BSOD: CRITICAL_SERVICE_FAILED

**groovykay** · 20.01.2012, 10:55

Hi,

nachdem ich eine vom Virenscanner AVG 2012 gescannte .rar-Datei entpackt habe aufs Desktop, hing sich das System auf.
Es ging 20 Minuten lang nichts mehr, dann habe ich den Laptop (Acer Aspire 7738G) per Hand neu gestartet.
Beim Bootvorgang, während des Ladens von Win 7 (23 bit), kan dann der Bluescreen CRITICAL_SERVICE_FAILED (0x5A).
Ich weiß dass mein Rechner schon vorher mit 1-2 Trojanern infiziert war, die ich mir bei der Nutzung von kinox.to eingefangen habe, indem ich an der falschen Stelle auf ein Pop-Up geklickt hatte, um dieses zu schließen.
Den PC habe ich dann allerdings wieder soweit bereinigen können (mit den Programmen Malwarebytes Anti-Malware, AVG 2012, Ad-Aware und CCleaner), dass ab einem gewissen Zwitpunkt keine Funde mehr auftauchten, auch nicht wenn ich den kompletten Scan gewählt hatte. Somit war ich beruhigt.

Ich hab hier nun mal den HJT-Logfile für euch, vll. kann man daran schon irgendwas erkennen, was mit dem BSOD zu tun haben könnte:

Code:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:54:49, on 20.01.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Java\jre6\bin\javaw.exe
C:\Program Files\AVG\AVG2012\avgscanx.exe
C:\Windows\system32\conhost.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\Users\Jonas\Desktop\PC-Klinik\HiJackThis204.exe
C:\Program Files\Google\Chrome\Application\chrome.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=...&m=aspire_7738
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=...&m=aspire_7738
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=...&m=aspire_7738
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe
O4 - HKLM\..\Run: [AmIcoSinglun] C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe"
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ROC_roc_dec12] "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
O4 - HKLM\..\RunOnce: [Scrub2k] C:\Windows\HPOJP8000A809\scrub2k.exe
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
O4 - HKCU\..\Run: [ProductReg] "C:\Program Files\Acer\WR_PopUp\ProductReg.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Free YouTube Download - C:\Users\Jonas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - c:\Program Files\Acer Bio Protection\PwdBank.exe
O9 - Extra 'Tools' menuitem: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - c:\Program Files\Acer Bio Protection\PwdBank.exe
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: HP Smart Web Printing ein- oder ausblenden - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GO36F4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: vToolbarUpdater - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe
O23 - Service: WINZIPSSDiskOptimizer - WinZip Computing, S.L. (WinZip Computing) - C:\Program Files\WinZip System Utilities Suite\WINZIPSSDefragSrv.exe

--
End of file - 12985 bytes

**kira** · 20.01.2012, 13:46

Herzlich Willkommen hier bei uns am HijackThis Supportboard!

**Bevor du mit Teil 1. der Aufgabe beginnst: HIER KLICKEN UND SORGFÄLTIG DURCHLESEN!** und ich bitte um kurze Bestätigung, dass du dies gelesen und akzeptiert hast!
Ein System zu bereinigen kann ein paar Tage dauern (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst

► Unrechtmäßig erworbene Software (durch Keygen, Crack, Keymaker) wird hier nicht geduldet, in diesem Fall wird der Support eingestellt.!

ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG!

Bitte lese Dir zuerst in Ruhe die Anweisungen durch und Du sollst dabei die Reihenfolge einhalten! Ansonsten verlangsamt unsere Arbeit, wenn wir immer wieder noch an Kleinigkeiten nachschlagen müssen und dadurch eventuell die Übersicht verloren geht...

► Erster Teil des 3-teiligen Verfahren, werden wir dein System auf Viren untersuchen, bzw nach einem anderen Verursacher suchen:
**Vista und Win7 Verwender: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen

1.
Hast du den Rechner bereits auf Viren überprüft? Folgende Ergebnisse möchte ich noch sehen:

Code:

Malwarebytes - (alle vorhandenen Protokolle)

2.
Hast Du aus Unwissenheit zugestimmt? Hast Du Avira sowiso nicht mehr installiert, also Deinstalliere:

Avira SearchFree Toolbar plus WebGuard Ask.com

Info
Hinweise zum Einsatz von Freeware-Version Avira AntiVir Personal:
Hier klicken zum Weiterlesen:
-> http://www.chip.de/news/AntiVir-Serv..._45444953.html

3.
Schliesse alle Programme einschliesslich Internet Explorer und fixe mit Hijackthis die Einträge aus der nachfolgenden Codebox (HijackThis mit Rechtsklick als Administrator starten--> `Do a system scan only`--> Einträge auswählen--> Häckhen setzen--> "Fix checked"klicken-->PC neu aufstarten) - fixe NUR Die von mir angegebenen Einträge!:
HijackThis erstellt ein Backup, Falls bei "Fixen" etwas schief geht, kann man unter "View the list of backups"- die Objekte wiederherstellen

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')

► Rechtsklick auf HijackThis-> "Als administrator ausführen" wählen...(Wista und WIN 7)

4.

Download den CCleaner
Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" - abwählen!)-> starten -> Falls nötig, unter Options settings -> "german" einstellen.
starten-> klick auf `Extras` (um auf deinem System installierte Software zu anzeigen)-> dann auf `Als Textdatei speichern...`
ein Textdatei wird automatisch erstellt, poste auch dieses Logfile (also die Liste alle installierten Programme...eine Textdatei)

5.
poste erneut - nach der vorgenommenen Reinigungsaktion:
TrendMicro™ HijackThis™ -Logfile - Keine offenen Fenster, solang bis HijackThis läuft!!
► Rechtsklick auf das Tool HijackThis -> als Administrator ausführen wählen

6.
Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt OTL.txt und extra.txt
Poste die Logfiles in Code-Tags hier in den Thread.

Bitte alle Ergebnisse im Code-Tags posten!

vor dein Log schreibst Du (also am Anfang des Logfiles):[code]
hier kommt dein Logfile rein
dahinter - also am Ende der Logdatei:[/code]

gruß
kira

**groovykay** · 21.01.2012, 16:33

1. Malwarebytes Anti-Malware Scanlog (kompletter Scan im abgesicherten Modus, als Administrator ausgeführt:

Code:

Malwarebytes Anti-Malware (Test) 1.60.0.1800
www.malwarebytes.org

Datenbank Version: v2012.01.21.01

Windows 7 Service Pack 1 x86 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 8.0.7601.17514
Jonas :: HIGHENDMACHINE [Administrator]

Schutz: Deaktiviert

21.01.2012 16:00:00
mbam-log-2012-01-21 (16-00-00).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 462132
Laufzeit: 1 Stunde(n), 18 Minute(n), 47 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

2. Versuch, die Avira Toolbar zu deinstellieren (mittels Revo Uninstaller Pro) fehlgeschlagen, Windows-Installer Fehlermeldung poppt auf. Toolbar manuell deinstalliert, mittels Revo Uninstaller alle Registry-Einträge entfernt und übrige Dateien ebenfalls. Nein, AntiVir nutze ich nicht mehr, da trotz Web-Guard und hoher Sicherheitsstufe nun bereits zum zweiten Mal das System infiziert wurde. AntiVir halte ich für den größten Müll auf Erden. Nutze nun AVG Security Suite 2012 (Freeware) und bin voll zufrieden.

3. erledigt, neuer log folgt nach Reboot.

Bis gleich!

**groovykay** · 21.01.2012, 16:41

3. Hier der HJT-log nach dem Reboot:

Code:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:38:07, on 21.01.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\System32\WerFault.exe
C:\Windows\system32\ctfmon.exe
C:\Users\Jonas\Desktop\PC-Klinik\HiJackThis204.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0511&m=aspire_7738
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0511&m=aspire_7738
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0511&m=aspire_7738
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe
O4 - HKLM\..\Run: [AmIcoSinglun] C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe"
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ROC_roc_dec12] "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
O4 - HKLM\..\RunOnce: [Scrub2k] C:\Windows\HPOJP8000A809\scrub2k.exe
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ProductReg] "C:\Program Files\Acer\WR_PopUp\ProductReg.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Free YouTube Download - C:\Users\Jonas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - c:\Program Files\Acer Bio Protection\PwdBank.exe
O9 - Extra 'Tools' menuitem: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - c:\Program Files\Acer Bio Protection\PwdBank.exe
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: HP Smart Web Printing ein- oder ausblenden - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GO36F4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: vToolbarUpdater - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe
O23 - Service: WINZIPSSDiskOptimizer - WinZip Computing, S.L. (WinZip Computing) - C:\Program Files\WinZip System Utilities Suite\WINZIPSSDefragSrv.exe

--
End of file - 11849 bytes

4. Ccleaner log:

Code:

7-Zip 9.20		21.05.2011		
Acer Backup Manager	NewTech Infosystems	11.05.2011	17,7MB	1.0.0.58
Acer Bio Protection	Egis Technology Inc.	11.05.2011	91,7MB	6.1.20
Acer Crystal Eye webcam Ver:1.1.79.326	Chicony Electronics Co.,Ltd.	11.05.2011		1.1.79.326
Acer eRecovery Management	Acer Incorporated	11.05.2011		4.00.3008
Acer GridVista		12.05.2011		2.72.317
Acer PowerSmart Manager	Acer Incorporated	11.05.2011		4.01.3016
Acer Product Registration	Acer Incorporated	11.05.2011		3.0.0.10
Acer VCM	Acer Incorporated	11.05.2011		4.00.3004
Acrobat.com	Adobe Systems Incorporated	28.05.2011		1.2.443
Ad-Aware	Lavasoft Limited	23.10.2011	34,1MB	9.5.0
Adobe Acrobat X Pro - English, Français, Deutsch	Adobe Systems	11.01.2012	5.308MB	10.1.2
Adobe AIR	Adobe Systems Inc.	28.05.2011		1.1.0.5790
Adobe Creative Suite 4 Master Collection	Adobe Systems Incorporated	28.05.2011	3.995MB	4.0
Adobe Flash Player 10 ActiveX	Adobe Systems Incorporated	12.05.2011		10.0.12.36
Adobe Flash Player 11 Plugin	Adobe Systems Incorporated	20.11.2011	6,00MB	11.1.102.55
Adobe Media Player	Adobe Systems Incorporated	28.05.2011		1.1
Adobe Reader 9.5.0 - Deutsch	Adobe Systems Incorporated	11.01.2012	116,5MB	9.5.0
Agere Systems HDA Modem	Agere Systems	12.05.2011		
America's Army 3	U.S. Army	29.05.2011		
AmIcoSingLun	Alcor Micro Co., Ltd.	13.05.2011	3,86MB	1.2.117.2
Any Video-Audio Converter 6.0	ALO SOFT, Inc.	30.05.2011	26,1MB	
Apple Application Support	Apple Inc.	02.01.2012	61,1MB	2.1.6
Apple Mobile Device Support	Apple Inc.	02.01.2012	24,1MB	4.0.0.97
Apple Software Update	Apple Inc.	08.06.2011	2,25MB	2.1.3.127
Ashampoo Anti-Malware v.1.21	Ashampoo GmbH & Co. KG	08.07.2011	145,2MB	1.2.1
Ashampoo Burning Studio Elements 10.0.9	Ashampoo GmbH & Co. KG	28.05.2011	162,0MB	3.1.1
Ashampoo HDD Control 1.12	Ashampoo GmbH & Co. KG	08.07.2011	28,2MB	3.1.1
Ashampoo MyAutoplay Menu 1.0.5	Ashampoo GmbH & Co. KG	08.07.2011	65,4MB	3.1.1
Ashampoo Slideshow Studio Elements 2.0.1	Ashampoo GmbH & Co. KG	08.07.2011	69,0MB	2.0.1
Audacity 1.2.6		29.06.2011		
AutocompletePro		30.05.2011	0,81MB	
AVCWare Total Video Converter 6	AVCWare	10.06.2011		6.5.2.0225
AVG 2012	AVG Technologies	22.12.2011		2012.0.1901
AviSynth 2.5		30.05.2011		
Bonjour	Apple Inc.	02.01.2012	1,02MB	3.0.0.10
Broadcom Gigabit NetLink Controller	Broadcom Corporation	10.02.2009	0,35MB	11.34.02
Canon RAW Codec	Canon Inc.	28.09.2011		1.8.0.68
CCleaner	Piriform	03.01.2012		3.14
Combat Arms EU		29.05.2011		
Compatibility Pack für 2007 Office System	Microsoft Corporation	13.12.2011	109,1MB	12.0.6425.1000
Counter-Strike: Source	Valve	11.10.2011		
Counter-Strike: Source Beta		11.10.2011		
Curse Client	Curse	20.09.2011		4.0.1.112
CyberLink PowerDVD 11	CyberLink Corp.	11.10.2011	224MB	11.0.1620.51
Diablo II		13.09.2011		
DivX-Setup	DivX, LLC	16.08.2011		2.6.0.34
EasyBits GO	EasyBits Media	28.05.2011		
Eligium	Frogster Online Gaming GmbH	30.12.2011	3.781MB	1.0.0
English Pronouncing Dictionary		11.01.2012		
FileZilla Client 3.5.2	FileZilla Project	06.12.2011	16,6MB	3.5.2
FoxTab Video Converter		21.11.2011		
Free Audio Converter version 2.2.19.602	DVDVideoSoft Limited.	12.06.2011	32,3MB	
Free Mp3 Wma Converter V 2.0	Koyote Soft	01.09.2011	38,4MB	2.0.0.0
Free Video to iPhone Converter version 3.2.19.602	DVDVideoSoft Limited.	10.06.2011	30,0MB	
Free WAV to MP3 Converter	Polaris-Software.com	30.05.2011		1.0
FUSSBALL MANAGER 11	Electronic Arts	18.08.2011		
Google Chrome	Google Inc.	03.11.2011		16.0.912.75
Google Desktop	Google	13.05.2011		5.9.1005.12335
Google Toolbar for Internet Explorer	Google Inc.	10.01.2012		7.2.2427.2330
HP Customer Participation Program 13.0	HP	08.12.2011		13.0
HP Imaging Device Functions 13.0	HP	08.12.2011		13.0
HP Smart Web Printing 4.51	HP	08.12.2011		4.51
HP Solution Center 13.0	HP	08.12.2011		13.0
HP Update	Hewlett-Packard	22.12.2011	3,98MB	5.003.001.001
iCloud	Apple Inc.	09.01.2012	22,4MB	1.0.2.17
ICQ Toolbar	ICQ	12.05.2011		3.0.0
ICQ7.6	ICQ	03.10.2011		7.6
Intel® Matrix Storage Manager	Intel Corporation	19.11.2011		
iPod Access for Windows v4.4.1	Findley Designs	24.06.2011	22,6MB	
iTunes	Apple Inc.	02.01.2012	169,6MB	10.5.2.11
iTwin 3.2 Final	Stefan Moka	14.07.2011	2,56MB	3.2 Final
Java(TM) 6 Update 26	Oracle	20.05.2011	97,1MB	6.0.260
JDownloader 0.9	AppWork GmbH	20.05.2011		0.9
K-Lite Codec Pack 5.1.0 (Basic)		30.05.2011		5.1.0
Launch Manager	Acer Inc.	12.05.2011		2.0.01
Malwarebytes Anti-Malware Version 1.60.0.1800	Malwarebytes Corporation	20.01.2012	18,6MB	1.60.0.1800
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	13.05.2011	38,8MB	4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack	Microsoft Corporation	13.05.2011	2,94MB	4.0.30319
Microsoft Office File Validation Add-In	Microsoft Corporation	15.09.2011	7,95MB	14.0.5130.5003
Microsoft Office Home and Student 2007	Microsoft Corporation	02.08.2011		12.0.6425.1000
Microsoft Office PowerPoint Viewer 2007 (German)	Microsoft Corporation	13.12.2011	45,9MB	12.0.6425.1000
Microsoft Office Suite Activation Assistant	Microsoft Corporation	11.03.2009	8,37MB	2.9
Microsoft Silverlight	Microsoft Corporation	12.10.2011	60,3MB	4.0.60831.0
Microsoft SQL Server 2005 Compact Edition [ENU]	Microsoft Corporation	11.03.2009	1,74MB	3.1.0000
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	12.10.2011	0,29MB	8.0.61001
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022	Microsoft Corporation	10.06.2011	2,87MB	9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17	Microsoft Corporation	18.07.2011	0,23MB	9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148	Microsoft Corporation	12.05.2011	0,58MB	9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161	Microsoft Corporation	03.08.2011	0,59MB	9.0.30729.6161
Microsoft Works	Microsoft Corporation	03.08.2011	545MB	9.7.0621
MobileMe Control Panel	Apple Inc.	09.01.2012	12,9MB	3.1.8.0
MobileSyncBrowser 4.3.2	VSC-Macsupport	14.07.2011		4.3.2
Mozilla Firefox 8.0 (x86 de)	Mozilla	08.11.2011	38,6MB	8.0
MSXML 4.0 SP2 (KB954430)	Microsoft Corporation	11.03.2009	1,29MB	4.20.9870.0
MSXML 4.0 SP2 (KB973688)	Microsoft Corporation	12.05.2011	1,34MB	4.20.9876.0
MySQL Connector/ODBC 5.1	MySQL AB	04.07.2011	7,10MB	5.1.5
MyWinLocker	Egis Technology Inc.	11.05.2011	35,2MB	3.1.59.0
Native Instruments Massive		14.08.2011		
NTI Backup Now 5	NewTech Infosystems	11.03.2009	29,4MB	5.1.2.616
NTI Media Maker 8	NewTech Infosystems	11.03.2009	206MB	8.0.2.6509
Nur Entfernen der CopyTrans Suite möglich	WindSolutions	10.01.2012		2.33
Nuvoton EC Generic HID Driver	Nuvoton Technology Corporation	11.05.2011	2,44MB	8.80.1001
NVIDIA Drivers	NVIDIA Corporation	13.05.2011		1.5
NVIDIA PhysX	NVIDIA Corporation	11.05.2011	119,9MB	9.09.0203
Octoshape add-in for Adobe Flash Player		22.06.2011		
OpenOffice.org 3.3	OpenOffice.org	20.05.2011	413MB	3.3.9567
Pando Media Booster	Pando Networks Inc.	19.12.2011	5,47MB	2.6.0.1
Panorama Factory		12.06.2011		
PDFCreator	Frank Heindörfer, Philip Chinery	04.12.2011		1.2.3
phase-6 2.1.2.3a	phase-6	07.11.2011		2.1.2.3a
PunkBuster Services	Even Balance, Inc.	29.05.2011		0.989
QuickTime	Apple Inc.	02.01.2012	73,3MB	7.71.80.42
Realtek High Definition Audio Driver	Realtek Semiconductor Corp.	22.06.2011		6.0.1.6132
RedEclipse		29.05.2011		
reFX Nexus VSTi RTAS v2.2.0		14.08.2011		
Revo Uninstaller Pro 2.5.7	VS Revo Group, Ltd.	10.01.2012	51,1MB	2.5.7
Shop for HP Supplies	HP	08.12.2011		13.0
Skype Toolbars	Skype Technologies S.A.	14.06.2011	6,95MB	5.3.7555
Skype™ 5.3	Skype Technologies S.A.	14.06.2011	22,6MB	5.3.116
Steam	Valve Corporation	29.05.2011	35,5MB	1.0.0.0
Steinberg Cubase 5	Steinberg Media Technologies GmbH	29.05.2011	282MB	5.1.0
Steinberg Drum Loop Expansion 01	Steinberg Media Technologies GmbH	29.05.2011	425MB	1.0.0.1
Steinberg Groove Agent ONE Content	Steinberg Media Technologies GmbH	29.05.2011	142,2MB	1.0.0.003
Steinberg HALionOne	Steinberg Media Technologies GmbH	29.05.2011	388MB	1.1.0.457
Steinberg HALionOne Additional Content Set 01	Steinberg Media Technologies GmbH	29.05.2011	941MB	1.0.0.001
Steinberg HALionOne Expression Set	Steinberg Media Technologies GmbH	29.05.2011	232MB	1.0.1.0
Steinberg HALionOne GM Drum Set	Steinberg Media Technologies GmbH	29.05.2011	24,0MB	1.0.1.457
Steinberg HALionOne GM Set	Steinberg Media Technologies GmbH	29.05.2011	63,6MB	1.0.1.457
Steinberg HALionOne Pro Set	Steinberg Media Technologies GmbH	29.05.2011	123,2MB	1.0.1.457
Steinberg HALionOne Studio Drum Set	Steinberg Media Technologies GmbH	29.05.2011	48,1MB	1.0.1.457
Steinberg HALionOne Studio Set	Steinberg Media Technologies GmbH	29.05.2011	112,9MB	1.0.1.457
Steinberg LoopMash Content	Steinberg Media Technologies GmbH	29.05.2011	613MB	1.0.0.005
Steinberg REVerence Content 01	Steinberg Media Technologies GmbH	29.05.2011	169,0MB	1.0.0.006
Stormblade Launcher 1.1	Stormblade.org	17.10.2011	16,4MB	
SUPER © v2011.build.48 (April 23, 2011) Version v2011.build.48	eRightSoft	17.06.2011	39,5MB	v2011.build.48
Synaptics Pointing Device Driver	Synaptics Incorporated	22.06.2011		15.0.6.0
TeamSpeak 3 Client	TeamSpeak Systems GmbH	18.07.2011		
TS3 Overlay	Rohrbacher Development	05.11.2011		v3.0.19
Unity Web Player	Unity Technologies ApS	29.05.2011	12,0MB	2.6.1f3_31223
VLC media player 1.1.9	VideoLAN	22.05.2011		1.1.9
Winamp	Nullsoft, Inc	21.06.2011		5.61 
Winamp Erkennungs-Plug-in	Nullsoft, Inc	21.06.2011	75,00KB	1.0.0.1
Windows Live Essentials	Microsoft Corporation	02.08.2011		15.4.3538.0513
Windows Live Sync	Microsoft Corporation	11.03.2009	2,80MB	14.0.8050.1202
WinRAR 4.00 (32-Bit)	win.rar GmbH	21.05.2011		4.00.0
WinSCP 4.3.6	Martin Prikryl	17.01.2012	8,64MB	4.3.6
WinZip 15.0	WinZip Computing, S.L. 	17.01.2012	36,2MB	15.0.9411
WinZip System Utilities Suite	WinZip Computing, S.L. (WinZip Computing)	17.01.2012	46,9MB	
World of Warcraft	Blizzard Entertainment	18.09.2011		4.2.2.14545

5. Nochmal HJT-log:

Code:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:41:57, on 21.01.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Users\Jonas\Desktop\PC-Klinik\HiJackThis204.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0511&m=aspire_7738
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0511&m=aspire_7738
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0511&m=aspire_7738
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe
O4 - HKLM\..\Run: [AmIcoSinglun] C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe"
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ROC_roc_dec12] "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
O4 - HKLM\..\RunOnce: [Scrub2k] C:\Windows\HPOJP8000A809\scrub2k.exe
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ProductReg] "C:\Program Files\Acer\WR_PopUp\ProductReg.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Free YouTube Download - C:\Users\Jonas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - c:\Program Files\Acer Bio Protection\PwdBank.exe
O9 - Extra 'Tools' menuitem: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - c:\Program Files\Acer Bio Protection\PwdBank.exe
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: HP Smart Web Printing ein- oder ausblenden - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GO36F4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: vToolbarUpdater - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe
O23 - Service: WINZIPSSDiskOptimizer - WinZip Computing, S.L. (WinZip Computing) - C:\Program Files\WinZip System Utilities Suite\WINZIPSSDefragSrv.exe

--
End of file - 11815 bytes

**groovykay** · 21.01.2012, 16:51

6. OTL:

Code:

OTL logfile created on: 21.01.2012 17:43:52 - Run 2
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Jonas\Desktop\PC-Klinik
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,27 Gb Available Physical Memory | 75,84% Memory free
5,99 Gb Paging File | 5,40 Gb Available in Paging File | 90,24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 452,99 Gb Total Space | 48,70 Gb Free Space | 10,75% Space Free | Partition Type: NTFS
Drive E: | 7,55 Gb Total Space | 3,55 Gb Free Space | 47,06% Space Free | Partition Type: FAT32
 
Computer Name: HIGHENDMACHINE | User Name: Jonas | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Programme\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Users\Jonas\Desktop\PC-Klinik\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft Limited)
PRC - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
PRC - C:\Programme\Lavasoft\Ad-Aware\AWSC.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Google\Chrome\Application\16.0.912.75\ppgooglenaclpluginchrome.dll ()
MOD - C:\Programme\Google\Chrome\Application\16.0.912.75\pdf.dll ()
MOD - C:\Programme\Google\Chrome\Application\16.0.912.75\avutil-51.dll ()
MOD - C:\Programme\Google\Chrome\Application\16.0.912.75\avformat-53.dll ()
MOD - C:\Programme\Google\Chrome\Application\16.0.912.75\avcodec-53.dll ()
MOD - C:\Programme\FileZilla FTP Client\fzshellext.dll ()
MOD - C:\Windows\System32\CmdLineExt03.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (vToolbarUpdater) -- C:\Programme\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe ()
SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (CLHNServiceForPowerDVD) -- C:\Programme\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe ()
SRV - (CyberLink PowerDVD 11.0 Service) -- C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe (CyberLink)
SRV - (CyberLink PowerDVD 11.0 Monitor Service) -- C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe (CyberLink)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (WINZIPSSDiskOptimizer) -- C:\Programme\WinZip System Utilities Suite\WINZIPSSDefragSrv.exe (WinZip Computing, S.L. (WinZip Computing))
SRV - (AAMWService) -- C:\Programme\Ashampoo\Ashampoo Anti-Malware\AAMW_Service.exe ()
SRV - (AAMW_WSC_Service_Vista) -- C:\Programme\Ashampoo\Ashampoo Anti-Malware\AAMW_WSC_Service_Vista.exe ()
SRV - (DfSdkS) -- C:\Program Files\Ashampoo\Ashampoo HDD Control\Dfsdks.exe (mst software GmbH, Germany)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (ePowerSvc) -- C:\Programme\Acer\Acer PowerSmart Manager\ePowerSvc.exe (Acer Incorporated)
SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (MWLService) -- C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe ()
SRV - (NTI IScheduleSvc) -- C:\Programme\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
SRV - (IGBASVC) -- c:\Programme\Acer Bio Protection\BASVC.exe (Egis Technology Inc.)
SRV - (RS_Service) -- C:\Programme\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
SRV - (iPAHelper.exe) -- C:\Programme\iPod Access for Windows\iPAHelper.exe ()
SRV - (Adobe Version Cue CS4) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe (Adobe Systems Incorporated)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (Avgldx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSShim) -- C:\Windows\System32\drivers\AVGIDSShim.sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgrkx86) -- C:\Windows\system32\DRIVERS\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Lbd) -- C:\Windows\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (Avgmfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgtdix) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSFilter) -- C:\Windows\System32\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSDriver) -- C:\Windows\System32\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSEH) -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys (AVG Technologies CZ, s.r.o. )
DRV - (k57nd60x) Broadcom NetLink (TM) -- C:\Windows\System32\drivers\k57nd60x.sys (Broadcom Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (AmUStor) -- C:\Windows\System32\drivers\AmUStor.sys (Alcor Micro, Corp.)
DRV - (NETw5s32) Intel(R) -- C:\Windows\System32\drivers\NETw5s32.sys (Intel Corporation)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (i8042HDR) -- C:\Windows\System32\drivers\i8042HDR.sys (Chicony)
DRV - (Netaapl) -- C:\Windows\System32\drivers\netaapl.sys (Apple Inc.)
DRV - (ntk_PowerDVD) -- C:\Programme\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD.sys (Cyberlink Corp.)
DRV - ({329F96B6-DF1E-4328-BFDA-39EA953C1312}) -- C:\Programme\CyberLink\PowerDVD11\Common\NavFilter\000.fcl (CyberLink Corp.)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (Revoflt) -- C:\Windows\System32\drivers\revoflt.sys (VS Revo Group)
DRV - (hidshim) -- C:\Windows\System32\drivers\hidshim.sys (Windows (R) Win 7 DDK provider)
DRV - (nuvotonhidgeneric) -- C:\Windows\System32\drivers\nuvotonhidgeneric.sys (Nuvoton Technology Corporation)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (LSI Corp)
DRV - (netw5v32) Intel(R) -- C:\Windows\System32\drivers\netw5v32.sys (Intel Corporation)
DRV - (AlfaFF) -- C:\Windows\system32\drivers\AlfaFF.sys (Alfa Corporation)
DRV - (int15) -- C:\Windows\System32\drivers\int15.sys ()
DRV - (FPSensor) EgisTech-Corp Fingerprint Reader Driver (FPSensor.sys) -- C:\Windows\System32\drivers\FPSensor.sys (Egis)
DRV - (mwlPSDFilter) -- C:\Windows\System32\drivers\mwlPSDFilter.sys (Egis Incorporated.)
DRV - (mwlPSDNServ) -- C:\Windows\System32\drivers\mwlPSDNserv.sys (Egis Incorporated.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0511&m=aspire_7738
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0511&m=aspire_7738
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0511&m=aspire_7738
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..keyword.URL: "http://isearch.avg.com/search?cid=%7B27126dc9-bf3f-4724-aad6-866fd3f3c0aa%7D&mid=60aa4041148747d1911ed1565024198b-4c74cab80d5c319b8c95f868eaadaa1e39fc8e67&ds=AVG&v=9.0.0.22&lang=de&pr=fr&d=2011-12-09%2016%3A48%3A18&sap=ku&q="
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.9: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Jonas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012.01.12 15:00:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.08.17 23:33:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.12.09 15:40:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2011.12.23 16:16:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.01.03 12:14:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.01.12 22:01:26 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.12.09 15:40:02 | 000,000,000 | ---D | M]
 
[2011.05.12 19:36:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jonas\AppData\Roaming\mozilla\Extensions
[2011.12.26 06:29:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jonas\AppData\Roaming\mozilla\Firefox\Profiles\zy1oew0f.default\extensions
[2011.07.04 14:01:52 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Jonas\AppData\Roaming\mozilla\Firefox\Profiles\zy1oew0f.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.10.07 12:50:36 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Users\Jonas\AppData\Roaming\mozilla\Firefox\Profiles\zy1oew0f.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2011.11.13 18:49:10 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Jonas\AppData\Roaming\mozilla\Firefox\Profiles\zy1oew0f.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011.05.31 00:11:55 | 000,000,000 | ---D | M] ("AutocompletePro - Your handy search suggestions tool") -- C:\Users\Jonas\AppData\Roaming\mozilla\Firefox\Profiles\zy1oew0f.default\extensions\support@predictad.com
[2011.11.09 10:16:03 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.06.15 13:23:56 | 000,000,000 | ---D | M] (Skype extension) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.01.12 15:00:54 | 000,000,000 | ---D | M] (Adobe Acrobat - Create PDF) -- C:\PROGRAM FILES\ADOBE\ACROBAT 10.0\ACROBAT\BROWSER\WCFIREFOXEXTN
() (No name found) -- C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZY1OEW0F.DEFAULT\EXTENSIONS\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.XPI
() (No name found) -- C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZY1OEW0F.DEFAULT\EXTENSIONS\{E8F509F0-B677-11DE-8A39-0800200C9A66}.XPI
[2011.11.09 02:54:48 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.03.17 20:57:30 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2010.01.01 09:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.01.16 20:25:41 | 000,003,766 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2010.01.01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010.01.01 09:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.05.21 15:29:11 | 000,002,048 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml
[2010.01.01 09:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 09:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 09:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = http://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t
CHR - default_search_provider: suggest_url = http://suggestqueries.google.com/complete/search?q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Program Files\Google\Chrome\Application\16.0.912.75\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.75\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonEU\NGM\npNxGameeu.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Jonas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Keyboard Navigation = C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\abcekjakjehkpheoaadhkjfcdodpjbgk\0.1.5_0\
CHR - Extension: James White = C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm\3_0\
CHR - Extension: YouTube = C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\
CHR - Extension: Google-Suche = C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: AutocompletePro plugin for chrome = C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\defdhglnppeioeflggkmglipcecffkhk\1.0_0\
CHR - Extension: Stealthy = C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieaebnkibonmpbhdaanjkmedikadnoje\0.1.8_0\
CHR - Extension: AVG Safe Search = C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\
CHR - Extension: Shortcut Manager = C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgjjeipcdnnjhgodgjpfkffcejoljijf\0.7.9_0\
CHR - Extension: HP Product Detection Plugin = C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnhbepgnjnaoahohppnffanmkjkjoglp\1.0.6.1_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.126_0\
CHR - Extension: AutoZoom = C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdkpkoaonnchdakgkmmcmnihhhgbjch\0.9.8_0\
CHR - Extension: Google Mail = C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
Hosts file not found
O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Programme\AutocompletePro\AutocompletePro.dll (SimplyGen)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programme\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AmIcoSinglun] C:\Programme\AmIcoSingLun\AmIcoSinglun.exe (AlcorMicro Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe ()
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [ProductReg] C:\Program Files\Acer\WR_PopUp\ProductReg.exe (Acer)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [Scrub2k] C:\Windows\hpojp8000a809\scrub2k.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Free YouTube Download - C:\Users\Jonas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - c:\Programme\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9 - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - c:\Programme\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Programme\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Programme\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Lokales Intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Lokales Intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0EECDCD9-C8FB-4EB2-91C1-B8AD0198DA93}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2D26BC69-7BDC-4A10-8B4A-207B4A1868C0}: DhcpNameServer = 10.129.32.1 10.111.81.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EA5F7D5A-709C-46A5-B30B-E0DA3B8C3C24}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programme\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\textwareilluminatorbase {CE5CD329-1650-414A-8DB0-4CBF72FAED87} - C:\Windows\System32\textwareilluminatorbaseProtocol.dll ()
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Programme\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll ()
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GO36F4~1.DLL) -C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\ACER03.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\ACER03.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{4e3df6e7-ca57-11e0-8602-001f16c0f078}\Shell - "" = AutoRun
O33 - MountPoints2\{4e3df6e7-ca57-11e0-8602-001f16c0f078}\Shell\AutoRun\command - "" = F:\Autorun.exe
O33 - MountPoints2\{54780da7-cc1b-11e0-8263-001f16c0f078}\Shell - "" = AutoRun
O33 - MountPoints2\{54780da7-cc1b-11e0-8263-001f16c0f078}\Shell\AutoRun\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{e31aba9f-c70e-11e0-860a-001f16c0f078}\Shell - "" = AutoRun
O33 - MountPoints2\{e31aba9f-c70e-11e0-860a-001f16c0f078}\Shell\AutoRun\command - "" = F:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O34 - HKLM BootExecute: (lsdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.01.21 15:56:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.01.21 15:56:43 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.01.19 18:02:12 | 000,000,000 | ---D | C] -- C:\Users\Jonas\AppData\Local\{2279A806-07A2-42E2-99F2-9480DF44885C}
[2012.01.19 18:02:00 | 000,000,000 | ---D | C] -- C:\Users\Jonas\AppData\Local\{F992355C-346E-4B87-A706-D5326427A579}
[2012.01.18 23:45:48 | 000,000,000 | ---D | C] -- C:\Users\Jonas\AppData\Local\ElevatedDiagnostics
[2012.01.18 23:02:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP
[2012.01.18 23:02:51 | 000,000,000 | ---D | C] -- C:\Program Files\WinSCP
[2012.01.18 19:43:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
[2012.01.18 19:43:02 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
[2012.01.18 19:03:06 | 000,017,232 | ---- | C] (WinZip Computing, S.L.(WinZip Computing)) -- C:\Windows\System32\roboot.exe
[2012.01.18 19:03:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip System Utilities Suite
[2012.01.18 19:02:57 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip System Utilities Suite
[2012.01.12 23:06:05 | 000,000,000 | ---D | C] -- C:\Users\Jonas\AppData\Roaming\Cambridge
[2012.01.12 23:05:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TEXTware
[2012.01.12 23:05:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cambridge
[2012.01.12 23:05:32 | 000,434,688 | ---- | C] (TEXTware A/S) -- C:\Windows\System32\HTML.ILX
[2012.01.12 23:05:32 | 000,297,472 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\ltkrn10N.dll
[2012.01.12 23:05:32 | 000,162,304 | ---- | C] (TEXTware A/S) -- C:\Windows\System32\MPegPlay.ILX
[2012.01.12 23:05:32 | 000,142,848 | ---- | C] (TEXTware A/S) -- C:\Windows\System32\Textv.ILX
[2012.01.12 23:05:32 | 000,103,424 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\ltfil10N.DLL
[2012.01.12 23:05:32 | 000,070,656 | ---- | C] (Polar) -- C:\Windows\System32\polspell.dll
[2012.01.12 23:05:32 | 000,069,632 | ---- | C] (TEXTware A/S) -- C:\Windows\System32\TwaBcu01.dll
[2012.01.12 23:05:32 | 000,036,352 | ---- | C] (TEXTware A/S) -- C:\Windows\System32\Whelp.ILX
[2012.01.12 23:05:32 | 000,034,304 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfbmp10N.dll
[2012.01.12 23:05:31 | 001,888,744 | ---- | C] (Inprise Corporation) -- C:\Windows\System32\VCL40.BPL
[2012.01.12 23:05:31 | 000,266,752 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\LFCMP10N.DLL
[2012.01.12 23:05:31 | 000,231,424 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\LTDIS10N.dll
[2012.01.12 23:05:31 | 000,202,752 | ---- | C] (TEXTware A/S) -- C:\Windows\System32\Illprs.dll
[2012.01.12 23:05:31 | 000,160,768 | ---- | C] (TEXTware A/S) -- C:\Windows\System32\ILLKRN.DLL
[2012.01.12 23:05:31 | 000,134,144 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfpng10N.dll
[2012.01.12 23:05:31 | 000,114,176 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\ltimg10N.dll
[2012.01.12 23:05:31 | 000,062,464 | ---- | C] (TEXTware A/S) -- C:\Windows\System32\TWATBS.ILX
[2012.01.12 23:05:31 | 000,059,904 | ---- | C] (TEXTware A/S) -- C:\Windows\System32\ListBox.ILX
[2012.01.12 23:05:31 | 000,000,000 | ---D | C] -- C:\Program Files\TEXTware
[2012.01.12 23:04:44 | 000,000,000 | ---D | C] -- C:\Program Files\Cambridge
[2012.01.11 11:25:56 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012.01.11 11:25:55 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012.01.11 11:25:55 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2012.01.11 11:19:37 | 000,000,000 | ---D | C] -- C:\Users\Jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Suite
[2012.01.11 11:05:10 | 000,000,000 | ---D | C] -- C:\Users\Jonas\AppData\Local\VS Revo Group
[2012.01.11 11:05:04 | 000,027,192 | ---- | C] (VS Revo Group) -- C:\Windows\System32\drivers\revoflt.sys
[2012.01.11 11:05:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
[2012.01.11 11:05:02 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2012.01.10 12:17:09 | 000,000,000 | R--D | C] -- C:\Users\Jonas\Desktop\Audio, Foto, Video
[2012.01.07 02:42:12 | 000,000,000 | ---D | C] -- C:\Users\Jonas\AppData\Local\{AE13AF1A-614F-4970-90E5-51EF50C3790D}
[2012.01.07 02:41:58 | 000,000,000 | ---D | C] -- C:\Users\Jonas\AppData\Local\{88159739-006D-4B41-BB0D-5B9835DB502E}
[2012.01.06 22:17:02 | 000,000,000 | ---D | C] -- C:\Users\Jonas\Desktop\KS Nachrichten
[2012.01.05 18:44:54 | 000,950,200 | RHS- | C] (ismail) -- C:\amtlib.dll
[2012.01.03 16:21:13 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
[2012.01.03 12:21:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.01.03 12:20:13 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.01.03 12:20:12 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.01.03 12:16:21 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012.01.03 12:14:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012.01.03 12:14:20 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011.12.31 00:35:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eligium
[2011.12.31 00:16:29 | 000,000,000 | ---D | C] -- C:\Program Files\Eligium
[2011.12.30 04:09:16 | 000,000,000 | ---D | C] -- C:\Users\Jonas\AppData\Roaming\FOG Downloader
[2011.12.30 04:09:16 | 000,000,000 | ---D | C] -- C:\Users\Jonas\Desktop\eligium_0_90_1_en
[2011.12.25 22:34:19 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.12.25 20:22:53 | 000,000,000 | -H-D | C] -- C:\$AVG
[2011.12.23 16:12:08 | 000,000,000 | ---D | C] -- C:\Users\Jonas\AppData\Roaming\HpUpdate
[2011.12.23 16:11:42 | 000,000,000 | ---D | C] -- C:\Windows\Hewlett-Packard
[2011.12.23 05:00:20 | 000,000,000 | ---D | C] -- C:\Users\Jonas\AppData\Roaming\Opera
[2011.05.13 04:50:06 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.01.21 17:36:19 | 000,000,384 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2012.01.21 17:36:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.01.21 17:35:51 | 2411,929,600 | -HS- | M] () -- C:\hiberfil.sys
[2012.01.21 17:35:50 | 121,483,576 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.01.19 02:25:50 | 000,251,544 | ---- | M] () -- C:\Windows\hpwins21.dat.temp
[2012.01.19 02:25:50 | 000,251,544 | ---- | M] () -- C:\Windows\hpwins21.dat
[2012.01.18 23:18:06 | 000,000,600 | ---- | M] () -- C:\Users\Jonas\AppData\Roaming\winscp.rnd
[2012.01.18 23:02:52 | 000,001,799 | ---- | M] () -- C:\Users\Jonas\Desktop\WinSCP.lnk
[2012.01.18 19:05:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.01.18 19:03:02 | 000,001,284 | ---- | M] () -- C:\Users\Public\Desktop\WinZip System Utilities Suite - Smart Scan.lnk
[2012.01.18 19:03:01 | 000,002,256 | ---- | M] () -- C:\Users\Public\Desktop\WinZip System Utilities Suite.lnk
[2012.01.18 17:31:34 | 086,971,166 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012.01.18 17:31:03 | 000,212,725 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2012.01.18 10:24:44 | 000,010,880 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.18 10:24:44 | 000,010,880 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.18 10:18:53 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.01.16 22:39:27 | 000,311,808 | ---- | M] () -- C:\Windows\System32\StormLib.dll
[2012.01.15 13:44:23 | 000,000,064 | ---- | M] () -- C:\Windows\System32\rp_stats.dat
[2012.01.15 13:44:23 | 000,000,044 | ---- | M] () -- C:\Windows\System32\rp_rules.dat
[2012.01.13 11:24:06 | 002,294,240 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.01.12 23:06:27 | 000,000,351 | ---- | M] () -- C:\Windows\ADDICT.CFG
[2012.01.12 23:05:38 | 000,002,018 | ---- | M] () -- C:\Users\Public\Desktop\English Pronouncing Dictionary.lnk
[2012.01.12 23:05:38 | 000,000,063 | ---- | M] () -- C:\Windows\TEXTware.ini
[2012.01.12 22:01:26 | 000,001,988 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012.01.12 15:01:03 | 000,002,000 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
[2012.01.11 17:48:02 | 000,654,166 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.01.11 17:48:02 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.01.11 17:48:02 | 000,130,006 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.01.11 17:48:02 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.01.11 11:05:07 | 000,001,234 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2012.01.10 13:43:55 | 000,000,816 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.umbrella
[2012.01.10 13:43:55 | 000,000,816 | ---- | M] () -- C:\Users\Jonas\Desktop\hosts.umbrella
[2012.01.10 12:27:32 | 000,001,768 | ---- | M] () -- C:\Windows\System32\mapisvc.inf
[2012.01.07 05:06:24 | 000,002,290 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.01.04 21:06:45 | 000,018,458 | ---- | M] () -- C:\Users\Jonas\Documents\cc_20120104_210612.reg
[2012.01.04 18:40:21 | 000,007,605 | ---- | M] () -- C:\Users\Jonas\AppData\Local\Resmon.ResmonCfg
[2011.12.31 04:22:35 | 000,313,241 | ---- | M] () -- C:\Users\Jonas\Documents\www-geilefreundin-com.pdf
[2011.12.31 00:35:37 | 000,001,762 | ---- | M] () -- C:\Users\Jonas\Desktop\Eligium.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.01.19 02:33:50 | 000,251,544 | ---- | C] () -- C:\Windows\hpwins21.dat.temp
[2012.01.19 01:53:12 | 000,000,428 | ---- | C] () -- C:\Windows\hpwmdl21.dat.temp
[2012.01.18 23:02:52 | 000,001,799 | ---- | C] () -- C:\Users\Jonas\Desktop\WinSCP.lnk
[2012.01.18 23:02:52 | 000,000,600 | ---- | C] () -- C:\Users\Jonas\AppData\Roaming\winscp.rnd
[2012.01.18 21:13:07 | 000,000,384 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2012.01.18 21:12:42 | 121,483,576 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012.01.18 19:03:02 | 000,001,284 | ---- | C] () -- C:\Users\Public\Desktop\WinZip System Utilities Suite - Smart Scan.lnk
[2012.01.18 19:03:01 | 000,002,256 | ---- | C] () -- C:\Users\Public\Desktop\WinZip System Utilities Suite.lnk
[2012.01.12 23:06:27 | 000,000,351 | ---- | C] () -- C:\Windows\ADDICT.CFG
[2012.01.12 23:05:38 | 000,002,018 | ---- | C] () -- C:\Users\Public\Desktop\English Pronouncing Dictionary.lnk
[2012.01.12 23:05:38 | 000,000,063 | ---- | C] () -- C:\Windows\TEXTware.ini
[2012.01.12 23:05:33 | 000,321,024 | ---- | C] () -- C:\Windows\System32\textwareilluminatorbaseProtocol.dll
[2012.01.12 23:05:33 | 000,091,648 | ---- | C] () -- C:\Windows\System32\IEBrowser.ILX
[2012.01.12 23:05:33 | 000,059,392 | ---- | C] () -- C:\Windows\System32\Bass.ILX
[2012.01.12 23:05:33 | 000,048,128 | ---- | C] () -- C:\Windows\System32\QFClient.ILX
[2012.01.12 23:05:33 | 000,017,408 | ---- | C] () -- C:\Windows\System32\WavRecpk4.bpl
[2012.01.12 23:05:32 | 000,360,500 | ---- | C] () -- C:\Windows\System32\TWATBS32.VBX
[2012.01.12 23:05:32 | 000,305,152 | ---- | C] () -- C:\Windows\System32\ASpell.ILX
[2012.01.12 23:05:32 | 000,258,048 | ---- | C] () -- C:\Windows\System32\TWABTE32.TBM
[2012.01.12 23:05:32 | 000,147,456 | ---- | C] () -- C:\Windows\System32\Twavbx32.dll
[2012.01.12 23:05:32 | 000,113,288 | ---- | C] () -- C:\Windows\System32\bass.dll
[2012.01.12 23:05:32 | 000,047,616 | ---- | C] () -- C:\Windows\System32\PolyHot.ILX
[2012.01.12 23:05:32 | 000,030,720 | ---- | C] () -- C:\Windows\System32\BroadCast.ILX
[2012.01.12 23:05:32 | 000,028,672 | ---- | C] () -- C:\Windows\System32\TwaBcu.ILX
[2012.01.12 23:05:32 | 000,018,432 | ---- | C] () -- C:\Windows\System32\TWAIED02.DLL
[2012.01.12 23:05:31 | 000,143,360 | ---- | C] () -- C:\Windows\System32\ILXTBS.DLL
[2012.01.12 23:04:47 | 000,066,614 | ---- | C] () -- C:\Windows\System\Twaepd.bmp
[2012.01.12 22:01:26 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2012.01.12 22:01:26 | 000,001,988 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012.01.12 15:01:03 | 000,002,000 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
[2012.01.11 11:05:07 | 000,001,234 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2012.01.10 13:43:49 | 000,000,816 | ---- | C] () -- C:\Users\Jonas\Desktop\hosts.umbrella
[2012.01.04 21:06:22 | 000,018,458 | ---- | C] () -- C:\Users\Jonas\Documents\cc_20120104_210612.reg
[2012.01.04 18:40:21 | 000,007,605 | ---- | C] () -- C:\Users\Jonas\AppData\Local\Resmon.ResmonCfg
[2011.12.31 04:22:35 | 000,313,241 | ---- | C] () -- C:\Users\Jonas\Documents\www-geilefreundin-com.pdf
[2011.12.31 00:35:45 | 000,001,762 | ---- | C] () -- C:\Users\Jonas\Desktop\Eligium.lnk
[2011.12.23 19:39:33 | 000,016,432 | ---- | C] () -- C:\Windows\System32\lsdelete.exe
[2011.12.09 15:31:38 | 000,251,544 | ---- | C] () -- C:\Windows\hpwins21.dat
[2011.10.30 17:00:16 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2011.10.30 17:00:16 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2011.10.23 23:10:01 | 000,311,808 | ---- | C] () -- C:\Windows\System32\StormLib.dll
[2011.09.14 09:13:18 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2011.09.14 09:12:10 | 000,020,227 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2011.09.02 10:00:22 | 000,484,352 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2011.07.05 13:53:07 | 000,000,232 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011.06.25 01:32:19 | 000,000,257 | ---- | C] () -- C:\Users\Jonas\AppData\Roaming\iPod Access v4 Prefs
[2011.06.25 01:24:45 | 000,000,046 | -H-- | C] () -- C:\Users\Jonas\AppData\Roaming\iPodAccessv4_OwnerName
[2011.06.25 01:24:45 | 000,000,046 | -H-- | C] () -- C:\ProgramData\iPodAccessv4_OwnerName
[2011.06.25 01:20:52 | 000,000,011 | -H-- | C] () -- C:\Users\Jonas\AppData\Roaming\iPodAccess_Time
[2011.06.18 16:10:18 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2011.06.06 17:34:05 | 000,138,056 | ---- | C] () -- C:\Users\Jonas\AppData\Roaming\PnkBstrK.sys
[2011.05.31 00:19:42 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011.05.30 21:43:15 | 000,137,544 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011.05.30 21:12:29 | 000,189,480 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2011.05.30 21:12:24 | 003,360,624 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2011.05.30 21:12:24 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2011.05.29 15:52:07 | 000,111,104 | ---- | C] () -- C:\Windows\System32\Uharc.exe
[2011.05.29 15:52:07 | 000,008,636 | ---- | C] () -- C:\Windows\System32\modifype.exe
[2011.05.29 15:28:25 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2011.05.28 12:21:33 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2011.05.13 16:55:56 | 000,005,120 | ---- | C] () -- C:\Users\Jonas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.13 15:34:53 | 000,021,532 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat
[2011.05.12 19:33:06 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2011.05.12 19:33:06 | 000,106,496 | ---- | C] () -- C:\Windows\FixUVC.exe
[2011.05.12 19:33:06 | 000,000,074 | ---- | C] () -- C:\Windows\PidList.ini
[2011.05.12 19:31:03 | 000,090,772 | ---- | C] () -- C:\Windows\System32\drivers\RtConvEQ.DAT
[2011.05.12 19:31:03 | 000,000,536 | ---- | C] () -- C:\Windows\System32\drivers\RtHdatEx.dat
[2011.05.12 19:31:03 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX2.dat
[2011.05.12 19:31:03 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat
[2011.05.12 19:31:03 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2011.05.12 19:31:03 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat
[2009.11.06 12:03:31 | 000,000,428 | ---- | C] () -- C:\Windows\hpwmdl21.dat
[2009.07.14 09:47:43 | 000,654,166 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2009.07.14 09:47:43 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2009.07.14 09:47:43 | 000,130,006 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2009.07.14 09:47:43 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2009.07.14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 05:33:53 | 002,294,240 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 03:05:48 | 000,616,008 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 03:05:48 | 000,106,388 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009.03.12 11:32:52 | 000,000,028 | ---- | C] () -- C:\Windows\WisLangCode.ini
[2009.02.13 01:50:52 | 000,097,792 | ---- | C] () -- C:\Windows\System32\INT15_64.dll
[2009.02.13 01:50:52 | 000,081,920 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2009.02.13 01:50:52 | 000,069,632 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys
[2009.02.13 01:50:52 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys
[2009.02.13 01:50:04 | 000,118,784 | ---- | C] () -- C:\Windows\System32\VMC3KAPI.dll
[2009.02.11 21:03:58 | 000,872,448 | ---- | C] () -- C:\Windows\iconv.dll
[2009.02.11 21:03:58 | 000,743,424 | ---- | C] () -- C:\Windows\libxml2.dll
[2009.02.11 21:03:57 | 000,000,060 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2008.10.07 08:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008.10.07 08:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll

< End of report >

Code:

OTL Extras logfile created on: 21.01.2012 17:43:52 - Run 2
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Jonas\Desktop\PC-Klinik
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,27 Gb Available Physical Memory | 75,84% Memory free
5,99 Gb Paging File | 5,40 Gb Available in Paging File | 90,24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 452,99 Gb Total Space | 48,70 Gb Free Space | 10,75% Space Free | Partition Type: NTFS
Drive E: | 7,55 Gb Total Space | 3,55 Gb Free Space | 47,06% Space Free | Partition Type: FAT32
 
Computer Name: HIGHENDMACHINE | User Name: Jonas | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1DA193D3-BEC6-4FEF-89E3-D8F739216BFB}_is1" = Ashampoo Anti-Malware v.1.21
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 26
"{29042B1C-0713-4575-B7CA-5C8E7B0899D4}" = MySQL Connector/ODBC 5.1
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{302E9B7B-2B6A-4C29-9A02-9F2110649779}" = Nuvoton EC Generic HID Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer PowerSmart Manager
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{490BF87E-1F75-4453-BF55-9F540543A3CA}" = Steinberg Drum Loop Expansion 01
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}" = Steinberg Cubase 5
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4D454CF8-12FD-464D-B57B-B46FE27B78BB}" = Steinberg LoopMash Content
"{532B917B-8235-4FA5-BE36-643A8BB053A5}" = Steinberg REVerence Content 01
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{565A39D6-4FB0-4F35-A2AC-0DC66ACC3520}" = Fingerprint Solution
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.5.7
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{710BF966-43C8-4216-A8EC-BC4E169FF7C1}" = MobileMe Control Panel
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{73370408-B80E-4509-B9AF-957E2E0F512F}_is1" = WinZip System Utilities Suite
"{7644E42D-B096-457F-8B5B-901238FC81AE}" = ICQ7.6
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{8398852A-7B61-4808-8F58-D0A40D1B2CB6}" = AVG 2012
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}" = Steinberg HALionOne Studio Drum Set
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92975DF9-EA36-4F36-A9AC-D412BC1D709E}" = Nuvoton EC Generic HID Driver
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AF0B106-56F1-461B-A270-95BC1682E282}" = Broadcom Gigabit NetLink Controller
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A2F166A0-F031-4E27-A057-C69733219435}_is1" = Eligium
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.0 - Deutsch
"{AC997F93-0757-4ED4-A701-F40C2D654D09}" = Steinberg HALionOne GM Drum Set
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Display Control Panel
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F}" = iTunes
"{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1" = SUPER © v2011.build.48 (April 23, 2011) Version v2011.build.48
"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BD86F1AC-B594-46E4-85DC-1258AC9E2232}" = Steinberg Groove Agent ONE Content
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{BF91B300-EEBC-4223-96F3-0FCBF7241B50}" = AmIcoSingLun
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}" = WinZip 15.0
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam Ver:1.1.79.326
"{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}" = Steinberg HALionOne Studio Set
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{D82CDA0D-C182-42C8-8FF2-5649C98D6003}" = Steinberg HALionOne Pro Set
"{D84EA2B7-F65E-43F3-9FB5-18B2162DBFA2}}_is1" = Stormblade Launcher 1.1
"{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}" = Acer Product Registration
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E171F5DA-6F17-472D-A223-92468142C5E8}" = AVG 2012
"{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}" = Steinberg HALionOne Expression Set
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E70E7159-93B1-470D-9FBD-D8E9EF34B538}" = Steinberg HALionOne
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{F057965A-D974-4C64-ADB1-4381CD4B8956}" = Steinberg HALionOne GM Set
"{F0B0CC2B-D6B2-4D85-9620-FCAB8863DBE6}_is1" = Any Video-Audio Converter 6.0
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F232C87C-6E92-4775-8210-DFE90B7777D9}" = CyberLink PowerDVD 11
"{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}" = Steinberg HALionOne Additional Content Set 01
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FB32F52B-0D1C-4214-91A6-5B2DA15A5238}" = Ad-Aware
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FDB5E0F3-86EA-4379-8A2F-1BC2436543E9}" = iCloud
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1489-3350-5074-6281" = JDownloader 0.9
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_b2d6abde968e6f277ddbfd501383e02" = Adobe Creative Suite 4 Master Collection
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Ashampoo Burning Studio Elements_is1" = Ashampoo Burning Studio Elements 10.0.9
"Ashampoo HDD Control_is1" = Ashampoo HDD Control 1.12
"Ashampoo MyAutoplay Menu_is1" = Ashampoo MyAutoplay Menu 1.0.5
"Ashampoo Slideshow Studio Elements_is1" = Ashampoo Slideshow Studio Elements 2.0.1
"Audacity_is1" = Audacity 1.2.6
"AutocompletePro3_is1" = AutocompletePro
"AVG" = AVG 2012
"AviSynth" = AviSynth 2.5
"Canon RAW Codec" = Canon RAW Codec
"CCleaner" = CCleaner
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Combat Arms EU" = Combat Arms EU
"Diablo II" = Diablo II
"DivX Setup" = DivX-Setup
"EA Installer.1475696318" = EA Installer
"English Pronouncing Dictionary" = English Pronouncing Dictionary
"FileZilla Client" = FileZilla Client 3.5.2
"Free Audio Converter_is1" = Free Audio Converter version 2.2.19.602
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 2.0
"Free Video to iPhone Converter_is1" = Free Video to iPhone Converter version 3.2.19.602
"Free WAV to MP3 Converter" = Free WAV to MP3 Converter
"FUSSBALL MANAGER 11" = FUSSBALL MANAGER 11
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"GridVista" = Acer GridVista
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"ICQToolbar" = ICQ Toolbar
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{565A39D6-4FB0-4F35-A2AC-0DC66ACC3520}" = Acer Bio Protection
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"InstallShield_{BF91B300-EEBC-4223-96F3-0FCBF7241B50}" = AmIcoSingLun
"InstallShield_{F232C87C-6E92-4775-8210-DFE90B7777D9}" = CyberLink PowerDVD 11
"iPod Access for Windows_is1" = iPod Access for Windows v4.4.1
"iTwin_is1" = iTwin 3.2 Final
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.1.0 (Basic)
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.0.1800
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"MobileSyncBrowse_0" = MobileSyncBrowser 4.3.2
"Mozilla Firefox 8.0 (x86 de)" = Mozilla Firefox 8.0 (x86 de)
"Native Instruments Massive" = Native Instruments Massive
"NVIDIA Drivers" = NVIDIA Drivers
"phase-6" = phase-6 2.1.2.3a
"PunkBusterSvc" = PunkBuster Services
"RedEclipse" = RedEclipse
"reFX Nexus_is1" = reFX Nexus VSTi RTAS v2.2.0
"Shop for HP Supplies" = Shop for HP Supplies
"Steam App 13140" = America's Army 3
"Steam App 240" = Counter-Strike: Source
"Steam App 260" = Counter-Strike: Source Beta
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"The Panorama Factory" = Panorama Factory
"TS3 Overlay" = TS3 Overlay
"VLC media player" = VLC media player 1.1.9
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.00 (32-Bit)
"winscp3_is1" = WinSCP 4.3.6
"World of Warcraft" = World of Warcraft
"YTdetect" = Yahoo! Detect
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"AVCWare Total Video Converter 6" = AVCWare Total Video Converter 6
"CopyTrans Suite" = Nur Entfernen der CopyTrans Suite möglich
"Diablo II" = Diablo II
"FoxTab Video Converter" = FoxTab Video Converter
"Game Organizer" = EasyBits GO
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"UnityWebPlayer" = Unity Web Player
"Winamp Detect" = Winamp Erkennungs-Plug-in
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 11.01.2012 02:08:07 | Computer Name = HighEndMachine | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: ePowerTray.exe, Version: 4.1.3016.0,
 Zeitstempel: 0x4a409dcb  Name des fehlerhaften Moduls: ePowerTray.exe, Version: 4.1.3016.0,
 Zeitstempel: 0x4a409dcb  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0000ca46  ID des fehlerhaften
 Prozesses: 0xc2c  Startzeit der fehlerhaften Anwendung: 0x01ccd0276024a1d7  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
Berichtskennung:
 a10b2a36-3c1a-11e1-95de-001f16c0f078
 
Error - 11.01.2012 02:58:42 | Computer Name = HighEndMachine | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: CopyTransControlCenter.exe, Version:
 2.2.7.0, Zeitstempel: 0x00000000  Name des fehlerhaften Moduls: unknown, Version:
 0.0.0.0, Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00000000
ID
 des fehlerhaften Prozesses: 0x14a4  Startzeit der fehlerhaften Anwendung: 0x01ccd02e6b9b350e
Pfad
 der fehlerhaften Anwendung: C:\Users\Jonas\AppData\Roaming\WindSolutions\CopyTransControlCenter\Applications\CopyTransControlCenter.exe
Pfad
 des fehlerhaften Moduls: unknown  Berichtskennung: b1e1eec5-3c21-11e1-95de-001f16c0f078
 
Error - 11.01.2012 03:05:14 | Computer Name = HighEndMachine | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: CopyTransManager.exe, Version: 0.9.5.2,
 Zeitstempel: 0x00000000  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00010b3c  ID des fehlerhaften
 Prozesses: 0x8d4  Startzeit der fehlerhaften Anwendung: 0x01ccd02f5bee6fe6  Pfad der
 fehlerhaften Anwendung: C:\Users\Jonas\AppData\Roaming\WindSolutions\CopyTransControlCenter\Applications\CopyTransManager.exe
Pfad
 des fehlerhaften Moduls: unknown  Berichtskennung: 9b76d60f-3c22-11e1-95de-001f16c0f078
 
Error - 11.01.2012 03:07:47 | Computer Name = HighEndMachine | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: CopyTransManager.exe, Version: 0.9.5.2,
 Zeitstempel: 0x00000000  Name des fehlerhaften Moduls: CopyTransManager.exe, Version:
 0.9.5.2, Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x012a165b
ID
 des fehlerhaften Prozesses: 0xb24  Startzeit der fehlerhaften Anwendung: 0x01ccd02faeadcb59
Pfad
 der fehlerhaften Anwendung: C:\Users\Jonas\AppData\Roaming\WindSolutions\CopyTransControlCenter\Applications\CopyTransManager.exe
Pfad
 des fehlerhaften Moduls: C:\Users\Jonas\AppData\Roaming\WindSolutions\CopyTransControlCenter\Applications\CopyTransManager.exe
Berichtskennung:
 f6c97677-3c22-11e1-95de-001f16c0f078
 
Error - 11.01.2012 03:09:44 | Computer Name = HighEndMachine | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: CopyTransManager.exe, Version: 0.9.5.2,
 Zeitstempel: 0x00000000  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00010927  ID des fehlerhaften
 Prozesses: 0x1144  Startzeit der fehlerhaften Anwendung: 0x01ccd02ffa58e50b  Pfad der
 fehlerhaften Anwendung: C:\Users\Jonas\AppData\Roaming\WindSolutions\CopyTransControlCenter\Applications\CopyTransManager.exe
Pfad
 des fehlerhaften Moduls: unknown  Berichtskennung: 3c840926-3c23-11e1-95de-001f16c0f078
 
Error - 11.01.2012 03:10:15 | Computer Name = HighEndMachine | Source = Application Hang | ID = 1002
Description = Programm Install_CopyTrans_Suite.exe, Version 2.3.3.0 kann nicht mehr
 unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
 in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 670    Startzeit: 01ccd02f9a075caf    Endzeit: 687    Anwendungspfad:
 C:\Users\Jonas\Downloads\Install_CopyTrans_Suite.exe    Berichts-ID:   
 
Error - 11.01.2012 03:12:49 | Computer Name = HighEndMachine | Source = Application Hang | ID = 1002
Description = Programm CopyTransControlCenter.exe, Version 2.3.3.0 kann nicht mehr
 unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
 in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 1380    Startzeit: 01ccd030208f4b30    Endzeit: 141    Anwendungspfad:
 C:\Users\Jonas\AppData\Roaming\WindSolutions\CopyTransControlCenter\Applications\CopyTransControlCenter.exe

Berichts-ID:
 a81dd1e1-3c23-11e1-95de-001f16c0f078  
 
Error - 11.01.2012 04:46:19 | Computer Name = HighEndMachine | Source = WinMgmt | ID = 10
Description = 
 
Error - 11.01.2012 04:47:35 | Computer Name = HighEndMachine | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: ePowerTray.exe, Version: 4.1.3016.0,
 Zeitstempel: 0x4a409dcb  Name des fehlerhaften Moduls: ePowerTray.exe, Version: 4.1.3016.0,
 Zeitstempel: 0x4a409dcb  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0000ca46  ID des fehlerhaften
 Prozesses: 0x1084  Startzeit der fehlerhaften Anwendung: 0x01ccd03da7516847  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
Berichtskennung:
 e830cc85-3c30-11e1-9567-001f16c0f078
 
Error - 11.01.2012 06:17:11 | Computer Name = HighEndMachine | Source = VSS | ID = 8194
Description = 
 
[ System Events ]
Error - 21.01.2012 12:36:14 | Computer Name = HighEndMachine | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 21.01.2012 12:36:15 | Computer Name = HighEndMachine | Source = Service Control Manager | ID = 7003
Description = Der Dienst "IKE- und AuthIP IPsec-Schlüsselerstellungsmodule" ist 
von folgendem Dienst abhängig: BFE. Dieser Dienst ist eventuell nicht installiert.
 
Error - 21.01.2012 12:36:15 | Computer Name = HighEndMachine | Source = Service Control Manager | ID = 7003
Description = Der Dienst "IPsec-Richtlinien-Agent" ist von folgendem Dienst abhängig:
 BFE. Dieser Dienst ist eventuell nicht installiert.
 
Error - 21.01.2012 12:36:15 | Computer Name = HighEndMachine | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   Avgldx86  Avgmfx86  discache  mwlPSDFilter  mwlPSDNServ  mwlPSDVDisk  spldr  Wanarpv6
 
Error - 21.01.2012 12:36:21 | Computer Name = HighEndMachine | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
 
Error - 21.01.2012 12:36:27 | Computer Name = HighEndMachine | Source = DCOM | ID = 10005
Description = 
 
Error - 21.01.2012 12:36:39 | Computer Name = HighEndMachine | Source = DCOM | ID = 10005
Description = 
 
Error - 21.01.2012 12:36:49 | Computer Name = HighEndMachine | Source = DCOM | ID = 10005
Description = 
 
Error - 21.01.2012 12:36:49 | Computer Name = HighEndMachine | Source = DCOM | ID = 10005
Description = 
 
Error - 21.01.2012 12:36:50 | Computer Name = HighEndMachine | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
 
< End of report >

**kira** · 22.01.2012, 07:06

1.
Windows und die installierten Programme auf den neuesten Stand zu halten,sind Garanten für eine erhöhte Sicherheit!
Adobe Reader aktualisieren :
Bei Installation aufpassen/mitlesen!: Wenn irgendeine Software, Toolbar etc angeboten wird, bitte abwählen!
Adobe Reader
oder: Adobe starten-> gehe auf "Hilfe"-> "Nach Update suchen..."

2.
Java aktualisieren- über Systemsteuerung-> Nach Update suchen...
Deine Javaversion ist nicht aktuell.
Downloade nun die Offline-Version von Java Version Java 7 von Oracle und installiere sie. Achte darauf, eventuell angebotene Toolbars nicht mitzuinstallieren, also während der Installation den Haken bei der Toolbar entfernen.

3.
Öffne CCleaner - Anleitung CCleaner

"Cleaner"->"Analysieren"->Klick auf den Button "Start CCleaner"
"Registry""Fehler suchen"-> "Fehler beheben"->"Alle beheben"
Starte dein System neu auf

4.
Systemreinigung und Prüfung:
Anleitung:-> Grundreinigung mit SUPERAntiSpyware

5.
♦ Schon seit langem gehört "Worm.Win32.Autorun" zu den beliebtesten Verbreitungswegen von Viren, sollte man daher, die auf dem Speichermedium gesicherten Daten (wie USB-Stick/Festplatte und andere) zeitweise prüfen lassen
♦ Also schließe jetzt alle externe Datenträgeran Deinen Rechner an, dabei die Hochstell-Taste [Shift-Taste] gedrückt halten, damit die Autorun-Funktion nicht ausgeführt wird. (So verhindest Du die Ausführung der AUTORUN-Funktion) - Man kann die AUTORUN-Funktion aber auch generell abschalten.►Anleitung

6.
ESET Online Scanner
Achtung!:
Keinen andere Virenscanner auf Deinem PC installieren, sondern dein PC NUR online scannen!!!
♦ Prüfe Deinen Rechner jetzt, auf Viren, Trojaner, Würmer und anderen Schadcode, mit dem kostenlosen Online Virenscanner von:

► Eset/Nod32 bitte auswählen!!!-> Link und Anleitung zum ESET/NOD32 online Scanner-> Kostenlose Online Scanner

♦ Poste bitte das Protokoll

7.

Achtung wichtig!:
Falls Du selber im Logfile Änderungen vorgenommen hast, musst Du durch die Originalbezeichnung ersetzen und so in Script einfügen! sonst funktioniert nicht!
(Benutzerordner, dein Name oder sonstige Änderungen durch X, Stern oder andere Namen ersetzt)

Fixen mit OTL

Starte die OTL.exe.
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Kopiere folgendes Skript (unverändert inkl. :OTL):

Code:

:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0511&m=aspire_7738
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0511&m=aspire_7738
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0511&m=aspire_7738
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
[2010.01.01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010.01.01 09:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.05.21 15:29:11 | 000,002,048 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml
[2010.01.01 09:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 09:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 09:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
O4 - HKLM..\Run: []  File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4e3df6e7-ca57-11e0-8602-001f16c0f078}\Shell - "" = AutoRun
O33 - MountPoints2\{4e3df6e7-ca57-11e0-8602-001f16c0f078}\Shell\AutoRun\command - "" = F:\Autorun.exe
O33 - MountPoints2\{54780da7-cc1b-11e0-8263-001f16c0f078}\Shell - "" = AutoRun
O33 - MountPoints2\{54780da7-cc1b-11e0-8263-001f16c0f078}\Shell\AutoRun\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{e31aba9f-c70e-11e0-860a-001f16c0f078}\Shell - "" = AutoRun
O33 - MountPoints2\{e31aba9f-c70e-11e0-860a-001f16c0f078}\Shell\AutoRun\command - "" = F:\Autorun.exe
[2012.01.21 17:36:19 | 000,000,384 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2012.01.18 19:05:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.01.18 10:18:53 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

:Commands
[purity]
[emptytemp]

und füge es hier ein:
Schließe alle Programme.
Klicke auf den Fix Button.
Klick auf .
OTL verlangt einen Neustart. Bitte zulassen.
Nach dem Neustart findest Du ein Textdokument.
Kopiere den Inhalt hier in Code-Tags in Deinen Thread.

► Empfehlungen/Vorschläge:

8.

Ad-Aware

- würde ich nicht mehr empfehlen, da erfüllt nicht die neue Schutzanforderungen und Lösungen Schutz vor Malware bzw gegenüber ganz neuen Herausforderungen arbeitet nicht zufriedenstellend
meiner Meinung nach bietet nicht mehr ausreichenden Schutz gegen "moderne Malwarearten"...

9.
An deiner Stelle würde ich aus dem Autostart folgende Programme rausnehmen:
Beim Hochfahren von Windows werden einige Programme mit gestartet, die sich (mit oder ohne Zustimmung des Users) im Autostart eingetragen haben
Je mehr Programme hier aufgeführt sind, umso langsamer startet Windows. Deshalb kann es sinnvoll sein, Software die man nicht unbedingt immer benötigt, aus dem Autostart zu entfernen.- Bei allem Häkchen weg was nicht starten soll.
Die Programme bleiben dabei erhalten, falls man braucht, kann jederzeit manuell gestartet werden!

Code:

Du solltest nie deaktivieren :
Grafiktreibers
Firewall
Antivirenprogramm
Sound

Es ist immer Benutzerspezifisch (ein allgemein gültiges Rezept gibt es nicht), Tipps kann ich Dir geben

um den Autostart von Windows XP zu verwalten:-> "Start-> ausführen-> "msconfig" (reinschreiben ohne ""-> OK -> Systemstart
► "Start -> Alle Programme-> Zubehör-> Ausführen" .. und gibst Du "msconfig" (ohne "") ein ->OK

(Autostart-Einträge, die Du nicht findest, einfach mit HijackThis fixen:
Alle Programme, Browser etc schließen→ HijackTis starten→ "Do a system scan only" anklicken→ Eintrag auswählen→ "Fix checked"klicken→ PC neu aufstarten
HijackThis erstellt ein Backup, Falls bei "Fixen" etwas schief geht, kann man unter "View the list of backups"- die Objekte wiederherstellen [/size]
um den Autostart von Windows XP zu verwalten:-> "Start-> ausführen-> "msconfig" (reinschreiben ohne ""-> OK -> Systemstart

Schwarz gefärbten - kannst ohne bedenken aus dem Autostart herausnehmen
Rot gefärbten - überlegenswert (wenn nicht ständig v System u. von Dir benötigt), ob beim Autostart hochfahren sollten

Code:

O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe
O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe"
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\RunOnce: [Scrub2k] C:\Windows\HPOJP8000A809\scrub2k.exe
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ProductReg] "C:\Program Files\Acer\WR_PopUp\ProductReg.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')

Achtung!:
Für die aufgelisteten Programme gelten zusätzlich, dass man nach Aktualisierung (AfterUpdate) erneut unter Start und Dienste nachkontrollieren muss!

10.
poste erneut - nach der vorgenommenen Reinigungsaktion:
TrendMicro™ HijackThis™ -Logfile - Keine offenen Fenster, solang bis HijackThis läuft!!
► Rechtsklick auf HijackThis-> "Als administrator ausführen" wählen...(Wista und WIN 7)

► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?

**groovykay** · 22.01.2012, 12:50

1. Wenn ich versuche, den Reader zu updaten, kommt wieder diese Fehlermeldung, die auch kam als ich die Toolbar deinstallieren wollte:

Name: installerERROR.png
Hits: 363
Größe: 9,4 KB

Name: installerERROR.png
Hits: 363
Größe: 9,4 KB

2. Auch selbe Fehlermeldung beim Deinstallieren des alten java, habs wieder manuell gemacht. Neues Java runtergeladen, wieder dieselbe Fehlermeldung. Seltsamerweise konnte ich aber FileZilla vorhin problemlos updaten...

3. Da 1 und 2 nicht gingen, mach ich mit 3 weiter, wobei ich grad überlege, ob ich den PC komplett neu aufsetze. Ccleaner läuft gerade...

**kira** · 22.01.2012, 17:19

Da dein Rechner vorher schon mal von diesem Virus "kinox.to" befallen war, vlt nicht ganz verkehrt, mal die Festplatte zu formatieren und Windows neu einrichten:-> http://de.wikipedia.org/wiki/Technische_Kompromittierung]*klick* - Technische Kompromittierung[/url]
ich würde an deiner Stelle machen, nur so kannst Du sicher sein, dass dein Speicher 100%ig sauber ist...

**kira** · 31.01.2012, 09:11

Datensicherung - Nur auf die nicht verzichten kannst:
Vorsicht mit den schon vorhandenen Dateien auf die extern gespeicherten Daten und auch jetzt mit dem Virus infizierte Dateien eine Datensicherung anzufertigen
** Empfehle ich Dir NUR Daten sichern, die nicht ausführbaren Dateien enthalten - Dateiendungen - Dies ist eine Liste von Dateiendungen, die Dateien mit ausführbarem Code bezeichnen können.
Am besten alles was dir sehr wichtig, separat (extern) sichern - nicht mischen eventuell früher geschicherten Daten, also vor dem Befall!

die Sicherung wieder zurückspielen:
- die Autoplay-Funktion für alle Laufwerke deaktivieren/ausschalten -> Autorun/Autoplay gezielt für Laufwerkstypen oder -buchstaben abschalten
- extern gesicherte Daten-Datenträger anschließen, gründlich scannen lassen von einem suaberen System aus, am besten mit mehreren Scannern-> Kostenlose Online Scanner - Anleitung

- Alle Passwörter, die auf dem kompromittierten System verwendet wurden (also z.B. Login-, Mail- oder Website-Passwörter, aber auch die PIN für das Online-Banking) sofort ändern ( am besten von einem anderen, nicht-infizierten Rechner aus! )

Sichere Paswort - Die sichere Passwort-Wahl - (sollte man eigentlich regelmäßigen Abständen ca. alle 3-5 Monate ändern)
auch noch hier unter: Sicheres Kennwort (Password)

► Neuaufsetzen (Windows XP, Vista und Windows 7) - Anleitungen
► Nachsorge

gruß
kira

Thema: BSOD: CRITICAL_SERVICE_FAILED

Themen-Optionen

BSOD: CRITICAL_SERVICE_FAILED

AW: BSOD: CRITICAL_SERVICE_FAILED

AW: BSOD: CRITICAL_SERVICE_FAILED

AW: BSOD: CRITICAL_SERVICE_FAILED

AW: BSOD: CRITICAL_SERVICE_FAILED

AW: BSOD: CRITICAL_SERVICE_FAILED

AW: BSOD: CRITICAL_SERVICE_FAILED

AW: BSOD: CRITICAL_SERVICE_FAILED

AW: BSOD: CRITICAL_SERVICE_FAILED

Aktive Benutzer

Aktive Benutzer

Ähnliche Themen

Windows 7 Repetition BSOD Hijackthis rapport

Windows Vista BSOD and failing to run internet browsers

Hammer Rootkit, popups, reroutes, in safemode, bsod ...

Bsod

Berechtigungen