Ihavenet Trojaner
Hallo,
ich habe mir scheinbar auch den ihavenet-trojaner eingefangen und habe bereits OTL drüberlaufen gelassen. Anbei sind die textfiles. Vorab schonmal vielen Dank für die Hilfe. Code:
OTL logfile created on: 21.12.2012 21:15:04 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lisa\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19393)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,99 Gb Total Physical Memory | 1,56 Gb Available Physical Memory | 51,99% Memory free
6,18 Gb Paging File | 4,71 Gb Available in Paging File | 76,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 223,12 Gb Total Space | 96,30 Gb Free Space | 43,16% Space Free | Partition Type: NTFS
Drive D: | 6,46 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: LISA´S-PC | User Name: Lisa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Lisa\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Users\Lisa\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\A Note\A Note.exe (A Note)
PRC - C:\Programme\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation)
PRC - C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
PRC - C:\Programme\McAfee Security Scan\3.0.207\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Programme\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Programme\Lexmark 2600 Series\lxdnmon.exe ()
PRC - C:\Programme\Lexmark 2600 Series\lxdnmsdmon.exe ()
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - C:\Users\Lisa\AppData\Local\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.)
PRC - C:\Windows\PLFSetI.exe ()
PRC - C:\Programme\Tobit ClipInc\Server\ClipInc-Server.exe ()
PRC - C:\Programme\Acer\Acer PowerSmart Manager\ePowerTray.exe (Acer Incorporated)
PRC - C:\Programme\Acer\Acer PowerSmart Manager\ePowerSvc.exe (Acer Incorporated)
PRC - C:\Programme\Acer\Acer PowerSmart Manager\ePowerEvent.exe (Acer Incorporated)
PRC - C:\Programme\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
PRC - C:\Programme\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Tobit ClipInc\Player\ClipIncTray.exe (Tobit.Software)
PRC - C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
PRC - C:\Programme\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
PRC - C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\Windows\System32\lxdncoms.exe ( )
PRC - C:\Programme\RocketDock\RocketDock.exe ()
PRC - C:\Programme\Common Files\EPSON\EBAPI\eEBSvc.exe (SEIKO EPSON CORPORATION)
========== Modules (No Company Name) ==========
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7f15d0cb7e4f87f86e425d5ffe7e8280\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\741164a3e36f879b9f9e3ff176465127\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\22e554f2c4da53c07e4815a24e2d50e2\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\2c6cd37f29fc76d6c2ed6bbed202d82c\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b2052acbbbba4f98585196872195e009\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7ad9c44df3b85848590e63f13fc59804\mscorlib.ni.dll ()
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - C:\Programme\Lexmark 2600 Series\lxdnmon.exe ()
MOD - C:\Programme\Lexmark 2600 Series\lxdnmsdmon.exe ()
MOD - C:\Programme\Lexmark 2600 Series\app4r.monitor.core.dll ()
MOD - C:\Programme\Lexmark 2600 Series\app4r.monitor.common.dll ()
MOD - C:\Programme\Lexmark 2600 Series\app4r.devmons.mcmdevmon.dll ()
MOD - C:\Programme\Lexmark 2600 Series\lxdndrs.dll ()
MOD - C:\Programme\Lexmark 2600 Series\lxdnscw.dll ()
MOD - C:\Programme\Lexmark 2600 Series\app4r.devmons.mcmdevmon.autoplayutil.dll ()
MOD - C:\Windows\PLFSetI.exe ()
MOD - C:\Programme\Tobit ClipInc\Player\ClipInc$.ger ()
MOD - C:\Programme\Tobit ClipInc\Player\tobitclt.dll ()
MOD - C:\Programme\Lexmark 2600 Series\lxdncaps.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Programme\NewTech Infosystems\Acer Backup Manager\sqlite3.dll ()
MOD - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMediaLibrary.dll ()
MOD - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvcPS.dll ()
MOD - C:\Programme\Lexmark 2600 Series\lxdncnv4.dll ()
MOD - C:\Programme\RocketDock\RocketDock.exe ()
MOD - C:\Programme\RocketDock\RocketDock.dll ()
MOD - C:\Windows\System32\spool\drivers\w32x86\3\lxdndatr.dll ()
MOD - C:\Windows\System32\spool\drivers\w32x86\3\lxdncats.dll ()
MOD - C:\Programme\Launch Manager\PowerUtl.dll ()
========== Services (SafeList) ==========
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (cvhsvc) -- C:\Programme\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation)
SRV - (sftvsa) -- C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Programme\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (McComponentHostService) -- C:\Programme\McAfee Security Scan\3.0.207\McCHSvc.exe (McAfee, Inc.)
SRV - (NMSAccess) -- C:\Programme\CDBurnerXP\NMSAccessU.exe ()
SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (ClipInc001) -- C:\Program Files\Tobit ClipInc\Server\ClipInc-Server.exe ()
SRV - (lxdnCATSCustConnectService) -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxdnserv.exe ()
SRV - (ePowerSvc) -- C:\Programme\Acer\Acer PowerSmart Manager\ePowerSvc.exe (Acer Incorporated)
SRV - (NTI IScheduleSvc) -- C:\Programme\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
SRV - (CLHNService) -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
SRV - (ServiceLayer) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (lxdn_device) -- C:\Windows\System32\lxdncoms.exe ( )
SRV - (EpsonBidirectionalService) -- C:\Programme\Common Files\EPSON\EBAPI\eEBSvc.exe (SEIKO EPSON CORPORATION)
========== Driver Services (SafeList) ==========
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (hwdatacard) -- system32\DRIVERS\ewusbmdm.sys File not found
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (AswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (Sftvol) -- C:\Windows\System32\drivers\Sftvollh.sys (Microsoft Corporation)
DRV - (Sftredir) -- C:\Windows\System32\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV - (Sftplay) -- C:\Windows\System32\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV - (Sftfs) -- C:\Windows\System32\drivers\Sftfslh.sys (Microsoft Corporation)
DRV - (StarOpen) -- C:\Windows\System32\drivers\StarOpen.sys ()
DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys ()
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (tap0901) -- C:\Windows\System32\drivers\tap0901.sys (The OpenVPN Project)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (k57nd60x) -- C:\Windows\System32\drivers\k57nd60x.sys (Broadcom Corporation)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0609&m=aspire_5738
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0609&m=aspire_5738
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0609&m=aspire_5738
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0E6D32D8-B35A-4E1D-B52A-275FA3FDFB9C}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=DVS2&o=1586&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^AAA&apn_dtid=^YYYYYY^YY^DE&apn_uid=536e637e-7802-4a13-84c7-a066b2ea6d88&apn_sauid=66434489-56AA-4537-9802-26745B8D36A8&
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE340
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rlz=1I7ACAW_de&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{F946ADBE-59FD-4D04-9F50-E5059FAE0DFD}: "URL" = hxxp://www.bing.com/search?FORM=IPGTDF&PC=IPGTDF&q={searchTerms}&src=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.02.26 11:53:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.12.21 13:42:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.06 10:26:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.12.06 10:26:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.02.26 11:53:40 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.06 10:26:37 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.12.06 10:26:30 | 000,000,000 | ---D | M]
[2009.08.10 14:10:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lisa\AppData\Roaming\mozilla\Extensions
[2012.12.21 14:05:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\k954qk6o.default\extensions
[2011.05.10 20:26:09 | 000,020,591 | ---- | M] () (No name found) -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\k954qk6o.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2011.02.27 14:17:00 | 000,001,834 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\k954qk6o.default\searchplugins\bing.xml
[2010.11.04 15:37:30 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\k954qk6o.default\searchplugins\icqplugin-4.xml
[2010.12.12 09:57:34 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\k954qk6o.default\searchplugins\icqplugin-5.xml
[2011.02.20 23:36:09 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\k954qk6o.default\searchplugins\icqplugin-6.xml
[2011.03.24 10:21:07 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\k954qk6o.default\searchplugins\icqplugin-7.xml
[2011.04.30 15:05:23 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\k954qk6o.default\searchplugins\icqplugin-8.xml
[2011.04.30 18:39:56 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\k954qk6o.default\searchplugins\icqplugin-9.xml
[2012.12.06 10:26:29 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.12.06 10:26:37 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.05.04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012.10.16 15:33:57 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.16 15:33:57 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.10.16 15:33:57 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.16 15:33:57 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.16 15:33:57 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.16 15:33:57 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No CLSID value found.
O4 - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [lxdnamon] C:\Program Files\Lexmark 2600 Series\lxdnamon.exe ()
O4 - HKLM..\Run: [lxdnmon.exe] C:\Program Files\Lexmark 2600 Series\lxdnmon.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [Skytel] C:\Programme\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKCU..\Run: [ClipIncSrvTray] C:\Program Files\Tobit ClipInc\Player\ClipIncTray.exe (Tobit.Software)
O4 - HKCU..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent File not found
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe File not found
O4 - HKCU..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O4 - Startup: C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\A Note.lnk = C:\Programme\A Note\A Note.exe (A Note)
O4 - Startup: C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Lisa\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{00BC8745-74D3-428D-887E-E33081B1704E}: DhcpNameServer = 131.246.9.116 131.246.1.116
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2D2AEE8A-FEC2-41C6-B60F-9EE5D3AE360F}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C50B5E64-FEB9-43A5-8D7F-A5168348F856}: DhcpNameServer = 10.23.0.4 10.23.0.5 10.22.0.5
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img6.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img6.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{16c09f3b-1692-11e1-a3f7-001f1699d49c}\Shell - "" = AutoRun
O33 - MountPoints2\{16c09f3b-1692-11e1-a3f7-001f1699d49c}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\{c208b35f-efd5-11de-a8dd-001f1699d49c}\Shell - "" = AutoRun
O33 - MountPoints2\{c208b35f-efd5-11de-a8dd-001f1699d49c}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{c208b386-efd5-11de-a8dd-001f1699d49c}\Shell - "" = AutoRun
O33 - MountPoints2\{c208b386-efd5-11de-a8dd-001f1699d49c}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012.12.21 13:44:59 | 000,361,032 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012.12.21 13:44:59 | 000,021,256 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012.12.21 13:44:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012.12.21 13:44:58 | 000,035,928 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2012.12.21 13:44:57 | 000,738,504 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012.12.21 13:44:57 | 000,054,232 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012.12.21 13:44:50 | 000,058,680 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012.12.21 13:43:09 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy 2
[2012.12.21 13:42:38 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.12.21 13:42:31 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012.12.21 13:41:56 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012.12.21 13:41:56 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012.12.21 13:40:33 | 055,454,464 | ---- | C] (Safer-Networking Ltd. ) -- C:\Users\Lisa\Desktop\SpybotSD2_2.0.12.exe
[2012.12.15 18:05:38 | 000,293,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012.12.15 18:05:38 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012.12.15 03:01:23 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll
[2012.12.15 03:01:19 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2012.12.15 03:01:19 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2012.12.15 03:01:19 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winusb.dll
[2012.12.15 03:01:17 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2012.12.15 03:01:17 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2012.12.14 21:39:30 | 002,048,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.12.14 21:39:29 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll
[2012.12.14 21:39:29 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnsvr.exe
[2012.12.14 21:39:24 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.12.14 21:39:23 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.12.14 21:39:22 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.12.14 21:39:22 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.12.14 21:39:22 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2012.12.14 21:39:22 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012.12.14 21:39:21 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.12.14 21:39:21 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012.12.14 21:39:21 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012.12.14 21:39:21 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012.12.14 21:39:21 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.12.14 21:39:21 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.12.14 21:39:21 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012.12.14 21:39:21 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012.12.14 21:39:21 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012.12.14 21:39:21 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012.12.14 21:39:21 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012.12.14 21:39:21 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012.12.14 21:39:15 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012.12.06 10:26:28 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.12.01 17:36:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
[2012.12.01 17:35:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.12.01 17:34:28 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.12.01 17:34:28 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2012.12.01 17:23:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012.12.01 17:23:17 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2012.11.22 23:03:59 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\A Note
[2012.11.22 23:03:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\A Note
[2012.11.22 23:03:56 | 000,000,000 | ---D | C] -- C:\Program Files\A Note
[2012.11.22 23:02:00 | 001,073,152 | ---- | C] (Zhorn Software) -- C:\Users\Lisa\Desktop\stickies_setup_7.1c.exe
[15 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[15 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.12.21 21:10:29 | 000,110,024 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012.12.21 21:05:41 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.21 21:05:41 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.21 21:05:40 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.12.21 21:05:38 | 000,000,310 | ---- | M] () -- C:\Windows\tasks\Lwifsg.job
[2012.12.21 21:05:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.21 21:05:27 | 3213,725,696 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.21 21:01:36 | 000,007,592 | ---- | M] () -- C:\Users\Lisa\AppData\Local\d3d9caps.dat
[2012.12.21 20:55:06 | 000,547,175 | ---- | M] () -- C:\Users\Lisa\Desktop\adwcleaner.exe
[2012.12.21 20:48:12 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.12.21 15:29:27 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{DD891C02-0879-42B0-91BA-09BCEAB08D7C}.job
[2012.12.21 14:34:33 | 000,009,600 | ---- | M] () -- C:\Windows\wininit.ini
[2012.12.21 13:44:59 | 000,001,833 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.12.21 13:44:50 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012.12.21 13:39:13 | 055,454,464 | ---- | M] (Safer-Networking Ltd. ) -- C:\Users\Lisa\Desktop\SpybotSD2_2.0.12.exe
[2012.12.21 13:38:04 | 097,495,576 | ---- | M] () -- C:\Users\Lisa\Desktop\avast_free_antivirus1474_setup(1).exe
[2012.12.21 13:32:47 | 000,000,954 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012.12.20 16:39:06 | 000,110,024 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012.12.17 10:00:30 | 000,408,752 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.12.01 17:35:26 | 000,001,668 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.12.01 17:23:36 | 000,001,730 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012.11.22 23:03:57 | 000,000,816 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\A Note.lnk
[2012.11.22 23:02:01 | 001,073,152 | ---- | M] (Zhorn Software) -- C:\Users\Lisa\Desktop\stickies_setup_7.1c.exe
[15 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[15 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.12.21 21:10:31 | 000,547,175 | ---- | C] () -- C:\Users\Lisa\Desktop\adwcleaner.exe
[2012.12.21 14:34:32 | 000,009,600 | ---- | C] () -- C:\Windows\wininit.ini
[2012.12.21 13:44:59 | 000,001,833 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.12.21 13:40:25 | 097,495,576 | ---- | C] () -- C:\Users\Lisa\Desktop\avast_free_antivirus1474_setup(1).exe
[2012.12.15 03:01:35 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.12.15 03:01:35 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.12.01 17:35:26 | 000,001,668 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.12.01 17:23:36 | 000,001,730 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012.11.22 23:03:57 | 000,000,816 | ---- | C] () -- C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\A Note.lnk
[2012.11.01 23:12:16 | 005,877,248 | ---- | C] () -- C:\Users\Lisa\P1010004.JPG
[2012.11.01 23:12:16 | 005,805,568 | ---- | C] () -- C:\Users\Lisa\P1010016.JPG
[2012.11.01 23:12:16 | 005,773,824 | ---- | C] () -- C:\Users\Lisa\P1010014.JPG
[2012.11.01 23:12:16 | 005,698,048 | ---- | C] () -- C:\Users\Lisa\P1010015.JPG
[2012.11.01 23:12:16 | 005,027,255 | ---- | C] () -- C:\Users\Lisa\P1010010.JPG
[2012.11.01 23:12:16 | 004,995,845 | ---- | C] () -- C:\Users\Lisa\P1010012.JPG
[2012.11.01 23:12:16 | 004,848,796 | ---- | C] () -- C:\Users\Lisa\P1010007.JPG
[2012.11.01 23:12:16 | 000,146,432 | ---- | C] () -- C:\Users\Lisa\P1010005.JPG
[2012.11.01 23:12:15 | 005,821,440 | ---- | C] () -- C:\Users\Lisa\P1010003.JPG
[2012.11.01 23:12:15 | 005,492,224 | ---- | C] () -- C:\Users\Lisa\P1010018.JPG
[2012.11.01 23:12:15 | 005,492,224 | ---- | C] () -- C:\Users\Lisa\P1010017.JPG
[2012.11.01 23:12:15 | 005,032,032 | ---- | C] () -- C:\Users\Lisa\P1010013.JPG
[2012.11.01 23:12:15 | 004,947,141 | ---- | C] () -- C:\Users\Lisa\P1010011.JPG
[2012.11.01 23:12:15 | 004,702,623 | ---- | C] () -- C:\Users\Lisa\P1010009.JPG
[2012.11.01 23:11:44 | 421,131,264 | ---- | C] () -- C:\Users\Lisa\P1010005.MOV
[2012.11.01 23:11:43 | 004,507,384 | ---- | C] () -- C:\Users\Lisa\P1010008.JPG
[2012.10.28 22:37:05 | 000,094,208 | RHS- | C] () -- C:\Windows\System32\msvcr706.dll
[2011.11.24 13:07:38 | 000,001,024 | ---- | C] () -- C:\Windows\System32\grcauth2.dll
[2011.11.24 13:07:38 | 000,001,024 | ---- | C] () -- C:\Windows\System32\grcauth1.dll
[2011.11.24 13:07:38 | 000,000,100 | ---- | C] () -- C:\Windows\System32\prsgrc.dll
[2011.05.05 10:10:52 | 000,001,024 | ---- | C] () -- C:\Windows\System32\clauth2.dll
[2011.05.05 10:10:52 | 000,001,024 | ---- | C] () -- C:\Windows\System32\clauth1.dll
[2011.05.05 10:10:52 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ssprs.dll
[2011.05.05 10:10:52 | 000,000,000 | ---- | C] () -- C:\Windows\System32\serauth2.dll
[2011.05.05 10:10:52 | 000,000,000 | ---- | C] () -- C:\Windows\System32\serauth1.dll
[2011.05.05 10:10:52 | 000,000,000 | ---- | C] () -- C:\Windows\System32\nsprs.dll
[2011.05.05 10:06:23 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll
[2011.05.05 10:06:23 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll
[2011.03.08 18:19:23 | 001,101,824 | ---- | C] ( ) -- C:\Windows\System32\lxdnserv.dll
[2011.03.08 18:19:23 | 000,851,968 | ---- | C] ( ) -- C:\Windows\System32\lxdncomc.dll
[2011.03.08 18:19:23 | 000,843,776 | ---- | C] ( ) -- C:\Windows\System32\lxdnusb1.dll
[2011.03.08 18:19:23 | 000,663,552 | ---- | C] ( ) -- C:\Windows\System32\lxdnhbn3.dll
[2011.03.08 18:19:23 | 000,647,168 | ---- | C] ( ) -- C:\Windows\System32\lxdnpmui.dll
[2011.03.08 18:19:23 | 000,589,824 | ---- | C] ( ) -- C:\Windows\System32\lxdncoms.exe
[2011.03.08 18:19:23 | 000,569,344 | ---- | C] ( ) -- C:\Windows\System32\lxdnlmpm.dll
[2011.03.08 18:19:23 | 000,438,272 | ---- | C] ( ) -- C:\Windows\System32\LXDNhcp.dll
[2011.03.08 18:19:23 | 000,376,832 | ---- | C] ( ) -- C:\Windows\System32\lxdncomm.dll
[2011.03.08 18:19:23 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxdninpa.dll
[2011.03.08 18:19:23 | 000,360,448 | ---- | C] ( ) -- C:\Windows\System32\lxdncfg.exe
[2011.03.08 18:19:23 | 000,348,160 | ---- | C] () -- C:\Windows\System32\LXDNinst.dll
[2011.03.08 18:19:23 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxdniesc.dll
[2011.03.08 18:19:23 | 000,315,392 | ---- | C] ( ) -- C:\Windows\System32\lxdnih.exe
[2011.03.08 18:19:23 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxdngrd.dll
[2011.03.08 18:19:23 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\lxdnprox.dll
[2011.02.26 11:44:07 | 000,233,509 | ---- | C] () -- C:\Windows\hpoins47.dat
[2011.02.20 21:20:46 | 000,000,574 | ---- | C] () -- C:\Windows\hpomdl47.dat.temp
[2010.07.01 14:04:49 | 000,000,606 | ---- | C] () -- C:\Users\Lisa\AppData\Roaming\wklnhst.dat
[2009.12.25 10:37:37 | 003,686,400 | ---- | C] () -- C:\Users\Lisa\Samsung New PC Studio USB Driver Installer.msi
[2009.08.20 11:44:28 | 000,007,592 | ---- | C] () -- C:\Users\Lisa\AppData\Local\d3d9caps.dat
[2009.08.10 19:51:24 | 000,048,640 | ---- | C] () -- C:\Users\Lisa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.06.09 05:39:43 | 000,110,024 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.06.09 05:39:04 | 000,110,024 | ---- | C] () -- C:\ProgramData\nvModes.dat
========== ZeroAccess Check ==========
[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Alternate Data Streams ==========
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:E1982A23
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:814B9485
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:3B3A35EC
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:CDFF58FE
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:ADE16379
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:798A3728
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:4F636E25
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:3064D21D
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:ABE89FFE
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:35759C73
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:DCAF903C
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:41099CE9
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:B623B5B8
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:CE0A077E
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:8750DCE4
< End of report >
Code:
OTL Extras logfile created on: 21.12.2012 21:15:04 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lisa\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19393)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,99 Gb Total Physical Memory | 1,56 Gb Available Physical Memory | 51,99% Memory free
6,18 Gb Paging File | 4,71 Gb Available in Paging File | 76,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 223,12 Gb Total Space | 96,30 Gb Free Space | 43,16% Space Free | Partition Type: NTFS
Drive D: | 6,46 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: LISA´S-PC | User Name: Lisa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotoschau] -- "C:\Program Files\Pixum\Pixum Fotobuch\Fotoschau.exe" -d "%1" ()
Directory [Pixum Fotobuch] -- "C:\Program Files\Pixum\Pixum Fotobuch\Pixum Fotobuch.exe" "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{5D28AC4C-7332-42D8-8224-838837930AB4}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{75E455F4-1443-4FDD-B100-D259BE390656}" = lport=2869 | protocol=6 | dir=in | name=tcp 2869 |
"{99C2450F-E428-40FE-9DEC-9DC3729ED491}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{B161E552-423B-415A-BEF5-D06E77AA9980}" = lport=1900 | protocol=17 | dir=in | name=udp 1900 |
"{D0E740CC-5CE9-4B9D-8E89-55274408C716}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{EB066731-22CC-4520-803F-A34E50F4130C}" = lport=2869 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{045BE6D1-49E5-45EC-9B00-42A06DCEA78F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{055D318D-AB6A-44B8-8BA9-914D3D928BA1}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{0A705808-18A9-48D5-A80D-475BC0BDEE5C}" = dir=in | app=d:\setup\hpznui01.exe |
"{19E3ED7B-F1D9-40F9-8ED8-54D8C3FA62C3}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{1E8AD125-2125-4CF9-9126-FEAEBB53607F}" = protocol=17 | dir=in | app=c:\windows\system32\lxdncoms.exe |
"{2183610F-CDFE-4434-A952-33F10C9E1D09}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{231290D1-963D-4D45-A8ED-61DE58DDB8C2}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{259C5035-5AA8-4505-83D8-0158560D34EC}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{2614E017-16AF-4600-8810-61A4F772FF5C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3008ADFD-B6B3-401F-A1C0-C68EBCB0FAAD}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\pmvservice.exe |
"{32B6AAC6-D9CD-44B6-B86F-10D74DDC8C6F}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{340F014E-EF2E-4057-8DED-BC6E3890A71A}" = dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdnpswx.exe |
"{3529AFFA-97FD-493E-80D4-88209BDAFCE0}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{35D3C90F-C03E-49C3-B103-3295101035EB}" = protocol=17 | dir=in | app=c:\users\lisa\downloads\sweetimsetup.exe |
"{36E16081-1819-4CCA-8C9A-CD178BD43713}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdntime.exe |
"{3BFF980D-E90C-4DA8-A90B-8724C013D6BD}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{3F80A65E-C789-4917-9B33-0840AB4ECDBD}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{4002D6D7-A385-4622-A499-FA3126732406}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{418A1187-598A-4F1F-B30F-CD3EE9B1243E}" = protocol=6 | dir=in | app=c:\windows\system32\lxdncoms.exe |
"{438F5910-D9AF-4E64-9C04-4EF18C232BB4}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{4402DD63-92A1-4298-B39C-DF3856A5C25E}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{47240CCC-A160-4191-8CB7-3654FAC48573}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{49BC0911-42DA-4B30-8262-6515E875C4D1}" = protocol=17 | dir=in | app=c:\program files\lexmark 2600 series\lxdnmon.exe |
"{4E171467-7176-41BD-97D9-CDAA48D96698}" = protocol=6 | dir=in | app=c:\program files\lexmark 2600 series\lxdnmon.exe |
"{509246F8-06CC-402D-BC5F-0D1DFB8924A2}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdnpswx.exe |
"{53604C2E-3E66-447F-ACD4-54A8392CFC46}" = protocol=6 | dir=in | app=c:\program files\tobit clipinc\server\clipinc-server.exe |
"{565654F8-F40D-4390-93C6-8058E1ACD914}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{590C0619-0518-4595-8DDF-19EF077A6A17}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{59D7ECC3-1D25-4D86-A5C5-E7571576410B}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{67F4594F-1371-4EA9-A92F-98F31FD910B0}" = protocol=6 | dir=in | app=c:\program files\lexmark 2600 series\frun.exe |
"{6CBC8703-BF18-4873-8EFE-BF211211AFE2}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{6E3A109D-AC1A-485F-800A-32582D09EFA8}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe |
"{72BBD092-4C96-49AA-AB56-B4C0E7EDB5E9}" = protocol=6 | dir=in | app=c:\program files\lexmark 2600 series\lxdnamon.exe |
"{763F5E67-36E2-44FA-B037-B18A2F7547F6}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{7AC143BD-5482-4614-ADE1-55CF7CC72265}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{875ABB27-71A8-47EC-969A-7EF4E86896A4}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{8D514C19-9B7F-4B3D-9039-760270250D49}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{92EBB4EE-77AE-4D59-A0FC-70E705E287D3}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{959E38F7-6284-4035-A22C-49133E37B334}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{A6BF0BBD-BECE-4B69-B241-C9DCC4210C69}" = protocol=17 | dir=in | app=c:\program files\tobit clipinc\player\clipinc-player.exe |
"{ACEE0923-5237-4954-B3B0-3F59FAD3257F}" = dir=in | app=c:\windows\system32\lxdncoms.exe |
"{AE4AF426-0752-41FE-A533-F7886DE302D8}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{AE660ACE-6FC9-405D-8AD4-3E923FCCAA9F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{B36A4D55-C42F-4412-A187-6E84FAC8EBF0}" = protocol=17 | dir=in | app=c:\program files\lexmark 2600 series\frun.exe |
"{B5D1D4BF-D4A6-4E95-BE28-267FAD876969}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{B6AEF511-2E0D-481F-BC01-76B2F8520212}" = protocol=17 | dir=in | app=c:\program files\tobit clipinc\server\clipinc-server.exe |
"{B836FC26-63A7-4CB0-A8F8-3D4C524C6606}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{BEA626B6-140C-4DC4-AD06-572D004D03BF}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{C046E228-4FD4-4621-A3E1-C300F49F0AAC}" = protocol=17 | dir=in | app=c:\program files\epsonnet\epsonnet setup\tool10\eneasyapp.exe |
"{C05AE5F3-6962-4819-ACBE-34C24DCDADE4}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdnjswx.exe |
"{C5A0BAC4-E307-4422-8FD6-4F6C2F452711}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C768E74A-F9FE-4DCA-848F-246865CE086A}" = protocol=6 | dir=in | app=c:\program files\tobit clipinc\player\clipinc-player.exe |
"{C83C931D-DBDB-406A-A0E0-E441B845C716}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{CB71CC24-55FA-46DF-AAE8-A2F4B8F907CC}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{CE3EDC72-BEE1-41B3-A3CA-A5D28FF3BC51}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{D2493B08-210C-491A-96F0-74222C9612EF}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{D3B376ED-35D9-4B7A-8531-6BF3A161F383}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{D55EEDA0-DD51-4880-A5B3-30A1839967C1}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D82F3D5C-946E-4C09-9590-F9F0471BD3D5}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdnpswx.exe |
"{DA1E4946-F5FA-481D-BA0D-128D0E18A99E}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{DDABE7CE-FFF0-4107-BC22-233C1FBD0783}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{E2E1E3E2-C57F-42BD-9CD5-522900980E5D}" = protocol=6 | dir=in | app=c:\users\lisa\downloads\sweetimsetup.exe |
"{E6A924D8-62EF-41CC-8FA7-584C0128D3A0}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdnjswx.exe |
"{E8855B12-68F9-4602-9193-AF55A5F0DE23}" = protocol=17 | dir=in | app=c:\program files\lexmark 2600 series\lxdnamon.exe |
"{EC7E98D8-BDD7-45B2-9B3F-B738EB367519}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdntime.exe |
"{F1F71F4B-7B4F-4DC3-933E-B5201898F031}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{F7B544B8-D090-4DDF-BE43-D55D284CE3E1}" = dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdntime.exe |
"{F8D6A4F7-EF43-480B-A1C7-FDA34D35F044}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\playmovie.exe |
"{FC8A01EF-4C7A-4A15-BAD9-88AE5E814B18}" = protocol=6 | dir=in | app=c:\program files\epsonnet\epsonnet setup\tool10\eneasyapp.exe |
"{FDA18015-21A5-44CE-926A-BD8B63538158}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"TCP Query User{059E9BEA-0B9C-449E-9F05-204A6837E9F0}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{149C287B-441D-49B4-8313-AAC8E1CCB264}C:\program files\lexmark 2600 series\frun.exe" = protocol=6 | dir=in | app=c:\program files\lexmark 2600 series\frun.exe |
"TCP Query User{1FE30951-94CF-428D-AE5F-D8382715988A}C:\program files\lexmark 2600 series\lxdnlscn.exe" = protocol=6 | dir=in | app=c:\program files\lexmark 2600 series\lxdnlscn.exe |
"TCP Query User{310F23EC-450A-48EC-9BB2-4BDD66B684AD}C:\program files\openvpn\bin\openvpn.exe" = protocol=6 | dir=in | app=c:\program files\openvpn\bin\openvpn.exe |
"TCP Query User{A266C88F-9A5E-44F5-B506-C33CF579107C}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{BACA6322-8DC0-45F0-BCB3-542437820992}C:\program files\lexmark 2600 series\lxdnlscn.exe" = protocol=6 | dir=in | app=c:\program files\lexmark 2600 series\lxdnlscn.exe |
"TCP Query User{C7CDD4D1-F8E5-497F-8E0C-69FF58DF4D6F}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{D6E128CB-1680-4EFA-9AC5-019DF139A3FC}C:\program files\spssinc\statistics17\statistics.exe" = protocol=6 | dir=in | app=c:\program files\spssinc\statistics17\statistics.exe |
"TCP Query User{F99536AB-ACE5-43EE-AE83-969D1515402C}C:\program files\lexmark 2600 series\lxdnmon.exe" = protocol=6 | dir=in | app=c:\program files\lexmark 2600 series\lxdnmon.exe |
"UDP Query User{134F6C03-E9F8-468C-AA33-1FC64C3A343E}C:\program files\spssinc\statistics17\statistics.exe" = protocol=17 | dir=in | app=c:\program files\spssinc\statistics17\statistics.exe |
"UDP Query User{39B379D1-3842-42F2-ABE6-32D776E1D3C1}C:\program files\lexmark 2600 series\lxdnmon.exe" = protocol=17 | dir=in | app=c:\program files\lexmark 2600 series\lxdnmon.exe |
"UDP Query User{4CD67AD9-F0D6-4B97-BDBF-32113F33CD05}C:\program files\lexmark 2600 series\lxdnlscn.exe" = protocol=17 | dir=in | app=c:\program files\lexmark 2600 series\lxdnlscn.exe |
"UDP Query User{504FA771-E25F-437A-9EF6-8FEFCF5172E9}C:\program files\openvpn\bin\openvpn.exe" = protocol=17 | dir=in | app=c:\program files\openvpn\bin\openvpn.exe |
"UDP Query User{862D1750-CE26-4A6E-80F1-07A599F9E917}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{BB93125C-9CC9-4AE8-B538-C8CAEF65E5E3}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{E5A2A2A6-5BE8-4181-AF26-467B478413E3}C:\program files\lexmark 2600 series\lxdnlscn.exe" = protocol=17 | dir=in | app=c:\program files\lexmark 2600 series\lxdnlscn.exe |
"UDP Query User{F7AE60CE-47CF-4075-A92C-7AE9343D074A}C:\program files\lexmark 2600 series\frun.exe" = protocol=17 | dir=in | app=c:\program files\lexmark 2600 series\frun.exe |
"UDP Query User{FF1AF3E7-0026-4ACE-987E-273AB2C4D973}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0360D8F0-626A-4E87-8A16-938BD0BEBCC5}" = 32 Bit HP CIO Components Installer
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{097CDB1E-07C9-40F1-9972-F0F9F3A287E4}" = Network
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1B6C0E95-182C-48E0-9C4B-4F916308249C}" = iTunes
"{1D012BD0-F0EA-46B6-833F-8CEB073F4224}_is1" = A Note 4.2.4
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 26
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer PowerSmart Manager
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{459699C3-9430-4381-964B-4248D87B49F9}" = Apple Mobile Device Support
"{46B65150-F8AA-42F2-94FB-2729A8AE5F7E}" = SPSS Statistics 17.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{565E7B0E-B76B-4EAD-9753-F1E72A5CF12E}" = HPAppStudio
"{59C83C08-63F4-4AEC-81D6-392C5E23B843}" = HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status
"{5B63A470-9334-44D1-AF61-6CE2DB565AE9}" = Orion
"{5C474A83-A45F-470C-9AC8-2BD1C251BF9A}" = Skype™ 4.1
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{6D9B9CF3-1E9C-45B6-B41E-5CF568605556}" = SPSS 15.0 für Windows [Auswertung Version]
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71C2828F-2678-4675-BDEC-895424861262}_is1" = C:\Program Files\Acer GameZone\GameConsole
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1" = Hex-Editor MX
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111232687}" = Ocean Express
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006D-0407-0000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140011-0061-0407-0000-0000000FF1CE}" = Microsoft Office Home and Student 2010 - Deutsch
"{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}" = MobileMe Control Panel
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AF0B106-56F1-461B-A270-95BC1682E282}" = Broadcom Gigabit NetLink Controller
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F9A2D22-7E30-4546-B817-10644FFB9935}" = B110
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{C9D8A041-2963-4B31-8FFC-1500F3DB9293}" = EpsonNet Setup 3.3
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam Ver:1.1.74.216
"{D4936AAF-FFD0-44A1-A7EA-A2DB41CEB5BC}" = iPod for Windows 2005-09-23
"{D6B3114F-945B-4980-BF7A-AF12E9161A0F}" = iCloud
"{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}" = Acer Product Registration
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F88E2E04-7EF5-488C-8E38-C94EB808458E}" = PS_AIO_07_B110_SW_Min
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"Acer Screensaver" = Acer ScreenSaver
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"AIDA32_is1" = AIDA32 v3.93
"avast" = avast! Free Antivirus
"EPSON Scanner" = EPSON Scan
"EPSON SX420W Series" = EPSON SX420W Series Printer Uninstall
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Google Desktop" = Google Desktop
"GridVista" = Acer GridVista
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"ImgBurn" = ImgBurn
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"InstallShield_{D4936AAF-FFD0-44A1-A7EA-A2DB41CEB5BC}" = iPod for Windows 2005-09-23
"Lexmark 2600 Series" = Lexmark 2600 Series
"LManager" = Launch Manager
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 17.0.1 (x86 de)" = Mozilla Firefox 17.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"OpenVPN" = OpenVPN 2.1_rc18-gui-1.0.3
"Picasa 3" = Picasa 3
"Pixum Fotobuch" = Pixum Fotobuch
"Prism" = Prism Video File Converter
"RocketDock_is1" = RocketDock 1.3.5
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"SecureW2 EAP Suite" = SecureW2 EAP Suite 1.1.2 for Windows
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Tobit ClipInc Server" = Tobit.Software clipinc.fx
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.1.0
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 21.12.2012 16:01:27 | Computer Name = Lisa´s-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung ePowerTray.exe, Version 4.1.3013.0, Zeitstempel
0x49e597c8, fehlerhaftes Modul ePowerTray.exe, Version 4.1.3013.0, Zeitstempel
0x49e597c8, Ausnahmecode 0xc000000d, Fehleroffset 0x00018645, Prozess-ID 0x12c8,
Anwendungsstartzeit 01cddfb5df2eee72.
Error - 21.12.2012 16:06:20 | Computer Name = Lisa´s-PC | Source = Application Virtualization Client | ID = 3134
Description = {tid=F68} Fehler beim Initialisieren des PerfMon-Anbieters für Application
Virtualization Client (Fehler 0x80070002).
Error - 21.12.2012 16:06:39 | Computer Name = Lisa´s-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung ePowerTray.exe, Version 4.1.3013.0, Zeitstempel
0x49e597c8, fehlerhaftes Modul ePowerTray.exe, Version 4.1.3013.0, Zeitstempel
0x49e597c8, Ausnahmecode 0xc0000005, Fehleroffset 0x0000c0c6, Prozess-ID 0x10f0,
Anwendungsstartzeit 01cddfb6ac1e7dec.
Error - 21.12.2012 16:08:10 | Computer Name = Lisa´s-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 21.12.2012 16:08:10 | Computer Name = Lisa´s-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 21.12.2012 16:08:10 | Computer Name = Lisa´s-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksCal.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 21.12.2012 16:08:10 | Computer Name = Lisa´s-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 21.12.2012 16:08:10 | Computer Name = Lisa´s-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 21.12.2012 16:08:11 | Computer Name = Lisa´s-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 21.12.2012 16:08:11 | Computer Name = Lisa´s-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
[ System Events ]
Error - 21.12.2012 08:56:48 | Computer Name = Lisa´s-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 21.12.2012 09:02:24 | Computer Name = Lisa´s-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 21.12.2012 11:30:18 | Computer Name = Lisa´s-PC | Source = iaStor | ID = 262153
Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht
geantwortet.
Error - 21.12.2012 15:59:53 | Computer Name = Lisa´s-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 21.12.2012 15:59:53 | Computer Name = Lisa´s-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 21.12.2012 15:59:53 | Computer Name = Lisa´s-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 21.12.2012 15:59:53 | Computer Name = Lisa´s-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 21.12.2012 16:06:38 | Computer Name = Lisa´s-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 21.12.2012 16:06:38 | Computer Name = Lisa´s-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 21.12.2012 16:06:38 | Computer Name = Lisa´s-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report >
Mit freundlichen Grüßen
jens0r |
