| Tüddeltante | 10.10.2012 09:55 |
OTL Logfile: Code:
OTL logfile created on: 10.10.2012 10:37:37 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marcus\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,12 Gb Total Physical Memory | 1,72 Gb Available Physical Memory | 55,15% Memory free
6,44 Gb Paging File | 5,04 Gb Available in Paging File | 78,23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455,99 Gb Total Space | 341,29 Gb Free Space | 74,84% Space Free | Partition Type: NTFS
Computer Name: MARCUS-PC | User Name: Marcus | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.10.10 09:42:30 | 000,302,592 | ---- | M] () -- C:\Users\Marcus\Desktop\jgkku9iv.exe
PRC - [2012.10.10 09:35:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marcus\Desktop\OTL.exe
PRC - [2012.05.06 00:19:43 | 001,564,368 | ---- | M] () -- C:\Programme\Guard-ICQ\GuardICQ.exe
PRC - [2012.03.20 11:16:08 | 000,247,872 | ---- | M] () -- C:\Programme\ICQ6Toolbar\ICQ Service.exe
PRC - [2011.04.20 18:23:41 | 000,748,336 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\iexplore.exe
PRC - [2011.03.28 20:31:16 | 000,193,920 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2011.03.28 20:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2011.02.25 11:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft\BingBar\SeaPort.EXE
PRC - [2009.10.29 07:54:44 | 001,218,008 | ---- | M] (McAfee, Inc.) -- c:\Programme\McAfee.com\Agent\mcagent.exe
PRC - [2009.10.27 12:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\MPF\MpfSrv.exe
PRC - [2009.10.23 12:04:13 | 000,204,800 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\Marcus\AppData\Local\Temp\RtkBtMnt.exe
PRC - [2009.10.02 13:02:56 | 000,026,640 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\MSK\msksrver.exe
PRC - [2009.09.17 14:29:04 | 000,865,832 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\MSC\mcmscsvc.exe
PRC - [2009.08.20 06:07:10 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2009.07.08 11:54:34 | 000,359,952 | ---- | M] (McAfee, Inc.) -- c:\Programme\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2009.07.07 19:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) -- c:\Programme\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2009.05.14 23:03:30 | 000,305,448 | ---- | M] (Egis Technology Inc.) -- C:\Programme\EgisTec\MyWinLocker 3\x86\MWLService.exe
PRC - [2009.05.14 23:03:18 | 000,345,384 | ---- | M] (Egis Technology Inc.) -- C:\Programme\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
PRC - [2009.05.13 19:39:42 | 000,199,464 | ---- | M] (Egis Technology Inc.) -- C:\Programme\EgisTec Egis Software Update\EgisUpdate.exe
PRC - [2009.04.16 14:23:56 | 000,479,232 | ---- | M] (SAMSUNG ELECTRONICS) -- C:\Programme\Samsung\EmoDio\SMSTray.exe
PRC - [2009.04.11 19:32:06 | 000,249,600 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Programme\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
PRC - [2009.04.11 19:32:00 | 000,061,184 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Programme\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2009.04.03 19:54:42 | 000,698,912 | ---- | M] (Acer Incorporated) -- C:\Programme\Acer\Acer ePower Management\ePowerTray.exe
PRC - [2009.04.03 19:54:40 | 000,723,488 | ---- | M] (Acer Incorporated) -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe
PRC - [2009.04.03 19:54:40 | 000,453,152 | ---- | M] (Acer Incorporated) -- C:\Programme\Acer\Acer ePower Management\ePowerEvent.exe
PRC - [2009.02.19 05:42:50 | 000,866,824 | ---- | M] (Dritek System Inc.) -- C:\Programme\Launch Manager\LManager.exe
PRC - [2009.02.01 08:43:30 | 000,049,250 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\Apoint2K\Hidfind.exe
PRC - [2009.01.21 00:41:24 | 000,202,024 | ---- | M] (CyberLink) -- C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
PRC - [2009.01.21 00:41:18 | 000,156,968 | ---- | M] (CyberLink Corp.) -- C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
PRC - [2008.12.26 17:30:58 | 000,173,288 | ---- | M] (Acer Corp.) -- C:\Programme\Acer Arcade Deluxe\PlayMovie\PMVService.exe
PRC - [2008.12.18 13:51:34 | 000,075,048 | ---- | M] () -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
PRC - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008.01.24 17:29:52 | 002,981,328 | ---- | M] (Hansenet) -- C:\Programme\Alice Software\AliceEinwahl.exe
PRC - [2007.12.19 03:13:04 | 001,179,648 | ---- | M] () -- C:\Programme\WiFiConnector\NintendoWFCReg.exe
PRC - [2007.04.24 19:24:14 | 000,537,520 | ---- | M] ( ) -- C:\Windows\System32\lxbacoms.exe
PRC - [2006.10.23 14:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Programme\Common Files\aol\acs\AOLacsd.exe
PRC - [2006.09.26 02:52:48 | 000,050,736 | ---- | M] (America Online, Inc.) -- C:\Programme\Common Files\aol\1256301154\ee\aolsoftware.exe
========== Modules (No Company Name) ==========
MOD - [2012.10.10 09:42:30 | 000,302,592 | ---- | M] () -- C:\Users\Marcus\Desktop\jgkku9iv.exe
MOD - [2012.05.06 00:19:43 | 001,564,368 | ---- | M] () -- C:\Programme\Guard-ICQ\GuardICQ.exe
MOD - [2012.02.17 18:17:50 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\5c3bfd69e0c268baff0d169e11a6a784\System.Runtime.Remoting.ni.dll
MOD - [2012.02.17 18:17:44 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\2598077ccea480c6120d3a1ad4455be0\System.Web.ni.dll
MOD - [2012.02.17 18:16:31 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7fd6c62196829d1e2dce5a253145d51a\System.Configuration.ni.dll
MOD - [2012.02.16 10:58:09 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d9f0f1dc8cbdb81f1ba122d77a6ab710\System.Xml.ni.dll
MOD - [2012.02.16 10:57:39 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\65450889f3742aada2a6c0cf8e6173e3\System.Windows.Forms.ni.dll
MOD - [2012.02.16 10:57:28 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\137696d0416b65dbc1561152971488b4\System.Drawing.ni.dll
MOD - [2012.02.16 10:54:33 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c50133cb67d7c013fa31e1ffb942060b\System.ni.dll
MOD - [2011.10.14 13:36:16 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\bcb66dbad2b45d05235b37a02f737eb5\Accessibility.ni.dll
MOD - [2011.10.14 12:57:58 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2009.08.20 06:07:10 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
MOD - [2009.08.20 05:56:59 | 001,728,512 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3364.37101__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2009.08.20 05:56:59 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3364.37179__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2009.08.20 05:56:59 | 000,290,816 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3364.37083__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2009.08.20 05:56:59 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3364.37103__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2009.08.20 05:56:59 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3364.37160__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2009.08.20 05:56:59 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3364.37141__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2009.08.20 05:56:59 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3364.37097__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2009.08.20 05:56:59 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3364.37128__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2009.08.20 05:56:59 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3364.37092__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2009.08.20 05:56:58 | 000,364,544 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3364.37146__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2009.08.20 05:56:58 | 000,147,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3364.37179__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll
MOD - [2009.08.20 05:56:58 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3364.37180__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2009.08.20 05:56:58 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3364.37147__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2009.08.20 05:56:58 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3364.37091__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2009.08.20 05:56:58 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3364.37146__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2009.08.20 05:56:58 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3364.37178__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2009.08.20 05:56:57 | 000,811,008 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3364.37130__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2009.08.20 05:56:57 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3364.37155__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2009.08.20 05:56:57 | 000,225,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3364.37103__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2009.08.20 05:56:57 | 000,126,976 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3364.37139__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2009.08.20 05:56:57 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3364.37129__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2009.08.20 05:56:56 | 000,712,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3364.37092__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2009.08.20 05:56:56 | 000,589,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3364.37104__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2009.08.20 05:56:56 | 000,450,560 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3364.37124__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2009.08.20 05:56:56 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3364.37129__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2009.08.20 05:56:56 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3364.37140__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2009.08.20 05:56:56 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3364.37108__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2009.08.20 05:56:56 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3364.37128__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2009.08.20 05:56:56 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3364.37107__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2009.08.20 05:56:56 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3364.37129__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2009.08.20 05:56:56 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3364.37138__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2009.08.20 05:56:56 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3364.37140__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2009.08.20 05:56:56 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2009.08.20 05:56:56 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3309.28608__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2009.08.20 05:56:56 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3309.28629__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2009.08.20 05:56:56 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3309.28627__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2009.08.20 05:56:55 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3309.28604__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2009.08.20 05:56:55 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3309.28618__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2009.08.20 05:56:55 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2009.08.20 05:56:55 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3309.28601__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2009.08.20 05:56:55 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3309.28603__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2009.08.20 05:56:55 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3309.28669__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2009.08.20 05:56:55 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3309.28630__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2009.08.20 05:56:55 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3309.28620__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2009.08.20 05:56:55 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2009.08.20 05:56:55 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3309.28611__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2009.08.20 05:56:55 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3309.28626__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2009.08.20 05:56:55 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3309.28645__90ba9c70f846762e\DEM.OS.dll
MOD - [2009.08.20 05:56:55 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2009.08.20 05:56:55 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3309.28630__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2009.08.20 05:56:55 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2009.08.20 05:56:55 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2009.08.20 05:56:55 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2009.08.20 05:56:55 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3309.28645__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2009.08.20 05:56:55 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2009.08.20 05:56:55 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2009.08.20 05:56:55 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2009.08.20 05:56:54 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2009.08.20 05:56:54 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2009.08.20 05:56:54 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2009.08.20 05:56:54 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2009.08.20 05:56:54 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2009.08.20 05:56:54 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2009.08.20 05:56:54 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2009.08.20 05:56:54 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3309.28624__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2009.08.20 05:56:54 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2009.08.20 05:56:54 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2009.08.20 05:56:54 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2009.08.20 05:56:54 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3309.28627__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2009.08.20 05:56:54 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2009.08.20 05:56:54 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2009.08.20 05:56:54 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3309.28626__90ba9c70f846762e\APM.Foundation.dll
MOD - [2009.08.20 05:56:54 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2009.08.20 05:56:53 | 000,544,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3364.37168__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2009.08.20 05:56:53 | 000,503,808 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3364.37207__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
MOD - [2009.08.20 05:56:53 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3364.37097__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2009.08.20 05:56:53 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3364.37174__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2009.08.20 05:56:53 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3364.37080__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2009.08.20 05:56:53 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3364.37172__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2009.08.20 05:56:53 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3364.37082__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2009.08.20 05:56:53 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3309.28628__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2009.08.20 05:56:53 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3364.37188__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2009.08.20 05:56:53 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3309.28608__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2009.08.20 05:56:53 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3309.28614__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2009.08.20 05:56:53 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3309.28627__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2009.08.20 05:56:53 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2009.08.20 05:56:53 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3309.28612__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2009.08.20 05:56:53 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3309.28626__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2009.08.20 05:56:53 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2009.08.20 05:56:53 | 000,014,848 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2009.08.20 05:56:53 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2009.08.20 05:56:53 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3364.37078__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2009.08.20 05:56:52 | 001,142,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3364.37087__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2009.08.20 05:56:52 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3364.37081__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2009.08.20 05:56:52 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3364.37080__90ba9c70f846762e\APM.Server.dll
MOD - [2009.08.20 05:56:52 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3364.37079__90ba9c70f846762e\AEM.Server.dll
MOD - [2009.08.20 05:56:52 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3309.28621__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2009.08.20 05:56:52 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2009.08.20 05:56:52 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3364.37173__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2009.08.20 05:56:52 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3309.28624__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2009.08.20 05:56:52 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3309.28637__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2009.03.30 06:42:12 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009.03.30 06:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.03.19 05:16:10 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2009.02.02 17:33:56 | 000,460,199 | ---- | M] () -- C:\Programme\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
MOD - [2009.01.26 14:56:58 | 000,016,384 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2009.01.21 00:41:26 | 000,872,448 | ---- | M] () -- C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMediaLibrary.dll
MOD - [2009.01.21 00:41:22 | 000,007,680 | ---- | M] () -- C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvcPS.dll
MOD - [2007.12.19 03:13:04 | 001,179,648 | ---- | M] () -- C:\Programme\WiFiConnector\NintendoWFCReg.exe
MOD - [2007.07.03 07:55:36 | 000,110,592 | ---- | M] () -- C:\Programme\WiFiConnector\WIFICON.dll
MOD - [2003.06.07 23:30:08 | 000,057,344 | ---- | M] () -- C:\Programme\Launch Manager\PowerUtl.dll
========== Services (SafeList) ==========
SRV - [2012.06.07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.05.06 00:19:43 | 001,564,368 | ---- | M] () [Auto | Running] -- C:\Programme\Guard-ICQ\GuardICQ.exe -- (Guard.Mail.ru)
SRV - [2012.05.06 00:19:36 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.03.20 11:16:08 | 000,247,872 | ---- | M] () [Auto | Running] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2012.03.08 18:32:24 | 001,492,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2011.07.18 19:50:02 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.05.11 17:19:48 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.03.28 20:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2011.02.28 19:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Programme\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.02.25 11:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010.09.22 16:33:04 | 000,051,040 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2009.10.27 12:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Programme\McAfee\MPF\MpfSrv.exe -- (MpfService)
SRV - [2009.10.02 13:02:56 | 000,026,640 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Programme\McAfee\MSK\msksrver.exe -- (MSK80Service)
SRV - [2009.09.17 14:29:04 | 000,865,832 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Programme\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2009.07.08 11:54:34 | 000,359,952 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Programme\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2009.07.07 19:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Programme\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2009.05.14 23:03:30 | 000,305,448 | ---- | M] () [Auto | Running] -- C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)
SRV - [2009.04.11 19:32:00 | 000,061,184 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Programme\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009.04.03 19:54:40 | 000,723,488 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2009.01.16 20:53:30 | 000,410,624 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\System32\XAudio32.dll -- (HsfXAudioService)
SRV - [2008.12.18 13:51:34 | 000,075,048 | ---- | M] () [Auto | Running] -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService)
SRV - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008.11.04 02:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.04.24 19:24:14 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxbacoms.exe -- (lxba_device)
SRV - [2006.10.26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006.10.23 14:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Programme\Common Files\aol\acs\AOLacsd.exe -- (AOL ACS)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- c:\users\marcus\appdata\local\temp\g8sfcgmvrbaz\pcdrdiag\bin\pcdsrvc.pkms -- (PCDSRVC{123F7370-11D2FFC0-06020101}_0)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012.10.10 09:51:45 | 000,100,864 | ---- | M] (GMER) [Kernel | On_Demand | Running] -- C:\Users\Marcus\AppData\Local\Temp\kxriypog.sys -- (kxriypog)
DRV - [2011.07.18 19:50:03 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.07.18 19:50:03 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.07.16 12:32:26 | 000,130,424 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\Mpfp.sys -- (MPFP)
DRV - [2009.06.23 09:53:18 | 001,181,184 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009.05.11 11:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.03.19 06:06:28 | 004,386,304 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009.02.23 04:18:06 | 000,195,120 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2009.02.21 04:10:00 | 000,153,952 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2009.01.16 20:53:32 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio32.sys -- (XAudio)
DRV - [2008.12.04 18:34:34 | 000,059,952 | ---- | M] (Egis Incorporated.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV - [2008.12.04 18:34:34 | 000,019,504 | ---- | M] (Egis Incorporated.) [File_System | System | Running] -- C:\Windows\System32\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV - [2008.12.04 18:34:34 | 000,016,432 | ---- | M] (Egis Incorporated.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV - [2008.10.03 19:08:52 | 000,183,312 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ahcix86s.sys -- (ahcix86s)
DRV - [2008.09.04 06:12:56 | 000,223,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x)
DRV - [2008.05.28 17:54:20 | 000,022,072 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2008.04.28 16:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie)
DRV - [2007.11.29 07:21:06 | 000,163,328 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RT25USBAP.SYS -- (RT25USBAP)
DRV - [2007.06.13 18:11:10 | 000,025,136 | ---- | M] (America Online) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atwpkt2.sys -- (ATWPKT2)
DRV - [2006.11.30 00:24:57 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wanatw4.sys -- (wanatw)
DRV - [2006.11.28 22:46:24 | 000,028,224 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PDNMp50.sys -- (PDNMp50)
DRV - [2006.11.28 22:46:22 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PDNSp50.sys -- (PDNSp50)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Upgrade to Google Chrome
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{485142B5-8CBA-4763-BD9E-9448BF4F1C38}: "URL" = hxxp://www.bing.com/search?FORM=SOLTDF&PC=SUN1&q={searchTerms}&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE350
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rlz=1I7ACAW_deDE350&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = hxxp://127.0.0.1:4664/search&s=21QQnD2qFViK5YB9dSJBoyxIrPo?q={searchTerms}
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredimail.com/?search={searchTerms}&loc=search_box_im2_test_v2
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
========== Chrome ==========
CHR - homepage: Google
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: Google
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.79\pdf.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Marcus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 7.0.0.147 (Enabled) = C:\Program Files\Java\jre7\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 7 (Enabled) = C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Zylom Plugin (Enabled) = C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\Marcus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Marcus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Skype Click to Call = C:\Users\Marcus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
CHR - Extension: ICQ Sparberater = C:\Users\Marcus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmpllndkedbnmonoomepeeglghdelffo\1.4.9_0\
CHR - Extension: Google Mail = C:\Users\Marcus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (ICQ Sparberater) - {0766C1B9-B2DC-46E5-8934-4F3D6B42B1BD} - C:\Programme\icq\Internet Explorer\icq.dll (solute gmbh)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programme\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [Guard.Mail.ru.gui] C:\Program Files\Guard-ICQ\GuardICQ.exe ()
O4 - HKLM..\Run: [HostManager] C:\Programme\Common Files\aol\1256301154\ee\aolsoftware.exe (America Online, Inc.)
O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [mwlDaemon] C:\Programme\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [Skytel] C:\Programme\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SMSTray] C:\Programme\Samsung\EmoDio\SMSTray.exe (SAMSUNG ELECTRONICS)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Programme\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Programme\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} hxxp://cdn.scan.onecare.live.com/resource/download/scanner/de-de/wlscctrl2.cab (Windows Live OneCare safety scanner control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 10.0.0)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4A631CC8-7256-41B2-A94A-FCC87FBA04DA}: DhcpNameServer = 10.57.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{622A74E9-9763-47A6-A819-48306A08F504}: NameServer = 62.109.123.197 213.191.74.19
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img31.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img31.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{1975e22c-baaf-11e1-b25d-b89ecea3c9fa}\Shell - "" = AutoRun
O33 - MountPoints2\{1975e22c-baaf-11e1-b25d-b89ecea3c9fa}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\Start.hta
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012.10.10 09:52:14 | 000,100,864 | ---- | C] (GMER) -- C:\kxriypog.sys
[2012.10.10 09:37:47 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Marcus\Desktop\OTL (1).exe
[2012.10.10 09:35:04 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Marcus\Desktop\OTL.exe
[2012.10.09 17:36:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012.10.09 17:36:51 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2012.10.08 14:23:42 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.10.08 13:08:17 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012.10.08 13:04:28 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2012.10.08 13:02:22 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies(1209)
[2012.10.08 13:02:17 | 000,000,000 | ---D | C] -- C:\Program Files\ATI(1208)
[2012.10.08 12:59:51 | 000,000,000 | ---D | C] -- C:\AMD
[2012.10.08 11:38:15 | 000,000,000 | ---D | C] -- C:\ProgramData\UAB
[2012.10.08 11:37:57 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Drivers HeadQuarters
[2012.10.08 11:36:36 | 000,000,000 | ---D | C] -- C:\Program Files\PC Drivers HeadQuarters
[2012.10.08 11:35:18 | 000,000,000 | ---D | C] -- C:\ProgramData\IBUpdaterService
[2012.10.08 11:25:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverTuner
[2012.10.08 11:25:29 | 000,000,000 | ---D | C] -- C:\Program Files\DriverTuner
[2012.10.07 12:30:28 | 000,000,000 | ---D | C] -- C:\Users\Marcus\AppData\Roaming\Iqyc
[2012.10.07 12:30:28 | 000,000,000 | ---D | C] -- C:\Users\Marcus\AppData\Roaming\Iboba
[2012.10.07 10:24:28 | 000,000,000 | ---D | C] -- C:\ProgramData\hxqfasmrzlcirtj
[2012.10.06 14:52:13 | 000,000,000 | -H-D | C] -- C:\Users\Marcus\AppData\Local\{A2DC0AAF-B11A-44B5-B574-F4DD8AA5FB05}
[2012.10.05 22:02:07 | 000,000,000 | -H-D | C] -- C:\Users\Marcus\AppData\Local\{E63FAB29-9B57-401A-9C8D-80D3FDD1BC32}
[2012.10.03 13:55:13 | 000,000,000 | -H-D | C] -- C:\Users\Marcus\AppData\Local\{B233DFFA-6705-4E3B-991F-9425D86E7463}
[2012.10.02 12:01:48 | 000,000,000 | -H-D | C] -- C:\Users\Marcus\AppData\Local\{A5088A68-776A-48F4-B3A6-8C30A8AED86C}
[2012.10.01 23:37:10 | 000,000,000 | -H-D | C] -- C:\Users\Marcus\AppData\Local\{E06E749D-7893-4474-AA3F-CE382F1129B0}
[2012.09.30 22:18:33 | 000,000,000 | -H-D | C] -- C:\Users\Marcus\AppData\Local\{54D7AE3D-071E-4A30-81A6-8AE7E5C7ED66}
[2012.09.28 14:41:52 | 000,000,000 | -H-D | C] -- C:\Users\Marcus\AppData\Local\{1D0500D9-EFCE-48B1-A7D8-3B3F84BE0490}
[2012.09.25 21:59:03 | 000,000,000 | -H-D | C] -- C:\Users\Marcus\AppData\Local\{D682F998-3CA7-4790-AD01-DA1A62B8E5EB}
[2012.09.23 12:03:58 | 000,000,000 | -H-D | C] -- C:\Users\Marcus\AppData\Local\{E9BDB04D-9EA2-4D15-8805-EAC1E78F6146}
[2012.09.22 10:55:29 | 000,000,000 | -H-D | C] -- C:\Users\Marcus\AppData\Local\{88D856D9-30D5-4E8F-89BC-830497D37DA5}
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.10.10 10:29:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.10 10:16:01 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.10 09:52:14 | 000,100,864 | ---- | M] (GMER) -- C:\kxriypog.sys
[2012.10.10 09:42:30 | 000,302,592 | ---- | M] () -- C:\Users\Marcus\Desktop\jgkku9iv.exe
[2012.10.10 09:37:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marcus\Desktop\OTL (1).exe
[2012.10.10 09:35:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marcus\Desktop\OTL.exe
[2012.10.10 09:26:43 | 000,000,434 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2012.10.10 09:26:12 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.10 09:26:11 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.10 09:26:11 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.10 09:25:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.10 09:25:35 | 3353,702,400 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.10 09:24:22 | 000,020,947 | ---- | M] () -- C:\Windows\System32\Config.MPF
[2012.10.10 09:20:39 | 000,000,000 | ---- | M] () -- C:\Users\Marcus\defogger_reenable
[2012.10.10 09:04:56 | 000,005,068 | ---- | M] () -- C:\Users\Marcus\Desktop\Logdatei2.zip
[2012.10.10 08:20:00 | 000,001,975 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.10.08 19:02:24 | 000,007,728 | ---- | M] () -- C:\Users\Marcus\AppData\Local\d3d9caps.dat
[2012.10.08 14:23:58 | 000,001,891 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012.10.07 10:24:27 | 000,076,349 | ---- | M] () -- C:\ProgramData\kxmibnkensvjkcz
[2012.10.06 17:11:57 | 000,000,368 | -H-- | M] () -- C:\ProgramData\HV5q2jDplPIfxQ
[2012.09.22 16:41:42 | 000,019,968 | ---- | M] () -- C:\Users\Marcus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.10.10 09:42:30 | 000,302,592 | ---- | C] () -- C:\Users\Marcus\Desktop\jgkku9iv.exe
[2012.10.10 09:20:39 | 000,000,000 | ---- | C] () -- C:\Users\Marcus\defogger_reenable
[2012.10.10 09:00:42 | 000,005,068 | ---- | C] () -- C:\Users\Marcus\Desktop\Logdatei2.zip
[2012.10.09 17:04:41 | 3353,702,400 | -HS- | C] () -- C:\hiberfil.sys
[2012.10.07 10:24:19 | 000,076,349 | ---- | C] () -- C:\ProgramData\kxmibnkensvjkcz
[2012.10.06 17:11:54 | 000,000,368 | -H-- | C] () -- C:\ProgramData\HV5q2jDplPIfxQ
[2011.12.14 00:00:01 | 000,000,065 | ---- | C] () -- C:\Windows\FISHUI.INI
[2010.10.01 12:54:10 | 000,007,728 | ---- | C] () -- C:\Users\Marcus\AppData\Local\d3d9caps.dat
[2010.07.16 13:52:20 | 000,000,090 | -H-- | C] () -- C:\Users\Marcus\AppData\Roaming\wklnhst.dat
[2010.02.19 10:20:30 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.10.23 17:18:37 | 000,019,968 | ---- | C] () -- C:\Users\Marcus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011.01.21 18:35:22 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\$NtUninstallKB47198$] -> Error: Cannot create file handle -> Unknown point type
========== Alternate Data Streams ==========
@Alternate Data Stream - 99 bytes -> C:\ProgramData\Temp:B203B914
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:E1982A23
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:814B9485
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:CDFF58FE
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:ABE89FFE
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:3B3A35EC
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:CE0A077E
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:4F636E25
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:35759C73
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:DCAF903C
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:798A3728
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:41099CE9
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:B623B5B8
@Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:9E22BBE8
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:8750DCE4
< End of report >
--- --- ---
OTL Logfile: Code:
OTL Extras logfile created on: 10.10.2012 10:37:37 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marcus\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,12 Gb Total Physical Memory | 1,72 Gb Available Physical Memory | 55,15% Memory free
6,44 Gb Paging File | 5,04 Gb Available in Paging File | 78,23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455,99 Gb Total Space | 341,29 Gb Free Space | 74,84% Space Free | Partition Type: NTFS
Computer Name: MARCUS-PC | User Name: Marcus | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{12F084DF-60BD-4801-8D9A-43A7A820DFC4}" = lport=2869 | protocol=6 | dir=in | app=system |
"{16CCF3A0-2D91-42DA-B19C-41D733A07FC9}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{1BA31BB0-C271-4596-98AF-08D695D3578A}" = rport=2869 | protocol=6 | dir=out | app=system |
"{22B3A58B-AEDE-4AEE-B2BA-1BD74FE9360C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{268CBA02-254B-4D5C-B02A-A9F9E56E4F69}" = lport=137 | protocol=17 | dir=in | app=system |
"{26A1F725-8553-4ACA-B5B9-25657DD43114}" = lport=445 | protocol=6 | dir=in | app=system |
"{285D9489-F5AB-409A-86E8-FD0B94233DAE}" = rport=138 | protocol=17 | dir=out | app=system |
"{3B1F39F8-D393-4A3B-BBD2-86E846103725}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4CAA4CB4-E6F1-4693-B3EA-E5BC56EB9829}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{5DC61F93-192F-4B90-8093-9584C8562301}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{6F1BB5ED-65CE-455B-BEDF-89310AAE571B}" = rport=137 | protocol=17 | dir=out | app=system |
"{927DA8AA-94F5-43B1-93D8-ED8BA522F719}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{95DE81FE-F244-4959-A5BC-E53F3FA1523E}" = rport=445 | protocol=6 | dir=out | app=system |
"{9A22967C-1417-43CD-B43D-A095511F7D77}" = lport=138 | protocol=17 | dir=in | app=system |
"{9FC45F2B-8F5C-410F-A9E2-26778696FFDF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B530158A-3FCF-48DE-ADDF-A477361FEAC4}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{CAF3C9C3-E34E-47F4-8E42-9796F99D7922}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{CF4AADCB-D5EB-4158-9EB7-665A334CAE70}" = lport=139 | protocol=6 | dir=in | app=system |
"{D532CFF1-95F0-4E68-B7E4-B8A0F7EB2A48}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{DE55231C-EED4-4EA7-B4DE-2CE0323CF1DC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{EBD884EB-3C69-4E13-82DA-BF9DD43487DA}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{F353730D-9989-4391-AF6F-A91A5C04B494}" = rport=139 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0305858A-2E3C-4E3F-9C99-18DCDF2E9CA8}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{06CB9592-E30B-460B-A93B-C2FDFEDE7DF0}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{0A237C3C-AC92-4CC7-A81B-E4C427EADD06}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{0AEAE955-0EA3-4572-8F52-3829E9AF3390}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{11168A22-D55E-4067-87AB-785E74D1831B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{12ED879D-2F92-4FD1-BF6D-FE4A64A446BE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{13753559-5931-4D89-B8B1-32C3ED3E98E1}" = protocol=6 | dir=in | app=c:\program files\icq7m\icq.exe |
"{14AC9D76-EC97-4341-9D85-2A15BB56B07E}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{16146D8E-8775-4BDF-B138-84EDE5092273}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{17F4941A-A6C9-46D9-809B-D3DB59848406}" = protocol=17 | dir=in | app=c:\program files\icq7m\icq.exe |
"{189B866C-76C9-43FD-9D73-626E18DE2282}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{1E4291E2-1B52-46EB-A2A4-4A2BAA347631}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{217E1650-3C0D-4ADB-A200-06DC2CD967B2}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{22943D32-DC76-486F-9836-30E4B6591F99}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1256301154\ee\aolsoftware.exe |
"{2A1796A8-DF9D-4503-86C0-FDD8DFEF9AB3}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\pmvservice.exe |
"{2A1E250E-537E-42B4-99A7-6F9C3F5BB14E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{3291AAC7-7B09-4256-918E-EC87D8EA94F3}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{39097E9E-A406-423C-9E58-53390FC28ED8}" = protocol=17 | dir=in | app=c:\windows\system32\lxbacoms.exe |
"{3D454DB6-A604-42DF-A9DB-1B7245E188CE}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{425994D1-ABE1-4E12-8C05-44FC2DD3C4B9}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{42FF9C4D-00CB-40E7-8BD7-79DF5B350B8D}" = protocol=6 | dir=in | app=c:\program files\aol 9.0 vr\waol.exe |
"{47BDBDF7-CE04-4999-989B-C3D7ACC3B172}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{47C6391C-F691-49CE-A6AC-93539BB2C646}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxbapswx.exe |
"{52F0D501-74FA-4405-88E7-31994C40DFC6}" = protocol=6 | dir=in | app=c:\program files\aol 9.0 vrc\waol.exe |
"{5E22CB82-060D-4507-85A1-6192A160461A}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\playmovie.exe |
"{5EE4345A-4CD5-4F77-AD5A-302E342BB168}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{6A769AED-BF94-4AA5-9CF7-9325804A369C}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{6AFA74CD-1743-4A85-9899-EC571D317EA5}" = protocol=6 | dir=in | app=c:\program files\landwirtschafts simulator 2011\farmingsimulator2011.exe |
"{6C95637B-E673-41F3-9D45-35CD99CB4B79}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{6ED27413-EC64-4B74-8154-582D6169C6AF}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{736A59F8-00DE-44C9-B05E-CD1DAB88DD17}" = protocol=6 | dir=in | app=c:\program files\aol 9.0 vrb\waol.exe |
"{7CF3AD67-03C2-4367-8716-FCF25FF0EDC0}" = protocol=17 | dir=in | app=c:\program files\landwirtschafts simulator 2011\game.exe |
"{85AC0A11-41F0-40D6-B933-7AB6D1454B48}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{8A9C1E3C-5376-4165-A3F7-27E1417A132A}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxbapswx.exe |
"{8DBD5B1F-00F6-401C-A7B5-CF5F2EAF5B35}" = protocol=6 | dir=in | app=c:\program files\icq7m\icq.exe |
"{965A7006-20FF-4201-A9CC-EF4F1E75B237}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{9811A4FD-9183-4C47-BB47-DE8AC75EBDE8}" = protocol=17 | dir=in | app=c:\program files\landwirtschafts simulator 2011\farmingsimulator2011.exe |
"{99789396-8E84-4506-A27E-9CFC2304AB78}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{99B7FA1F-AD94-4C46-A434-8C999D1EF40D}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{9A7E79C4-E7F8-48F3-A9D0-B5C7AB5E40A2}" = protocol=17 | dir=in | app=c:\program files\aol 9.0 vrc\waol.exe |
"{A0970B6F-F111-4530-8CA1-803F08E139D9}" = protocol=6 | dir=in | app=c:\windows\system32\lxbacoms.exe |
"{A13D061F-A674-42B3-A179-A008900EA6BE}" = protocol=17 | dir=in | app=c:\program files\aol 9.0 vrb\waol.exe |
"{A3C2994A-CFCA-428F-8FDB-1A8041918CE1}" = dir=in | app=c:\program files\wificonnector\nintendowfcreg.exe |
"{A77E1E56-1412-46C2-B675-15AC554CFB53}" = protocol=17 | dir=in | app=c:\program files\icq7m\icq.exe |
"{AE5F3641-CB59-4CC2-9C68-72787644AF9B}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{BFB17ECD-2321-482A-A3D1-5D613E8D850B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C272982F-F795-4F8E-87B1-64A4757245F0}" = protocol=6 | dir=in | app=c:\program files\aol 9.0 vre\waol.exe |
"{C597517C-ED5F-45BD-8020-077D2724134B}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{C6696ACE-43E6-40FC-BE82-678C7CDB218D}" = protocol=17 | dir=in | app=c:\program files\aol 9.0 vre\waol.exe |
"{C87256EF-F918-458E-860A-126A953CF626}" = protocol=6 | dir=in | app=c:\program files\aol 9.0 vrd\waol.exe |
"{C95EBE50-43AF-4712-8E29-FB7965682B9A}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{C9CBE368-8084-4F7E-9F9C-9B4AFB2D852F}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{D26143B7-6447-45DD-9267-B1EFDF64CC8F}" = protocol=17 | dir=in | app=c:\program files\aol 9.0 vr\waol.exe |
"{D7A83E3E-21C0-4A55-A4F1-BAAC0E593643}" = protocol=17 | dir=in | app=c:\program files\aol 9.0 vrd\waol.exe |
"{E00E5B8D-25A6-428E-AF9F-9DAB71C8E598}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{E18CB94C-6740-4B7D-803B-C5114C54BC97}" = protocol=6 | dir=in | app=c:\program files\landwirtschafts simulator 2011\game.exe |
"{E5A2F452-E3A9-443F-B098-47794E87D13C}" = protocol=6 | dir=in | app=c:\program files\icq7m\icq.exe |
"{E9AE87DC-A834-448A-ABB6-C3AC06BB5B93}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{F09B4F41-8D0A-4AC1-8A6D-1868365303FE}" = protocol=17 | dir=in | app=c:\program files\icq7m\icq.exe |
"{F0EBB673-E96C-43D4-8CA8-9CA25ED9E4EF}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1256301154\ee\aolsoftware.exe |
"{F1D21740-1833-4C2D-8319-7B83821ECED9}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{F45F5990-CEEA-4275-96ED-C284EA25B2E4}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe |
"{FF85C6A5-7596-4827-8471-594B8742D16A}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"TCP Query User{E8F6CC92-B8A8-4750-89AC-E07543524CF2}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{A9DBB04F-DD00-4A7C-BA09-6A1AEBE9D966}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02602409-9189-4567-BC07-562605243B69}" = Windows Live Remote Client Resources
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0766C1B9-B2DC-46E5-8934-4F3D6B42B1BD}" = ICQ Sparberater
"{082EF4D3-37D3-2ABE-8108-95B605157DBC}" = Catalyst Control Center Localization All
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{15B2BC56-D179-4450-84B9-7A8D7F4CE1B9}" = Lexware Info Service
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1F727AEE-3992-AAD9-E8A7-560BF4F92999}" = CCC Help Chinese Standard
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 26
"{26A24AE4-039D-4CA4-87B4-2F83217000FF}" = Java(TM) 7
"{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}" = Windows Live Family Safety
"{31AC282F-3EF7-B239-9BBA-DB606B248F2A}" = CCC Help Spanish
"{31B2D73B-4311-4D95-A131-32FB2194D1CB}" = Microsoft UI Engine
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33FA7D12-4740-D665-D17C-F5F25EA6EEA6}" = CCC Help Portuguese
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}" = Windows Live Remote Service Resources
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3F5677C0-9871-0BEF-12DD-9E157C1ABA2E}" = CCC Help Dutch
"{44CDBD1B-89FB-4E02-8319-2A4C550F664A}" = RTC Client API v1.2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AEAC717-86F8-DE21-3933-8E4377797AEF}" = CCC Help Japanese
"{4B526075-AF27-47A2-860D-3DA92928A051}" = Steuer 2010
"{5165A18F-349C-4EC0-9404-190CC08B4055}_is1" = Schwertransport-Simulator 1.9.11
"{52BF91FE-7B2F-E26C-7A78-42C056B4461C}" = ccc-utility
"{5B63A470-9334-44D1-AF61-6CE2DB565AE9}" = Orion
"{5BF3F950-BDAF-C801-0BE4-6319CB412F9D}" = Catalyst Control Center InstallProxy
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5FC61CFC-1CAA-7650-2755-721FFD78F8D4}" = CCC Help Swedish
"{61C770D4-6F09-52EA-5C84-FF58F324B62B}" = CCC Help Czech
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{63617A9B-A0EE-319B-2478-16CCDA8C945C}" = Catalyst Control Center Graphics Light
"{65EBA8F2-A7A0-E1A8-0986-BADCE1694362}" = Catalyst Control Center Core Implementation
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker
"{69567CE7-08A6-F984-3BA1-9AE068EC7AAF}" = ATI Catalyst Install Manager
"{6D9D1582-2E8C-491B-C337-63B6810A4426}" = CCC Help Finnish
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71C2828F-2678-4675-BDEC-895424861262}_is1" = C:\Program Files\Acer GameZone\GameConsole
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar
"{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}" = ICQ7M
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7A745642-3020-E403-B67A-C19BF008687A}" = CCC Help Turkish
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110184263}" = Puzzle Express
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11037623}" = Tradewinds 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111205743}" = Tri-Peaks Solitaire To Go
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111232687}" = Ocean Express
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11170417}" = Luxor 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11219217}" = Cradle of Rome
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112270203}" = Dream Day Wedding
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}" = Turbo Pizza
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113056167}" = Dream Day Honeymoon
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113297350}" = Cake Mania 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113494430}" = Wedding Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11505173}" = Airport Mania First Flight
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115443300}" = Cooking Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11551977}" = Parking Dash
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{852019C5-8AF7-4ECF-BB25-79AE53FBD245}_is1" = Strassenbau Simulator 1.2.16
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{877D85BD-71AA-4BC0-5314-03B8D15F95A9}" = Catalyst Control Center Graphics Full Existing
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{92ABBA93-EE00-41C7-8D44-67D0C9DEF51E}" = Catalyst Control Center - Branding
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AF0B106-56F1-461B-A270-95BC1682E282}" = Broadcom Gigabit NetLink Controller
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E325417-AE9C-4EE1-A158-13DF451A5987}" = Broadcom Gigabit Integrated Controller
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A3AB35FA-943E-4799-99DC-46EFD59E998F}" = AMD USB Audio Driver Filter
"{A5AC5F3C-9C4B-136A-5A21-5ADFF12B9657}" = ccc-core-static
"{A6F8719C-479C-4656-BFF7-393584B2034A}" = CCC Help German
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.2 - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B6D73C82-714E-1E99-2A85-43E649F51F18}" = Catalyst Control Center Graphics Full New
"{B7C690A8-80D8-D09B-B35F-1201AA6B6FDE}" = CCC Help French
"{B8BE463A-E21C-8E7E-399D-CC9724283682}" = CCC Help Polish
"{B9587DFD-225C-1B2B-4FA1-E27768140EFC}" = CCC Help Russian
"{BB50C649-9BB5-BF21-E8C1-0CFFE263C866}" = CCC Help Chinese Traditional
"{C19BE821-89B1-4A96-AC7C-873810C0CB5F}" = ContentSAFER for Wizmax
"{C20CE592-B0F8-4D20-BF31-0151CA6331A6}" = EmoDio
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{CBD9E015-4A3C-A3DF-6FCF-C636251DF0C8}" = CCC Help Greek
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam Ver:1.1.74.216
"{D0F0DEFD-538E-8B1C-A2B7-12FB5135BA21}" = CCC Help Danish
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6E5E642-5975-C402-5EDC-181E0AAD10ED}" = CCC Help Korean
"{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}" = Acer Product Registration
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E12E7096-E796-BB35-02BD-C7720978E481}" = CCC Help English
"{E48A7361-D746-8706-5221-F49A207A6DD8}" = CCC Help Thai
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{ECF195B6-D7F0-B206-7A04-9F83284E9412}" = CCC Help Hungarian
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F5A4F780-DF0C-444F-BA82-637CCF5C8052}" = Windows Live Family Safety
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FE3455C6-26CE-71F7-FC1B-7405C83451B7}" = CCC Help Norwegian
"7-Zip" = 7-Zip 9.20
"Acer Screensaver" = Acer ScreenSaver
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Alice" = Alice-Installationsdateien entfernen
"Alice Software" = Alice Software 4.10.0
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"FarmingSimulator2008_is1" = Landwirtschafts Simulator 2008
"FarmingSimulator2011DE_is1" = Landwirtschafts Simulator 2011
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"GridVista" = Acer GridVista
"Guard.Mail.ru" = Guard.ICQ
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ICQToolbar" = ICQ Toolbar
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"InstallShield_{C20CE592-B0F8-4D20-BF31-0151CA6331A6}" = EmoDio
"Lexmark X5100 Series" = Lexmark X5100 Series
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"MSC" = McAfee SecurityCenter
"ViewpointMediaPlayer" = Viewpoint Media Player
"WiFiConnector" = Registrierungsprogramm für den Nintendo Wi-Fi USB Connector
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinLiveSuite" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
"Zylom Games Player Plugin" = Zylom Games Player Plugin
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 10.10.2012 03:26:10 | Computer Name = Marcus-PC | Source = Avira AntiVir | ID = 4122
Description = Die Datei AVPREF.DLL konnte nicht geladen werden. Fehlercode: 0x45a
Error - 10.10.2012 03:26:29 | Computer Name = Marcus-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 10.10.2012 03:26:29 | Computer Name = Marcus-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 10.10.2012 03:26:29 | Computer Name = Marcus-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksCal.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 10.10.2012 03:26:30 | Computer Name = Marcus-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 10.10.2012 03:26:30 | Computer Name = Marcus-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 10.10.2012 03:26:30 | Computer Name = Marcus-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 10.10.2012 03:26:30 | Computer Name = Marcus-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 10.10.2012 03:27:04 | Computer Name = Marcus-PC | Source = WinMgmt | ID = 10
Description =
Error - 10.10.2012 03:55:13 | Computer Name = Marcus-PC | Source = Perflib | ID = 1010
Description =
[ System Events ]
Error - 10.10.2012 03:29:46 | Computer Name = Marcus-PC | Source = ipnathlp | ID = 31004
Description = 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner
Fehler ist im Speicher-Manager aufgetreten.
Error - 10.10.2012 03:30:13 | Computer Name = Marcus-PC | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
\Device\NetBT_Tcpip_{622A74E9-9763-47A6-A819-48306A08F504} vom Serverdienst nicht
gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error - 10.10.2012 03:30:18 | Computer Name = Marcus-PC | Source = ipnathlp | ID = 31004
Description = 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner
Fehler ist im Speicher-Manager aufgetreten.
Error - 10.10.2012 03:46:35 | Computer Name = Marcus-PC | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie chkdsk auf Volume "" aus.
Error - 10.10.2012 03:48:00 | Computer Name = Marcus-PC | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
\Device\NetBT_Tcpip_{622A74E9-9763-47A6-A819-48306A08F504} vom Serverdienst nicht
gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error - 10.10.2012 03:48:00 | Computer Name = Marcus-PC | Source = netbt | ID = 4321
Description = Der Name "MARCUS-PC :20" konnte nicht auf der Schnittstelle mit
IP-Adresse 169.254.1.228 registriert werden. Der Computer mit IP-Adresse 78.55.63.63
hat nicht zugelassen, dass dieser Computer diesen Namen verwendet.
Error - 10.10.2012 04:30:39 | Computer Name = Marcus-PC | Source = ipnathlp | ID = 31004
Description = 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner
Fehler ist im Speicher-Manager aufgetreten.
Error - 10.10.2012 04:30:42 | Computer Name = Marcus-PC | Source = ipnathlp | ID = 31004
Description = 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner
Fehler ist im Speicher-Manager aufgetreten.
Error - 10.10.2012 04:31:02 | Computer Name = Marcus-PC | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
\Device\NetBT_Tcpip_{622A74E9-9763-47A6-A819-48306A08F504} vom Serverdienst nicht
gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error - 10.10.2012 04:31:28 | Computer Name = Marcus-PC | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
\Device\NetBT_Tcpip_{622A74E9-9763-47A6-A819-48306A08F504} vom Serverdienst nicht
gebunden werden. Der Serverdienst konnte nicht gestartet werden.
< End of report >
--- --- ---
GMER Logfile: Code:
GMER 1.0.15.15641 - GMER - Rootkit Detector and Remover
Rootkit scan 2012-10-10 10:28:13
Windows 6.0.6002 Service Pack 2
Running: jgkku9iv.exe; Driver: C:\Users\Marcus\AppData\Local\Temp\kxriypog.sys
---- Files - GMER 1.0.15 ----
File C:\Users\Marcus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9POUX8KX\ErrorPageTemplate[2] 0 bytes
File C:\Windows\$NtUninstallKB47198$\1866979097 0 bytes
File C:\Windows\$NtUninstallKB47198$\1866979097\@ 2048 bytes
File C:\Windows\$NtUninstallKB47198$\1866979097\cfg.ini 26 bytes
File C:\Windows\$NtUninstallKB47198$\1866979097\Desktop.ini 4608 bytes
File C:\Windows\$NtUninstallKB47198$\1866979097\L 0 bytes
File C:\Windows\$NtUninstallKB47198$\1866979097\L\qnbwvoto 75264 bytes
File C:\Windows\$NtUninstallKB47198$\1866979097\U 0 bytes
File C:\Windows\$NtUninstallKB47198$\3492064107 0 bytes
---- EOF - GMER 1.0.15 ----
--- --- --- |
