41ab0301-c869-6c13-ffc8-e661c2448e70}\@
[2012.04.25 17:29:13 | 000,153,096 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012.02.07 00:45:58 | 000,000,638 | ---- | C] () -- C:\Windows\wiso.ini
[2011.11.27 13:28:48 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011.11.15 21:25:30 | 000,015,873 | ---- | C] () -- C:\Windows\SysWow64\Inetde.dll
[2011.10.28 00:14:21 | 000,000,034 | ---- | C] () -- C:\Windows\CAI.INI
[2011.10.19 22:25:26 | 000,162,440 | ---- | C] () -- C:\Windows\SysWow64\AirfoilInject3.dll
[2011.05.19 19:47:05 | 000,000,582 | ---- | C] () -- C:\Windows\ulead32.ini
[2011.02.28 15:54:59 | 000,000,193 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2011.02.28 15:54:59 | 000,000,080 | ---- | C] () -- C:\Windows\brpcfx.ini
[2011.02.28 15:54:44 | 000,000,030 | ---- | C] () -- C:\Windows\SysWow64\brss01a.ini
[2011.02.28 15:54:43 | 000,000,521 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011.02.28 15:54:43 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2011.02.28 15:54:03 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat
[2011.02.22 13:33:21 | 000,001,054 | ---- | C] () -- C:\Windows\wms.ini
[2011.02.22 13:33:18 | 000,000,146 | ---- | C] () -- C:\Windows\wmssetup.ini
[2010.12.28 12:22:19 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2010.12.21 12:46:38 | 000,045,568 | ---- | C] () -- C:\Windows\UniFish3.exe
[2010.09.06 10:54:56 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010.08.31 11:30:39 | 001,500,444 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.08.20 11:29:59 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
========== Alternate Data Streams ==========
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:93DE1838
< End of report >
:dankeschoen: |
