Viren? Dldr.small.ck; EXP/12-0507.AM.2 ...

[siddharta01]

Hallo ih Lieben!

Habe von Avira sieben verschiedene Virenmeldungen erhalten und frage mich jetzt, ob das
ernsthafte Infektionen sein könnten. Habe keine Veränderungen an meinem System gemerkt. Habe
die empfohlenen scans durchgeführt, aber hjscanlist hat nicht funktioniert - da stand of während des
scans "zugriff verweigert" und die Ergebnis-txt-Datei war leer. Hier die einzelnen scans:

Avira-Scan:

Code:

Avira AntiVir Personal
Erstellungsdatum der Reportdatei: Donnerstag, 24. Mai 2012  14:34

Es wird nach 3745369 Virenstämmen gesucht.

Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer   : Avira AntiVir Personal - Free Antivirus
Seriennummer   : 0000149996-ADJIE-0000001
Plattform      : Windows Vista
Windowsversion : (Service Pack 2)  [6.0.6002]
Boot Modus     : Normal gebootet
Benutzername   : SYSTEM
Computername   : ***-PC

Versionsinformationen:
BUILD.DAT      : 10.2.0.707     36070 Bytes  25.01.2012 12:53:00
AVSCAN.EXE     : 10.3.0.7      484008 Bytes  18.08.2011 18:13:48
AVSCAN.DLL     : 10.0.5.0       57192 Bytes  18.08.2011 18:13:48
LUKE.DLL       : 10.3.0.5       45416 Bytes  18.08.2011 18:13:49
LUKERES.DLL    : 10.0.0.0       13672 Bytes  14.01.2010 10:59:47
AVSCPLR.DLL    : 10.3.0.7      119656 Bytes  18.08.2011 18:13:50
AVREG.DLL      : 10.3.0.9       88833 Bytes  18.08.2011 18:13:49
VBASE000.VDF   : 7.10.0.0    19875328 Bytes  06.11.2009 09:26:17
VBASE001.VDF   : 7.11.0.0    13342208 Bytes  14.12.2010 19:24:58
VBASE002.VDF   : 7.11.19.170 14374912 Bytes  20.12.2011 16:45:26
VBASE003.VDF   : 7.11.21.238  4472832 Bytes  01.02.2012 18:48:19
VBASE004.VDF   : 7.11.26.44   4329472 Bytes  28.03.2012 19:18:05
VBASE005.VDF   : 7.11.29.136  2166272 Bytes  10.05.2012 12:32:04
VBASE006.VDF   : 7.11.29.137     2048 Bytes  10.05.2012 12:32:04
VBASE007.VDF   : 7.11.29.138     2048 Bytes  10.05.2012 12:32:04
VBASE008.VDF   : 7.11.29.139     2048 Bytes  10.05.2012 12:32:04
VBASE009.VDF   : 7.11.29.140     2048 Bytes  10.05.2012 12:32:04
VBASE010.VDF   : 7.11.29.141     2048 Bytes  10.05.2012 12:32:04
VBASE011.VDF   : 7.11.29.142     2048 Bytes  10.05.2012 12:32:05
VBASE012.VDF   : 7.11.29.143     2048 Bytes  10.05.2012 12:32:05
VBASE013.VDF   : 7.11.29.144     2048 Bytes  10.05.2012 12:32:05
VBASE014.VDF   : 7.11.30.3     198144 Bytes  14.05.2012 12:32:06
VBASE015.VDF   : 7.11.30.69    186368 Bytes  17.05.2012 12:32:07
VBASE016.VDF   : 7.11.30.143   223744 Bytes  21.05.2012 12:32:07
VBASE017.VDF   : 7.11.30.207   287744 Bytes  23.05.2012 12:32:08
VBASE018.VDF   : 7.11.30.208     2048 Bytes  23.05.2012 12:32:09
VBASE019.VDF   : 7.11.30.209     2048 Bytes  23.05.2012 12:32:09
VBASE020.VDF   : 7.11.30.210     2048 Bytes  23.05.2012 12:32:09
VBASE021.VDF   : 7.11.30.211     2048 Bytes  23.05.2012 12:32:09
VBASE022.VDF   : 7.11.30.212     2048 Bytes  23.05.2012 12:32:09
VBASE023.VDF   : 7.11.30.213     2048 Bytes  23.05.2012 12:32:09
VBASE024.VDF   : 7.11.30.214     2048 Bytes  23.05.2012 12:32:10
VBASE025.VDF   : 7.11.30.215     2048 Bytes  23.05.2012 12:32:10
VBASE026.VDF   : 7.11.30.216     2048 Bytes  23.05.2012 12:32:10
VBASE027.VDF   : 7.11.30.217     2048 Bytes  23.05.2012 12:32:10
VBASE028.VDF   : 7.11.30.218     2048 Bytes  23.05.2012 12:32:10
VBASE029.VDF   : 7.11.30.219     2048 Bytes  23.05.2012 12:32:10
VBASE030.VDF   : 7.11.30.220     2048 Bytes  23.05.2012 12:32:10
VBASE031.VDF   : 7.11.30.234    27648 Bytes  24.05.2012 12:32:11
Engineversion  : 8.2.10.68 
AEVDF.DLL      : 8.1.2.2       106868 Bytes  29.10.2011 13:13:36
AESCRIPT.DLL   : 8.1.4.19      455034 Bytes  24.05.2012 12:32:20
AESCN.DLL      : 8.1.8.2       131444 Bytes  28.01.2012 12:24:51
AESBX.DLL      : 8.2.5.5       606579 Bytes  13.03.2012 18:34:36
AERDL.DLL      : 8.1.9.15      639348 Bytes  09.09.2011 18:27:32
AEPACK.DLL     : 8.2.16.13     807287 Bytes  24.05.2012 12:32:19
AEOFFICE.DLL   : 8.1.2.28      201082 Bytes  30.04.2012 12:37:44
AEHEUR.DLL     : 8.1.4.28     4800886 Bytes  24.05.2012 12:32:18
AEHELP.DLL     : 8.1.21.0      254326 Bytes  24.05.2012 12:32:11
AEGEN.DLL      : 8.1.5.28      422260 Bytes  30.04.2012 12:37:30
AEEXP.DLL      : 8.1.0.40       82292 Bytes  24.05.2012 12:32:20
AEEMU.DLL      : 8.1.3.0       393589 Bytes  06.12.2010 15:29:10
AECORE.DLL     : 8.1.25.6      201078 Bytes  16.03.2012 14:56:23
AEBB.DLL       : 8.1.1.0        53618 Bytes  24.04.2010 13:22:54
AVWINLL.DLL    : 10.0.0.0       19304 Bytes  28.03.2011 14:14:57
AVPREF.DLL     : 10.0.3.2       44904 Bytes  18.08.2011 18:13:48
AVREP.DLL      : 10.0.0.10     174120 Bytes  18.08.2011 18:13:50
AVARKT.DLL     : 10.0.26.1     255336 Bytes  18.08.2011 18:13:48
AVEVTLOG.DLL   : 10.0.0.9      203112 Bytes  18.08.2011 18:13:48
SQLITE3.DLL    : 3.6.19.0      355688 Bytes  17.06.2010 13:27:02
AVSMTP.DLL     : 10.0.0.17      63848 Bytes  28.03.2011 14:14:57
NETNT.DLL      : 10.0.0.0       11624 Bytes  28.03.2011 14:15:04
RCIMAGE.DLL    : 10.0.0.35    2589544 Bytes  18.08.2011 18:13:44
RCTEXT.DLL     : 10.0.64.0      98664 Bytes  18.08.2011 18:13:44

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: C:\program files\avira\antivir desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: ignorieren
Sekundäre Aktion......................: umbenennen
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, D:, F:, 
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: ein
Optimierter Suchlauf..................: ein
Datei Suchmodus.......................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert

Beginn des Suchlaufs: Donnerstag, 24. Mai 2012  14:34

Der Suchlauf nach versteckten Objekten wird begonnen.
c:\adsm_pdata_0150\dragwait.exe
c:\adsm_pdata_0150\dragwait.exe
  [HINWEIS]   Die Datei ist nicht sichtbar.
c:\adsm_pdata_0150\_avt
c:\adsm_pdata_0150\_avt
  [HINWEIS]   Die Datei ist nicht sichtbar.
c:\adsm_pdata_0150\db\si.db
c:\adsm_pdata_0150\db\si.db
  [HINWEIS]   Die Datei ist nicht sichtbar.
c:\adsm_pdata_0150\db\ul.db
c:\adsm_pdata_0150\db\ul.db
  [HINWEIS]   Die Datei ist nicht sichtbar.
c:\adsm_pdata_0150\db\vl.db
c:\adsm_pdata_0150\db\vl.db
  [HINWEIS]   Die Datei ist nicht sichtbar.
c:\adsm_pdata_0150\db\wal.db
c:\adsm_pdata_0150\db\wal.db
  [HINWEIS]   Die Datei ist nicht sichtbar.
c:\adsm_pdata_0150\db\_avt
c:\adsm_pdata_0150\db\_avt
  [HINWEIS]   Die Datei ist nicht sichtbar.
c:\program files\asus\asus data security manager\driver\x86\asdsm.sys
c:\program files\asus\asus data security manager\driver\x86\asdsm.sys
  [HINWEIS]   Die Datei ist nicht sichtbar.
c:\program files\asus\asus data security manager\driver\x86\_avt
c:\program files\asus\asus data security manager\driver\x86\_avt
  [HINWEIS]   Die Datei ist nicht sichtbar.
c:\users\***\gesicherte musik\_avt
c:\users\***\gesicherte musik\_avt
  [HINWEIS]   Die Datei ist nicht sichtbar.
c:\users\***\gesicherte musik\_lit
c:\users\***\gesicherte musik\_lit
  [HINWEIS]   Die Datei ist nicht sichtbar.
c:\users\***\gesichertes dokument\_avt
c:\users\***\gesichertes dokument\_avt
  [HINWEIS]   Die Datei ist nicht sichtbar.
c:\users\***\gesichertes dokument\_lit
c:\users\***\gesichertes dokument\_lit
  [HINWEIS]   Die Datei ist nicht sichtbar.
c:\users\***\gesichertes video\_avt
c:\users\***\gesichertes video\_avt
  [HINWEIS]   Die Datei ist nicht sichtbar.
c:\users\***\gesichertes video\_lit
c:\users\***\gesichertes video\_lit
  [HINWEIS]   Die Datei ist nicht sichtbar.
c:\adsm_pdata_0150
c:\adsm_pdata_0150
  [HINWEIS]   Das Verzeichnis ist nicht sichtbar.
c:\adsm_pdata_0150\db
c:\adsm_pdata_0150\db
  [HINWEIS]   Das Verzeichnis ist nicht sichtbar.
c:\program files\asus\asus data security manager\driver\x86
c:\program files\asus\asus data security manager\driver\x86
  [HINWEIS]   Das Verzeichnis ist nicht sichtbar.
c:\users\***\gesicherte musik
c:\users\***\gesicherte musik
  [HINWEIS]   Das Verzeichnis ist nicht sichtbar.
c:\users\***\gesichertes dokument
c:\users\***\gesichertes dokument
  [HINWEIS]   Das Verzeichnis ist nicht sichtbar.
c:\users\***\gesichertes video
c:\users\***\gesichertes video
  [HINWEIS]   Das Verzeichnis ist nicht sichtbar.

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'plugin-container.exe' - '73' Modul(e) wurden durchsucht
Durchsuche Prozess 'firefox.exe' - '97' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '81' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '82' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'SynTPHelper.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '21' Modul(e) wurden durchsucht
Durchsuche Prozess 'CCC.exe' - '169' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnetwk.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'sidebar.exe' - '106' Modul(e) wurden durchsucht
Durchsuche Prozess 'ehmsas.exe' - '19' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnscfg.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'WDC.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'KBFiltr.exe' - '13' Modul(e) wurden durchsucht
Durchsuche Prozess 'ATKOSD.exe' - '13' Modul(e) wurden durchsucht
Durchsuche Prozess 'ACEngSvr.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'hpgs2wnf.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'phonostarTimer.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'ehtray.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'sidebar.exe' - '114' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'MOM.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'ASScrPro.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'ASUSTPE.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'DMedia.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'ADSMTray.exe' - '19' Modul(e) wurden durchsucht
Durchsuche Prozess 'SynTPEnh.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'RtHDVCpl.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'ACMON.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'BatteryLife.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'aspg.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'wcourier.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'ATKOSD2.exe' - '21' Modul(e) wurden durchsucht
Durchsuche Prozess 'MsgTranAgt.exe' - '13' Modul(e) wurden durchsucht
Durchsuche Prozess 'HControlUser.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'Hcontrol.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'ALU.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'sensorsrv.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '133' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '80' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dwm.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSvcM.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'VMCService.exe' - '69' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSVC.EXE' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'AssistantServices.exe' - '19' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'DVMExportService.exe' - '20' Modul(e) wurden durchsucht
Durchsuche Prozess 'LSSrvc.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'CLMSServerForPDVD11.exe' - '74' Modul(e) wurden durchsucht
Durchsuche Prozess 'CLMSMonitorService.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'CLHNServiceForPowerDVD.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '72' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '90' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'GFNEXSrv.exe' - '12' Modul(e) wurden durchsucht
Durchsuche Prozess 'ASLDRSrv.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'ADSMSrv.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '89' Modul(e) wurden durchsucht
Durchsuche Prozess 'Ati2evxx.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '86' Modul(e) wurden durchsucht
Durchsuche Prozess 'SLsvc.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '152' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '115' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'Ati2evxx.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht

Untersuchung der Systemdateien wird begonnen:
Signiert -> 'C:\Windows\system32\svchost.exe'
Signiert -> 'C:\Windows\system32\winlogon.exe'
Signiert -> 'C:\Windows\explorer.exe'
Signiert -> 'C:\Windows\system32\smss.exe'
Signiert -> 'C:\Windows\system32\wininet.DLL'
Signiert -> 'C:\Windows\system32\wsock32.DLL'
Signiert -> 'C:\Windows\system32\ws2_32.DLL'
Signiert -> 'C:\Windows\system32\services.exe'
Signiert -> 'C:\Windows\system32\lsass.exe'
Signiert -> 'C:\Windows\system32\csrss.exe'
Signiert -> 'C:\Windows\system32\drivers\kbdclass.sys'
Signiert -> 'C:\Windows\system32\spoolsv.exe'
Signiert -> 'C:\Windows\system32\alg.exe'
Signiert -> 'C:\Windows\system32\wuauclt.exe'
Signiert -> 'C:\Windows\system32\advapi32.DLL'
Signiert -> 'C:\Windows\system32\user32.DLL'
Signiert -> 'C:\Windows\system32\gdi32.DLL'
Signiert -> 'C:\Windows\system32\kernel32.DLL'
Signiert -> 'C:\Windows\system32\ntdll.DLL'
Signiert -> 'C:\Windows\system32\ntoskrnl.exe'
Signiert -> 'C:\Windows\system32\ctfmon.exe'
Die Systemdateien wurden durchsucht ('21' Dateien)

Der Suchlauf über die Masterbootsektoren wird begonnen:
Masterbootsektor HD0
    [INFO]      Es wurde kein Virus gefunden!
Masterbootsektor HD1
    [INFO]      Es wurde kein Virus gefunden!

Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'C:\'
    [INFO]      Es wurde kein Virus gefunden!
Bootsektor 'D:\'
    [INFO]      Es wurde kein Virus gefunden!
Bootsektor 'F:\'
    [INFO]      Es wurde kein Virus gefunden!

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '1341' Dateien ).


Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\' <VistaOS>
C:\Users\***\AppData\Local\Temp\jar_cache4692600414266073803.tmp
  [0] Archivtyp: ZIP
  [HINWEIS]   Eine Sicherungskopie wurde unter dem Namen 56d89f15.qua erstellt ( QUARANTÄNE )
  --> Etui.class
      [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/Dldr.Small.CK
  --> ica.class
      [FUND]      Enthält Erkennungsmuster des Exploits EXP/12-0507.AM.2
  --> nee.class
      [FUND]      Enthält Erkennungsmuster des Exploits EXP/08-5353.AJ
  --> ovm.class
      [FUND]      Enthält Erkennungsmuster des Exploits EXP/JAVA.Ternub.Gen
  --> tyu.class
      [FUND]      Enthält Erkennungsmuster des Exploits EXP/11-3544.FB
  --> ulk.class
      [FUND]      Enthält Erkennungsmuster des Exploits EXP/JAVA.Ternub.Gen
  --> yte.class
      [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/Dldr.Small.CL
Beginne mit der Suche in 'D:\' <DATA>
Beginne mit der Suche in 'F:\' <Volume>


Ende des Suchlaufs: Donnerstag, 24. Mai 2012  17:04
Benötigte Zeit:  2:30:13 Stunde(n)

Der Suchlauf wurde vollständig durchgeführt.

  40318 Verzeichnisse wurden überprüft
 1065207 Dateien wurden geprüft
      7 Viren bzw. unerwünschte Programme wurden gefunden
      0 Dateien wurden als verdächtig eingestuft
      0 Dateien wurden gelöscht
      0 Viren bzw. unerwünschte Programme wurden repariert
      1 Dateien wurden in die Quarantäne verschoben
      0 Dateien wurden umbenannt
      0 Dateien konnten nicht durchsucht werden
 1065200 Dateien ohne Befall
   5244 Archive wurden durchsucht
      0 Warnungen
     22 Hinweise
 965525 Objekte wurden beim Rootkitscan durchsucht
     21 Versteckte Objekte wurden gefunden

hijackthis:

Code:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:49:56, on 25.05.2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
C:\Program Files\ATK Hotkey\HControlUser.exe
C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Windows\System32\ASUSTPE.exe
C:\Windows\ASScrPro.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\phonostar-Player\phonostarTimer.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\hijackthis\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.linkury.com/newtab.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} - (no file)
O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)
O4 - HKLM\..\Run: [HControlUser] "C:\Program Files\ATK Hotkey\HcontrolUser.exe"
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ADSMTray] C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ASUSTPE] C:\Windows\system32\ASUSTPE.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [phonostar-PlayerTimer] "C:\Program Files\phonostar-Player\phonostarTimer.exe"
O4 - Global Startup: FancyStart daemon.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: An vorhandenes PDF anfügen - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI832F~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: CLHNServiceForPowerDVD - Unknown owner - C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
O23 - Service: CyberLink PowerDVD 11.0 Monitor Service - CyberLink - C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
O23 - Service: CyberLink PowerDVD 11.0 Service - CyberLink - C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update-Dienst (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: DVM Meta Data Export Service (MDES) - DeviceVM - C:\ASUS.SYS\DVMExportService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: RMWPService - Apache Software Foundation - C:\Program Files\Reference Manager 12\WebPublisher\thirdparty\Apache2\bin\RMWP_Apache_Admin.exe
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010\RpcAgentSrv.exe
O23 - Service: UI Assistant Service - Unknown owner - C:\Program Files\Mobile Partner Manager\AssistantServices.exe
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe

--
End of file - 10442 bytes

OTL:

Code:

OTL Extras logfile created on: 24.05.2012 19:15:57 - Run 1
OTL by OldTimer - Version 3.2.43.1     Folder = C:\Users\***\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,57 Gb Available Physical Memory | 52,39% Memory free
6,20 Gb Paging File | 4,86 Gb Available in Paging File | 78,36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 138,00 Gb Free Space | 59,26% Space Free | Partition Type: NTFS
Drive D: | 221,16 Gb Total Space | 119,13 Gb Free Space | 53,87% Space Free | Partition Type: NTFS
Drive E: | 439,89 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 465,76 Gb Total Space | 455,05 Gb Free Space | 97,70% Space Free | Partition Type: NTFS
 
Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft OfficeXp\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft OfficeXp\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLCblueray\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [MediaMonkey.1Play] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)
Directory [MediaMonkey.2PlayNext] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)
Directory [MediaMonkey.3Enqueue] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLCblueray\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00314F2A-E40A-4061-87F5-CE2FF1D99872}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{08988F40-DF08-44A5-B64A-85C4CA27078C}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{0F311C91-4EAC-4A53-B3DD-64B67F1CDD72}" = rport=445 | protocol=6 | dir=out | app=system | 
"{21982B59-3185-483E-9B3B-1DE1201C41D7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{24472726-077A-481D-B9F3-5CBE68B81589}" = lport=138 | protocol=17 | dir=in | app=system | 
"{39B62F5F-0BBC-444D-B60B-A129D94A2649}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{3C53F47E-AD5E-470C-91D7-5F8CD593CA93}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{49856363-5B4E-45BD-B934-56A1A1E4D4F9}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{60E20FA4-471F-493B-AC53-7EBC70497B8D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{61A3CB33-73B2-42CD-AD55-0F92A7D512CE}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{6227544C-3A9C-48D1-8E95-0DC08BA9026D}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{69C1105B-B2D2-4348-9E68-991EAB7808D9}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{6D115A2A-D13B-430B-8C09-0EFDD6CAAB9F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{8A010C35-ACAE-4CBB-A3EC-E55C042811BC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{8C3C01BA-7032-4CA8-938C-3FADB5995A39}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\rpcagentsrv.exe | 
"{A3035336-7A73-4F0C-BD03-E03647156D35}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{A95C92B4-1A6C-4AB0-A9B4-D9DEC7A60E21}" = rport=137 | protocol=17 | dir=out | app=system | 
"{AD2C0C0A-01A2-48F7-8419-7CDA655440F1}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{B8C47D09-9FE9-4093-A9C9-724A5EC5841D}" = lport=445 | protocol=6 | dir=in | app=system | 
"{C680A807-3466-42EE-A88B-AFB24A4DFDCE}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{C72E63FF-C52F-448E-878F-451ED3916170}" = lport=137 | protocol=17 | dir=in | app=system | 
"{C87BD488-31B4-476C-A773-0755D334339B}" = rport=139 | protocol=6 | dir=out | app=system | 
"{CD1283B9-6447-4A20-BF94-D271930AF98F}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 | 
"{D0531F20-AD3C-4D02-890C-B7DD44494710}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{D382D1FD-B4C1-4082-8862-32BCD31B07CE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{D43ED587-120B-4A1E-BC79-11388A3650B5}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{D4695925-1440-4497-AAA4-56AB48C146B0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{E9DC357D-9DF6-4E4B-838E-CEB7D4B5EA07}" = rport=138 | protocol=17 | dir=out | app=system | 
"{F436C566-AA9E-4C14-A01B-7ACD2D506BD6}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{F8DF85B2-EB8D-4FE9-B8D2-1D63203CF71D}" = lport=139 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{072B4045-623C-48E5-A7D6-DAB65CB2BE76}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{08A42082-FF43-4826-A31A-A59B61AB9FAE}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet 6500 e710a-f\bin\hpnetworkcommunicator.exe | 
"{0AEB36D3-C19C-455F-9A06-835C53C224B3}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet 6500 e710a-f\bin\hpnetworkcommunicator.exe | 
"{0F453290-670C-4DBC-8B04-74315407BA72}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet 6500 e710a-f\bin\devicesetup.exe | 
"{10422751-A2B5-401E-ADB4-40FF76DBDDC8}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd9.exe | 
"{1A782211-F135-49B3-B975-926CA5864872}" = dir=in | app=c:\program files\cyberlink\powerdvd11\powerdvd11.exe | 
"{225C00AE-1BFB-407D-9E90-905D01723B30}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{2732CF4D-CD62-4A99-AA4F-F74D4EBD77F6}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{2BFA74AB-3967-40D7-BF55-D8BFD53B8C4F}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe | 
"{2C9BC4DC-5763-49AD-8AC1-080E9C37EF1D}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{30F49C9E-FD9D-40D4-B6CA-F7489D8F9FD5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{3AEBAD32-3F28-481B-9A53-24771732FD6A}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{40A3B424-2CB9-41BC-A85B-0F3DABF2674B}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | 
"{410DDD05-8537-4C22-AC23-3B4B806EB11E}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{59407F72-ECB6-4070-8BB8-7B61BB47374A}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe | 
"{715EA083-68C8-4E5E-9CE3-83D5F05F8028}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{75BD6FCE-F412-4979-A36C-BE77C14433B0}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{80D7A3F0-C170-4D34-B66B-A75B03701099}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{89A89B76-8C53-4174-BEB1-662D74570C2F}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{97257A9E-B9FF-46BA-8165-BBCA5287718B}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{9D4F2DB8-9A10-4389-9129-05910538F54A}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\rpcagentsrv.exe | 
"{9EFE1365-79AA-48B5-8D06-E334089EE72E}" = dir=in | app=c:\program files\cyberlink\powerdvd11\common\mediaserver\clmsserverforpdvd11.exe | 
"{9F570117-2525-4AE7-9927-B3BC069EC6A7}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet 6500 e710a-f\bin\devicesetup.exe | 
"{A07D750D-641B-4AD0-9EFC-255728B56D0D}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{A2B83277-13C5-4810-BE3A-97F819BB10B8}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe | 
"{AAEC1112-DBB8-413B-B9CA-DE04D9F06A01}" = dir=in | app=c:\program files\cyberlink\powerdvd11\movie\powerdvd cinema\powerdvdcinema11.exe | 
"{B20F92DF-721B-42A0-A83F-D3E5EBD497C6}" = dir=in | app=c:\program files\cyberlink\powerdvd11\pdvd11serv.exe | 
"{C0077E66-9DA5-41BB-AA53-635DEEDB8195}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{D52EB0A4-6EB2-403C-A245-339415BE5262}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
"{E9C3C253-D212-40FC-884D-04B7CA9E2FCC}" = protocol=6 | dir=in | app=c:\program files\veetle\player\veetlenet.exe | 
"{ED51510F-53B3-452B-84C3-5275BD9299F1}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"TCP Query User{0B923A8C-5BC0-400E-90DC-4B29703A00AA}C:\users\***\appdata\local\radiosure\radiosure.exe" = protocol=6 | dir=in | app=c:\users\***\appdata\local\radiosure\radiosure.exe | 
"TCP Query User{36E5536E-CD2C-4474-B1F9-84B4031A0174}C:\program files\phonostar-player\phonostar.exe" = protocol=6 | dir=in | app=c:\program files\phonostar-player\phonostar.exe | 
"TCP Query User{45E9E4AA-03BF-4891-8B61-E6411E4B5917}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{5CBD3EB1-97CB-4E98-9227-A3B6C91AD461}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"TCP Query User{5D629FDB-23B0-427C-B520-D622676C8C29}C:\program files\phonostar-player\phonostar.exe" = protocol=6 | dir=in | app=c:\program files\phonostar-player\phonostar.exe | 
"TCP Query User{5EEBFFC4-C897-4D31-9F3E-96522A625A67}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{636E678C-F991-4D9D-A020-710B09233778}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"TCP Query User{751D1AFC-BAC0-4A6F-AA70-2F40970339E0}C:\program files\zattoo\zattood.exe" = protocol=6 | dir=in | app=c:\program files\zattoo\zattood.exe | 
"TCP Query User{AAFAAF42-C900-4E89-8DBA-5029F74D7C72}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{AB07017E-06EA-4B27-84C2-0CDB90D01EEB}C:\program files\napster\napster.exe" = protocol=6 | dir=in | app=c:\program files\napster\napster.exe | 
"TCP Query User{D1BDA1B4-7A6B-4C85-B65B-2E1FCD8C32C5}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"TCP Query User{D5EF1DC5-386E-43D0-A229-7239F988C984}C:\program files\napster\napster.exe" = protocol=6 | dir=in | app=c:\program files\napster\napster.exe | 
"TCP Query User{E452B15D-5D13-4CB9-84C5-EFC4D9C1BF9B}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"TCP Query User{F887FA42-BE85-4B99-A7C9-BDEB26FC52D3}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe | 
"UDP Query User{023EE6BC-E56A-487C-93F8-713B414F8B97}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"UDP Query User{05CA6B36-F35A-4529-AC63-ABEE008EDA55}C:\program files\phonostar-player\phonostar.exe" = protocol=17 | dir=in | app=c:\program files\phonostar-player\phonostar.exe | 
"UDP Query User{1188CCB1-97A3-4366-936C-ABDEB4A4AE6C}C:\program files\zattoo\zattood.exe" = protocol=17 | dir=in | app=c:\program files\zattoo\zattood.exe | 
"UDP Query User{14544B85-3676-4FF4-8641-7E7584768C14}C:\program files\napster\napster.exe" = protocol=17 | dir=in | app=c:\program files\napster\napster.exe | 
"UDP Query User{20449CDB-278E-45C5-B010-D1B31CF0C054}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{226843DE-23E4-4553-AC72-461023575057}C:\program files\phonostar-player\phonostar.exe" = protocol=17 | dir=in | app=c:\program files\phonostar-player\phonostar.exe | 
"UDP Query User{348FF0AD-641E-4BA2-A33A-592F9A5F4DC2}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe | 
"UDP Query User{38EB0727-1270-4997-9229-4CEAA7BE74A1}C:\users\***\appdata\local\radiosure\radiosure.exe" = protocol=17 | dir=in | app=c:\users\***\appdata\local\radiosure\radiosure.exe | 
"UDP Query User{6DAEB697-8627-4E10-94A9-7FDA9F8BA448}C:\program files\napster\napster.exe" = protocol=17 | dir=in | app=c:\program files\napster\napster.exe | 
"UDP Query User{781C8710-6AE4-4559-83FF-D3C3D3F87D73}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"UDP Query User{8398616B-67F4-48CA-86A9-783F6D81B276}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"UDP Query User{B8FDE6B0-4922-4F33-86BC-C20F58C70B22}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{C1F20795-F047-4755-8EEC-20A1957914FC}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"UDP Query User{E6AC3C4D-9A87-435E-8BE0-8BCBC4EF638E}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{005B94DC-2954-CC01-27C4-2D369D037EE0}" = CCC Help Polish
"{0138F525-6C8A-333F-A105-14AE030B9A54}" = Visual C++ 9.0 CRT (x86) WinSXS MSM
"{024AA2AC-FFA9-1806-6BB5-B7725E81B133}" = CCC Help Greek
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{067CA42C-B66D-9995-041D-39A998AC0DB9}" = CCC Help Japanese
"{078B7B83-4F8E-30F3-1F6C-27CB7A58B34F}" = CCC Help Portuguese
"{07AD1E36-8AF3-54AA-3ADF-757FF315BA0B}" = Catalyst Control Center Graphics Previews Vista
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{0849C3F0-2084-8CBF-3C7C-ADBBE2F4C885}" = Catalyst Control Center InstallProxy
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0C3D4387-58C3-03FA-9250-E80587ED1970}" = Catalyst Control Center Localization French
"{0C8EBB00-4909-459C-8347-B2068B7F0319}" = CyberLink DVD Menu Template Pack
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software  1.14.17.1
"{0EE024E4-7A22-5C59-CB86-D2163B4A5940}" = Catalyst Control Center Graphics Full Existing
"{0F3C61B5-3051-4DE6-8A6A-45100BCC1F41}" = Dolby Control Center
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{12E6E331-91E3-2964-5E42-FD5101EC1924}" = Skins
"{13303431-D0FE-AA95-BEBB-DD936E89129D}" = CCC Help French
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{179AF346-87A7-047D-3034-08D379B06512}" = Catalyst Control Center Localization Danish
"{180C2A98-E757-3FE1-9118-3106F696AD64}" = CCC Help Finnish
"{1821904F-DAD2-ADF5-8F1C-32AA87DA9099}" = CCC Help Thai
"{19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}" = CyberLink InstantBurn
"{1B003CCD-DD4C-C45A-5E64-CF2F677735E4}" = Catalyst Control Center Localization Hungarian
"{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}" = ASUS Data Security Manager
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20E2C98F-37F6-3AEE-3EEB-0817E40C1B5E}" = Catalyst Control Center Localization Thai
"{214B35FA-D554-BA98-C46D-8543CE723D59}" = Catalyst Control Center Localization Turkish
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23990464-BE2A-1041-2436-A9EA742B84D4}" = Catalyst Control Center Graphics Light
"{24638AD1-5F7E-9900-147E-B3EEA1B84EAE}" = Napster 5.0 Beta
"{2480C7AD-DD7D-26B4-E4A0-04CAC853ADAF}" = Catalyst Control Center Localization Greek
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{28F5F2A0-6A42-FB10-9468-8218592804A6}" = CCC Help Italian
"{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}" = CyberLink BD_3D Advisor 2.0
"{2F8C0EC4-ECCE-35D3-163D-B1BE983C902E}" = Catalyst Control Center Localization Japanese
"{308A38F5-3061-64FE-698C-9E30BE7AE7F4}" = Catalyst Control Center Localization Dutch
"{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}" = CyberLink WaveEditor
"{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{37B93E3B-991E-0E7E-DD8E-F5836622397F}" = ATI Catalyst Install Manager
"{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey
"{39758F7A-E763-917E-E7BE-081561D0D9AB}" = CCC Help Norwegian
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A08B59E-A9F0-4F4D-B7E5-6875D7F13327}" = Brother MFL-Pro Suite MFC-250C
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A608351-5980-4A47-AE08-3742C55B4016}" = Windows Live Family Safety
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{3B939E1F-6E91-D459-1876-685B0C152704}" = Catalyst Control Center Localization Swedish
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{47ECCB1F-2811-49C0-B6A7-26778639ABA0}" = 32 Bit HP CIO Components Installer
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4DD0A3FE-82C3-3DF4-019F-2F1F71032830}" = ccc-core-static
"{58C613C0-74A9-2753-FDDB-7E250DA1A775}" = CCC Help Chinese Standard
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{62CF8923-31DC-4285-A23C-17CE5AA6A679}" = Express Gate
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{64F12E84-C845-6131-ACC4-71E884E58D32}" = Catalyst Control Center Localization Italian
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Apple Application Support
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{6B8C292E-38D1-70BC-200B-08A855200B56}" = Catalyst Control Center Localization Chinese Traditional
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73E17E13-EE46-1D1A-7240-C9B17FA07A58}" = CCC Help Hungarian
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{7DE5AA66-A8CE-8689-2A1A-C7D679EDD038}" = CCC Help Chinese Traditional
"{804EC25F-031C-692F-9FEF-F9EC6E9A5BFF}" = CCC Help Swedish
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{88E9BEAC-B245-9C4E-C4F0-F5D8918CF8E8}" = CCC Help Czech
"{89B6F63A-7E0C-424A-9D39-C4EF59E96D78}" = hppQFolderP2050
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BCAC105-C501-41F9-AED1-587024ABCA8C}" = Reference Manager 12 Professional Edition
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{90F80407-6000-11D3-8CFE-0150048383C9}" = Tool zum Entfernen verborgener Daten
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{94F29521-B6BB-ADBF-183A-4DEFD1CB123A}" = Catalyst Control Center Localization Korean
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0120-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{958B08B0-C784-4A77-8D2B-C0A58F1E14B5}" = HP Officejet 6500 E710a-f Hilfe
"{96B51C0B-D3BE-4DF3-959C-28B22C10CFBB}" = Vodafone Mobile Connect Lite
"{976AF33B-E8BB-968F-D2E9-2956ECCDB695}" = Catalyst Control Center Localization Spanish
"{995F2783-8311-49BF-833E-DB659774B4F6}" = hppFonts
"{9A01320F-7C1D-8B61-B96D-6F62C0662B62}" = Catalyst Control Center Localization Norwegian
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear eXtreme
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C450606-ED24-4958-92BA-B8940C99D441}" = PixiePack Codec Pack
"{A13F629F-58F2-4820-81AC-356956B4AF08}" = CCC Help Danish
"{A5B8FB6E-2D93-EA96-41D2-0A8DE245463E}" = ccc-utility
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A8AE28A8-7A3C-DA73-B71B-F0E1E934184F}" = Catalyst Control Center Localization Portuguese
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = Mobile Partner Manager
"{AB3C268A-E54B-4F6D-BF97-2DFCEEFA94F5}" = Catalyst Control Center - Branding
"{AC18C2B2-32A3-1405-4404-7A299E804D53}" = Catalyst Control Center Localization Czech
"{AC76BA86-1033-F400-7760-000000000003}" = Adobe Acrobat 8 Professional - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch
"{ACA1C809-F50A-B6EA-B7AE-D1E46ABDDF15}" = Catalyst Control Center Graphics Previews Common
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = CyberLink PowerBackup
"{AF389D43-5DE7-39F6-947B-985F0F722E2F}" = CCC Help Spanish
"{AFE40488-240F-311D-65AB-C5081016DD5A}" = Catalyst Control Center Localization German
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B50A4BE8-906F-5E89-825D-7A194F77F915}" = Catalyst Control Center Localization Russian
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BD69DAB8-E483-4E45-A052-16D1C360B67D}" = hppusgP2050
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2296}_is1" = SiSoftware Sandra Lite 2010
"{C49EE0A6-96F1-D141-EFB8-525930D8E3F0}" = CCC Help Korean
"{C51975DE-6450-4B3A-908F-5CA91494B1D3}" = HP Officejet 6500 E710a-f - Grundlegende Software für das Gerät
"{C5245592-6EB6-9D13-55FE-D360A9F5CC97}" = CCC Help Turkish
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CDC072CD-AB8C-6958-DE84-6FA2236E973C}" = CCC Help German
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D2D58C26-6BF8-5203-340E-190CF5B7E23B}" = CCC Help Dutch
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D86BEAB5-9A12-E681-2B27-14F45D78439E}" = Catalyst Control Center Graphics Full New
"{DA41F9E9-B878-467F-95E7-27E4D1943533}" = Multimedia Card Reader
"{DB891739-2EB3-45A8-9CBD-941C255CECD4}" = ASUS Touch Pad Extra
"{DBBA3B20-3D85-6426-F00A-F8AFA81D581C}" = Catalyst Control Center Localization Polish
"{DC35EF73-C7BD-4452-A793-4269990E1EA3}" = Windows Live Movie Maker-Betaversion
"{DC905847-D537-427F-BF91-47CC7ACCDE58}" = ASUS FancyStart
"{DD2D3F4B-BF4F-85C9-1A0F-913D80407B2E}" = Catalyst Control Center Localization Finnish
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{E3455E2A-A26D-0632-D088-6ACC10C1F9F8}" = CCC Help English
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EDC08986-48D6-41aa-BCE1-F63FDB63CF6D}" = GraphPad Prism 5 (Trial)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F232C87C-6E92-4775-8210-DFE90B7777D9}" = CyberLink PowerDVD 11
"{F2724B69-2CAF-E4F8-A05D-82D858970092}" = Catalyst Control Center Localization Chinese Standard
"{F2C6DD1F-B4ED-A876-8B1D-293A1760C1F8}" = CCC Help Russian
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB0C267C-8B4F-4867-8161-A6A3B66D42C1}" = Marketsplash Schnellzugriffe
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FE875E53-A922-87D5-DF74-E030D41C54D7}" = Catalyst Control Center Core Implementation
"7-Zip" = 7-Zip 4.65
"Adobe Acrobat 8 Professional - English, Français, Deutsch" = Adobe Acrobat 8.1.3 Professional
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"Chromas" = Chromas
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.Rhapsody.Napster5" = Napster 5.0 Beta
"FreePDF_XP" = FreePDF (Remove only)
"GPL Ghostscript 8.70" = GPL Ghostscript 8.70
"GraphPad InStat_is1" = GraphPad InStat 3 (Trial)
"HP Fotodruck-Programm" = HP Fotodruck-Programm
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}" = CyberLink WaveEditor
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{ADD5DB49-72CF-11D8-9D75-000129760D75}" = CyberLink PowerBackup
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"InstallShield_{F232C87C-6E92-4775-8210-DFE90B7777D9}" = CyberLink PowerDVD 11
"ISI ResearchSoft - Export Helper" = ISI ResearchSoft - Export Helper
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"MediaMonkey_is1" = MediaMonkey 3.2
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 12.0 (x86 de)" = Mozilla Firefox 12.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"phonostar3RadioPlayer_is1" = phonostar-Player Version 3.02.5
"Picasa 3" = Picasa 3
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"Secure Eraser_is1" = Secure Eraser v4.0
"SopCast" = SopCast 3.5.0
"ST6UNST #1" = Langenscheidt Vokabeltrainer
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TreeSize Free_is1" = TreeSize Free V2.7
"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam
"USB Mass Storage Filter Driver" = Multimedia Card Reader
"Veetle TV" = Veetle TV
"VLC media player" = VLC media player 2.0.0-rc1-20120129-0209
"vShare.tv plugin" = vShare.tv plugin 1.3
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinLiveSuite_Wave3" = Windows Live Essentials
"Zattoo" = Zattoo 3.3.4 Beta
"Zattoo4" = Zattoo4 4.0.4
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 17.01.2012 16:03:36 | Computer Name = ***-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
Error - 18.01.2012 11:44:24 | Computer Name = ***-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
Error - 19.01.2012 15:55:35 | Computer Name = ***-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
Error - 20.01.2012 12:44:37 | Computer Name = ***-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
Error - 21.01.2012 05:04:14 | Computer Name = ***-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
Error - 21.01.2012 16:54:35 | Computer Name = ***-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 22.01.2012 04:16:13 | Computer Name = ***-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
Error - 23.01.2012 03:30:25 | Computer Name = ***-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
Error - 23.01.2012 14:09:32 | Computer Name = ***-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
Error - 24.01.2012 02:39:43 | Computer Name = ***-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
[ System Events ]
Error - 23.05.2012 04:59:25 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 23.05.2012 05:01:19 | Computer Name = ***-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
Error - 23.05.2012 06:37:47 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 23.05.2012 06:39:15 | Computer Name = ***-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
Error - 23.05.2012 12:06:55 | Computer Name = ***-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 24.05.2012 04:20:01 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 24.05.2012 04:20:57 | Computer Name = ***-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
Error - 24.05.2012 08:30:14 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 24.05.2012 08:31:10 | Computer Name = ***-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
Error - 24.05.2012 12:06:07 | Computer Name = ***-PC | Source = DCOM | ID = 10016
Description = 
 
 
< End of report >

Code:

OTL logfile created on: 24.05.2012 19:15:57 - Run 1
OTL by OldTimer - Version 3.2.43.1     Folder = C:\Users\***\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,57 Gb Available Physical Memory | 52,39% Memory free
6,20 Gb Paging File | 4,86 Gb Available in Paging File | 78,36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 138,00 Gb Free Space | 59,26% Space Free | Partition Type: NTFS
Drive D: | 221,16 Gb Total Space | 119,13 Gb Free Space | 53,87% Space Free | Partition Type: NTFS
Drive E: | 439,89 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 465,76 Gb Total Space | 455,05 Gb Free Space | 97,70% Space Free | Partition Type: NTFS
 
Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.05.24 19:13:22 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
PRC - [2012.03.15 17:21:24 | 000,041,472 | ---- | M] () -- C:\Program Files\phonostar-Player\phonostarTimer.exe
PRC - [2011.10.12 04:01:17 | 000,292,136 | ---- | M] (CyberLink) -- C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
PRC - [2011.10.12 04:01:08 | 000,075,048 | ---- | M] (CyberLink) -- C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
PRC - [2011.09.14 15:48:18 | 000,083,240 | ---- | M] () -- C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
PRC - [2011.08.18 20:13:48 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.03.28 16:15:17 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.03.28 16:15:04 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011.03.28 16:14:56 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.01.13 19:14:00 | 000,247,296 | ---- | M] () -- C:\Program Files\Mobile Partner Manager\AssistantServices.exe
PRC - [2009.09.18 18:48:28 | 000,009,216 | ---- | M] (Vodafone) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
PRC - [2009.04.11 15:29:37 | 000,033,136 | ---- | M] () -- C:\Windows\ASScrPro.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.12.10 00:00:58 | 000,297,528 | ---- | M] (ASUS) -- C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
PRC - [2008.10.21 18:57:30 | 000,307,200 | -H-- | M] (DeviceVM) -- C:\ASUS.SYS\DVMExportService.exe
PRC - [2008.07.16 13:00:59 | 006,253,088 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.07.15 20:29:00 | 007,651,328 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2008.07.10 02:09:26 | 000,191,032 | ---- | M] (ATK) -- C:\Program Files\P4G\BatteryLife.exe
PRC - [2008.06.25 04:01:08 | 000,159,744 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Media\DMedia.exe
PRC - [2008.06.19 21:18:12 | 000,154,168 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe
PRC - [2008.06.04 02:29:08 | 000,851,968 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exe
PRC - [2008.04.01 08:09:30 | 000,266,240 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
PRC - [2008.03.31 11:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2008.02.02 00:17:26 | 000,233,472 | ---- | M] (ATK0100) -- C:\Program Files\ATK Hotkey\Hcontrol.exe
PRC - [2008.01.23 19:51:28 | 000,151,552 | ---- | M] () -- C:\Program Files\ATK Hotkey\WDC.exe
PRC - [2008.01.12 07:40:10 | 000,098,304 | ---- | M] () -- C:\Program Files\ATK Hotkey\HControlUser.exe
PRC - [2007.12.04 19:57:06 | 002,486,272 | ---- | M] () -- C:\Program Files\ATK Hotkey\ATKOSD.exe
PRC - [2007.11.30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe
PRC - [2007.11.05 04:48:06 | 000,106,496 | ---- | M] () -- C:\Program Files\ATK Hotkey\MsgTranAgt.exe
PRC - [2007.10.12 06:44:28 | 000,106,496 | ---- | M] (ASUS) -- C:\Windows\System32\ASUSTPE.exe
PRC - [2007.10.03 06:53:00 | 000,094,208 | ---- | M] () -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe
PRC - [2007.08.15 20:20:16 | 000,106,496 | ---- | M] () -- C:\Program Files\ATK Hotkey\KBFiltr.exe
PRC - [2007.08.08 09:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
PRC - [2007.07.06 01:53:44 | 001,040,384 | ---- | M] () -- C:\Program Files\Wireless Console 2\wcourier.exe
PRC - [2005.07.07 00:43:42 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exe
PRC - [2001.07.03 09:17:04 | 000,065,536 | ---- | M] () -- C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.05.21 18:20:55 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll
MOD - [2012.05.21 18:20:51 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ef684a2ee2f7276eec3973a0654d2bd4\System.Web.ni.dll
MOD - [2012.05.21 18:20:18 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll
MOD - [2012.05.21 18:20:12 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\1b337cf9a031145849bc48c11b2cfe58\Accessibility.ni.dll
MOD - [2012.05.21 13:25:01 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll
MOD - [2012.05.21 13:24:32 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e4d54640bacd18e047a4573cb4611bd3\System.Windows.Forms.ni.dll
MOD - [2012.05.21 13:24:23 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5d8696f15e49aedf883dd945806a7049\System.Drawing.ni.dll
MOD - [2012.05.21 13:23:24 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012.05.21 13:23:09 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
MOD - [2012.03.15 17:21:24 | 000,041,472 | ---- | M] () -- C:\Program Files\phonostar-Player\phonostarTimer.exe
MOD - [2012.02.06 02:41:26 | 000,450,400 | ---- | M] () -- C:\Program Files\ASCOMP Software\Secure Eraser\SecEraser32.dll
MOD - [2009.04.11 15:29:37 | 000,033,136 | ---- | M] () -- C:\Windows\ASScrPro.exe
MOD - [2009.04.11 14:44:34 | 001,691,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3219.36943__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2009.04.11 14:44:34 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3219.37086__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2009.04.11 14:44:34 | 000,278,528 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3219.36921__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2009.04.11 14:44:34 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3219.36946__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2009.04.11 14:44:34 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3219.37053__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2009.04.11 14:44:34 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3219.37023__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2009.04.11 14:44:34 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3219.36938__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2009.04.11 14:44:34 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3219.36998__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2009.04.11 14:44:34 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3219.36931__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2009.04.11 14:44:21 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3219.37088__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2009.04.11 14:44:21 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3219.36930__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2009.04.11 14:44:20 | 000,356,352 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3219.37031__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2009.04.11 14:44:20 | 000,147,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3219.37085__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll
MOD - [2009.04.11 14:44:20 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3219.37032__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2009.04.11 14:44:20 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3219.37030__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2009.04.11 14:44:20 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3219.37084__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2009.04.11 14:44:19 | 000,811,008 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3219.37002__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2009.04.11 14:44:19 | 000,720,896 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3219.36933__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2009.04.11 14:44:19 | 000,589,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3219.36948__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2009.04.11 14:44:19 | 000,450,560 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3219.36993__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2009.04.11 14:44:19 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3219.37044__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2009.04.11 14:44:19 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3219.37021__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2009.04.11 14:44:19 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3219.36954__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2009.04.11 14:44:19 | 000,225,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3219.36947__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2009.04.11 14:44:19 | 000,122,880 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3219.37017__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2009.04.11 14:44:19 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3219.37001__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2009.04.11 14:44:19 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3219.36998__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2009.04.11 14:44:19 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3219.36953__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2009.04.11 14:44:19 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3219.37016__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2009.04.11 14:44:19 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3219.37020__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2009.04.11 14:44:18 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3219.37000__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2009.04.11 14:44:18 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3219.37000__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2009.04.11 14:44:18 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3184.27483__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2009.04.11 14:44:18 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3184.27484__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2009.04.11 14:44:18 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3184.27511__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2009.04.11 14:44:18 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3184.27499__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2009.04.11 14:44:18 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3184.27491__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2009.04.11 14:44:18 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3184.27510__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2009.04.11 14:44:18 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3184.27511__90ba9c70f846762e\DEM.OS.dll
MOD - [2009.04.11 14:44:18 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2009.04.11 14:44:18 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3184.27506__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2009.04.11 14:44:18 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3184.27533__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2009.04.11 14:44:18 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3184.27509__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2009.04.11 14:44:18 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3184.27533__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2009.04.11 14:44:18 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2009.04.11 14:44:17 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3184.27520__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2009.04.11 14:44:17 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3184.27501__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2009.04.11 14:44:17 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3184.27485__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2009.04.11 14:44:17 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3184.27520__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2009.04.11 14:44:17 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3184.27518__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2009.04.11 14:44:17 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3184.27517__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2009.04.11 14:44:17 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2009.04.11 14:44:17 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3184.27528__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2009.04.11 14:44:17 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3184.27520__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2009.04.11 14:44:17 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3184.27509__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2009.04.11 14:44:17 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3184.27567__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2009.04.11 14:44:17 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3184.27527__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2009.04.11 14:44:17 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3184.27516__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2009.04.11 14:44:17 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3184.27513__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2009.04.11 14:44:17 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3184.27519__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2009.04.11 14:44:17 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3184.27503__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2009.04.11 14:44:17 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3184.27499__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2009.04.11 14:44:17 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3184.27492__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2009.04.11 14:44:17 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3184.27514__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2009.04.11 14:44:17 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3184.27512__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2009.04.11 14:44:17 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2009.04.11 14:44:17 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3184.27498__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2009.04.11 14:44:17 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3184.27515__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2009.04.11 14:44:17 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3184.27513__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2009.04.11 14:44:16 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3184.27518__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2009.04.11 14:44:16 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3184.27510__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2009.04.11 14:44:16 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2009.04.11 14:44:16 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3184.27508__90ba9c70f846762e\APM.Foundation.dll
MOD - [2009.04.11 14:44:16 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3184.27499__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2009.04.11 14:44:13 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3219.37103__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2009.04.11 14:44:13 | 000,014,848 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2009.04.11 14:44:13 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2009.04.11 14:44:13 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.3219.37116__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll
MOD - [2009.04.11 14:44:13 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3219.36917__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2009.04.11 14:44:13 | 000,005,120 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.3219.37066_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll
MOD - [2009.04.11 14:44:13 | 000,004,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.resources\2.0.3219.36926_de_90ba9c70f846762e\CLI.Component.Dashboard.resources.dll
MOD - [2009.04.11 14:44:12 | 001,077,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3219.36926__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2009.04.11 14:44:12 | 000,536,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3219.37066__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2009.04.11 14:44:12 | 000,397,312 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3219.36937__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2009.04.11 14:44:12 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3219.37076__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2009.04.11 14:44:12 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3219.36918__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2009.04.11 14:44:12 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3219.37072__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2009.04.11 14:44:12 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3219.36920__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2009.04.11 14:44:12 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3184.27505__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2009.04.11 14:44:12 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3184.27488__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2009.04.11 14:44:12 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3184.27496__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2009.04.11 14:44:12 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3184.27493__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2009.04.11 14:44:12 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3184.27504__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2009.04.11 14:44:12 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3184.27510__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2009.04.11 14:44:12 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3184.27504__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2009.04.11 14:44:12 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.3184.27488__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2009.04.11 14:44:11 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3219.36919__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2009.04.11 14:44:11 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3219.36914__90ba9c70f846762e\APM.Server.dll
MOD - [2009.04.11 14:44:11 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3219.36916__90ba9c70f846762e\AEM.Server.dll
MOD - [2009.04.11 14:44:11 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2009.04.11 14:44:11 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3219.37075__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2009.04.11 14:44:11 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3184.27521__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2009.03.30 06:42:12 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009.03.30 06:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008.10.24 15:13:01 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2008.10.23 19:21:32 | 000,016,384 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2008.01.12 07:40:10 | 000,098,304 | ---- | M] () -- C:\Program Files\ATK Hotkey\HControlUser.exe
MOD - [2007.11.30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe
MOD - [2007.11.13 00:41:50 | 000,106,496 | ---- | M] () -- C:\Program Files\ATK Hotkey\MsgTran.dll
MOD - [2007.06.15 19:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll
MOD - [2007.06.02 02:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
MOD - [2001.07.03 09:17:06 | 000,024,576 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Share-to-Web\HPGS2WNFPS.DLL
MOD - [2001.07.03 09:17:04 | 000,065,536 | ---- | M] () -- C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.05.05 10:41:20 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.04.28 16:36:00 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2011.10.12 04:01:17 | 000,292,136 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe -- (CyberLink PowerDVD 11.0 Service)
SRV - [2011.10.12 04:01:08 | 000,075,048 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe -- (CyberLink PowerDVD 11.0 Monitor Service)
SRV - [2011.09.14 15:48:18 | 000,083,240 | ---- | M] () [Auto | Running] -- C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe -- (CLHNServiceForPowerDVD)
SRV - [2011.08.18 20:13:48 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.03.28 16:15:04 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.02.26 14:49:13 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.01.13 19:14:00 | 000,247,296 | ---- | M] () [Auto | Running] -- C:\Program Files\Mobile Partner Manager\AssistantServices.exe -- (UI Assistant Service)
SRV - [2009.09.18 18:48:28 | 000,009,216 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService)
SRV - [2009.08.24 19:01:08 | 000,093,336 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV - [2008.10.21 18:57:30 | 000,307,200 | -H-- | M] (DeviceVM) [Auto | Running] -- C:\ASUS.SYS\DVMExportService.exe -- (MDES)
SRV - [2008.03.31 11:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2007.10.03 06:53:00 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2007.08.08 09:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2004.01.28 19:25:24 | 000,020,537 | ---- | M] (Apache Software Foundation) [On_Demand | Stopped] -- C:\Program Files\Reference Manager 12\WebPublisher\thirdparty\Apache2\bin\RMWP_Apache_Admin.exe -- (RMWPService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\NIS\1000000.07D\SRTSPX.SYS -- (SRTSPX)
DRV - File not found [File_System | System | Stopped] -- C:\Windows\system32\drivers\NIS\1000000.07D\SRTSP.SYS -- (SRTSP)
DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVEX15.SYS -- (NAVEX15)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVENG.SYS -- (NAVENG)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2011.09.16 11:36:34 | 000,077,296 | ---- | M] (CyberLink Corp.) [2011/12/04 00:25:37] [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD11\Common\NavFilter\000.fcl -- ({329F96B6-DF1E-4328-BFDA-39EA953C1312})
DRV - [2011.09.14 15:48:19 | 000,071,664 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD.sys -- (ntk_PowerDVD)
DRV - [2011.08.18 20:13:49 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.08.18 20:13:49 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.06.17 15:27:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.12.21 15:34:24 | 000,037,920 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tbhsd.sys -- (tbhsd)
DRV - [2009.10.29 19:28:24 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2009.10.29 19:28:24 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2009.10.29 19:28:24 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2009.10.07 15:48:58 | 000,163,368 | ---- | M] (CyberLink Corporation.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\CLBUDF.sys -- (CLBUDF)
DRV - [2009.10.07 15:48:58 | 000,015,784 | ---- | M] (Cyberlink Co.,Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\CLBStor.sys -- (CLBStor)
DRV - [2009.09.05 14:25:36 | 001,183,744 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009.08.18 13:06:44 | 000,114,688 | ---- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnet.sys -- (ZTEusbnet)
DRV - [2009.08.18 13:06:44 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\zteusbvoice.sys -- (ZTEusbvoice)
DRV - [2009.08.08 00:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010\WNt500x86\Sandra.sys -- (SANDRA)
DRV - [2009.06.30 18:46:22 | 000,009,216 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter)
DRV - [2009.02.13 13:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008.10.24 18:16:31 | 004,017,152 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008.08.11 04:14:11 | 001,752,704 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2008.06.03 08:41:51 | 000,015,928 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2008.05.29 19:21:02 | 000,015,416 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\System32\drivers\lullaby.sys -- (lullaby)
DRV - [2008.05.02 10:07:53 | 000,048,128 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SiSGB6.sys -- (SiSGbeLH)
DRV - [2008.04.07 08:00:45 | 000,006,656 | ---- | M] (Generic) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CRFILTER.sys -- (CRFILTER)
DRV - [2008.03.29 18:36:28 | 000,125,328 | ---- | M] (Deterministic Networks, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\dne2000.sys -- (DNE)
DRV - [2008.01.21 04:23:21 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2007.08.11 05:19:26 | 000,029,752 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AsDsm.sys -- (AsDsm)
DRV - [2007.07.24 20:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP)
DRV - [2007.01.18 19:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2006.12.14 09:11:57 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2006.11.02 09:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUS
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.linkury.com/newtab.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUS_de___DE358
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Search the web"
FF - prefs.js..browser.search.order.1: "Search the web"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: helperbar@helperbar.com:1.0
FF - prefs.js..extensions.enabledItems: fireloop@drawloop.com:2.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
FF - prefs.js..keyword.URL: "http://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
 
FF - user.js..browser.search.selectedEngine: "Search the web"
FF - user.js..browser.search.order.1: "Search the web"
FF - user.js..browser.search.defaultenginename: "Search the web"
FF - user.js..keyword.URL: "http://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@phonostar.de/phonostar: C:\Program Files\phonostar-Player\npphonostarDetectNP.dll ( )
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.05.22 13:03:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.05.22 13:03:06 | 000,000,000 | ---D | M]
 
[2009.11.18 05:32:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2012.05.24 10:21:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\f5pzbxqc.default\extensions
[2012.05.23 11:00:04 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\f5pzbxqc.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2012.04.28 17:03:04 | 000,000,000 | ---D | M] (Biobar) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\f5pzbxqc.default\extensions\{3e559c3c-4aad-4168-bd47-e1056298df8e}
[2012.05.20 01:11:45 | 000,000,000 | ---D | M] (WOT) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\f5pzbxqc.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012.04.28 17:09:22 | 000,000,000 | ---D | M] (Google Redesigned) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\f5pzbxqc.default\extensions\{cc85cd4e-5a5b-4eda-a25c-bdaffa93b406}
[2011.10.31 02:41:37 | 000,000,000 | ---D | M] (toolplugin) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\f5pzbxqc.default\extensions\welcome@toolmin.com
[2012.03.17 15:28:29 | 000,002,412 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\f5pzbxqc.default\searchplugins\Linkury Smartbar Search.xml
[2012.04.29 12:20:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2012.05.20 01:11:44 | 000,061,219 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\EXTENSIONS\{9AA46F4F-4DC7-4C06-97AF-5035170634FE}.XPI
[2012.01.23 09:52:31 | 000,138,614 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\EXTENSIONS\{D40F5E7B-D2CF-4856-B441-CC613EEFFBE3}.XPI
[2012.01.02 22:25:30 | 000,195,719 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\EXTENSIONS\ISREADITLATER@IDEASHOWER.COM.XPI
[2011.12.04 21:35:41 | 000,101,213 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\EXTENSIONS\LINKALERT.CONLAN@ADDONS.MOZILLA.COM.XPI
[2012.03.04 22:30:51 | 000,325,600 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\EXTENSIONS\SMARTERWIKI@WIKIATIC.COM.XPI
[2012.05.24 10:21:50 | 000,020,892 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\EXTENSIONS\STUCKER@BIOLEGEND.COM.XPI
[2012.04.21 03:18:00 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.03.24 14:06:08 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.10.03 11:14:54 | 000,083,456 | ---- | M] (vShare.tv ) -- C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll
[2012.04.21 03:54:08 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.04.21 03:54:08 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.04.21 03:54:08 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.04.21 03:54:08 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.10.31 02:41:37 | 000,000,158 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search the web.src
[2012.04.21 03:54:08 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.04.21 03:54:08 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.11.21 04:04:40 | 000,357,056 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	www.123topsearch.com
O1 - Hosts: 127.0.0.1	123topsearch.com
O1 - Hosts: 127.0.0.1	www.132.com
O1 - Hosts: 127.0.0.1	132.com
O1 - Hosts: 127.0.0.1	www.136136.net
O1 - Hosts: 127.0.0.1	136136.net
O1 - Hosts: 127.0.0.1	www.163ns.com
O1 - Hosts: 12248 more lines...
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ADSMTray] C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe ()
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe ()
O4 - HKLM..\Run: [ASUSTPE] C:\Windows\System32\ASUSTPE.exe (ASUS)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [HControlUser] C:\Program Files\ATK Hotkey\HcontrolUser.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [phonostar-PlayerTimer] C:\Program Files\phonostar-Player\phonostarTimer.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI832F~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2EB7E767-3A5F-45DC-A8CF-47F492C56E50}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C1A1FAB5-C100-42A4-8AF6-08E25A0B5C56}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\ASUS\wallpapers\ASUS.jpg
O24 - Desktop BackupWallPaper: C:\Windows\ASUS\wallpapers\ASUS.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.01.19 10:47:05 | 000,008,192 | ---- | M] (Microsoft) - F:\AutoOff.exe -- [ NTFS ]
O32 - Unable to obtain root file information for disk F:\
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.05.24 19:13:19 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2012.05.24 14:29:04 | 000,000,000 | -H-D | C] -- C:\dvmexp
[2012.05.23 12:36:41 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\BullGuard
[2012.05.23 12:34:56 | 000,000,000 | ---D | C] -- C:\ProgramData\BullGuard
[2012.05.21 11:33:22 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012.05.21 11:33:22 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012.05.21 11:33:21 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012.05.21 11:33:21 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012.05.21 11:33:21 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2012.05.21 11:30:46 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012.05.21 11:30:46 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012.05.21 11:30:46 | 002,044,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.05.11 20:24:14 | 000,000,000 | ---D | C] -- C:\Program Files\Veetle
[2012.05.11 19:11:29 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\ASCOMP Software
[2012.05.11 19:11:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASCOMP Software
[2012.05.11 19:11:25 | 000,000,000 | ---D | C] -- C:\Program Files\ASCOMP Software
[2012.05.08 18:39:00 | 000,000,000 | ---D | C] -- C:\Program Files\Napster 5.0
[2012.05.05 10:13:28 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\JAM Software
[2012.05.05 10:13:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free
[2012.05.05 10:13:24 | 000,000,000 | ---D | C] -- C:\Program Files\JAM Software
[2012.04.28 16:36:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.04.28 16:36:02 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.05.24 19:17:00 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.05.24 19:17:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.05.24 19:15:17 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.05.24 19:15:17 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.05.24 19:15:17 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.05.24 19:15:17 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.05.24 19:13:22 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2012.05.24 18:41:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.05.24 18:29:00 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.05.24 18:29:00 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.05.24 14:28:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.05.24 14:28:44 | 3220,463,616 | -HS- | M] () -- C:\hiberfil.sys
[2012.05.24 14:04:16 | 000,000,811 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.05.21 13:23:20 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2012.05.21 13:21:23 | 002,365,768 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.05.11 19:11:26 | 000,001,949 | ---- | M] () -- C:\Users\Public\Desktop\Secure Eraser.lnk
[2012.05.08 18:39:01 | 000,000,791 | ---- | M] () -- C:\Users\Public\Desktop\Napster 5.0.lnk
[2012.05.05 10:41:19 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.05.05 10:41:19 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.05.05 10:13:27 | 000,001,021 | ---- | M] () -- C:\Users\***\Desktop\TreeSize Free.lnk
[2012.05.03 23:57:16 | 000,002,194 | ---- | M] () -- C:\Windows\tasks\hpwebreg_CN0BQ236QB05JZ.job
[2012.04.29 12:20:04 | 000,000,853 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.05.11 19:11:26 | 000,001,949 | ---- | C] () -- C:\Users\Public\Desktop\Secure Eraser.lnk
[2012.05.05 10:13:27 | 000,001,021 | ---- | C] () -- C:\Users\***\Desktop\TreeSize Free.lnk
[2012.01.28 16:17:50 | 000,000,064 | ---- | C] () -- C:\ProgramData\sandra.ldb
[2011.10.22 15:30:29 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2011.05.26 12:13:27 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2010.12.06 17:15:55 | 000,000,410 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2010.12.06 17:15:55 | 000,000,162 | ---- | C] () -- C:\Windows\brpcfx.ini
[2010.12.06 17:15:17 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010.12.06 17:15:17 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2010.12.06 17:10:46 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf08b.dat
[2010.12.06 17:06:47 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat
[2010.08.23 12:40:56 | 000,000,020 | ---- | C] () -- C:\Windows\Hposcv07.INI
[2010.06.25 10:07:02 | 000,000,110 | -H-- | C] () -- C:\ProgramData\obid31
[2010.06.25 10:02:44 | 000,000,016 | -H-- | C] () -- C:\ProgramData\obtf503
 
========== LOP Check ==========
 
[2009.12.03 11:35:58 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Amazon
[2012.05.11 19:11:29 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ASCOMP Software
[2009.11.25 16:08:21 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Avanquest
[2012.05.23 12:36:41 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\BullGuard
[2012.04.19 21:40:10 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\com.Rhapsody.Napster5
[2009.12.01 16:42:16 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\EndNote
[2009.12.07 19:38:39 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FileOpen
[2010.06.25 10:09:11 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\GraphPad Software
[2012.04.15 11:31:11 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\gtk-2.0
[2009.12.01 16:37:33 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ISI ResearchSoft
[2012.05.05 10:13:28 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\JAM Software
[2012.03.13 19:20:52 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenCandy
[2010.08.23 12:41:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Ordner HP Share-to-Web
[2010.12.10 11:33:19 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\PC-FAX TX
[2012.03.13 19:20:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\pdfforge
[2009.12.04 16:48:04 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\phonostar GmbH
[2009.12.04 16:29:47 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\streamripper
[2012.01.11 19:50:41 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\toolplugin
[2011.07.13 19:29:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Vodafone
[2012.05.24 14:27:41 | 000,032,626 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >

gmer:

Code:

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-05-25 01:03:18
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1 ST9500325AS rev.0002SDM1
Running: hee04u9t.exe; Driver: C:\Users\***\AppData\Local\Temp\kxriafoc.sys


---- Kernel code sections - GMER 1.0.15 ----

.text           C:\Windows\system32\DRIVERS\atikmdag.sys                               section is writeable [0x8F20A000, 0x21FB4F, 0xE8000020]
.text           C:\Program Files\CyberLink\PowerDVD11\Common\NavFilter\000.fcl         section is writeable [0xA2DA8000, 0x2BE8, 0xE8000020]
.vmp2           C:\Program Files\CyberLink\PowerDVD11\Common\NavFilter\000.fcl         entry point in ".vmp2" section [0xA2DCA666]

---- Devices - GMER 1.0.15 ----

AttachedDevice  \FileSystem\Ntfs \Ntfs                                                 AsDsm.sys (Data Security Manager Driver/Windows (R) Codename Longhorn DDK provider)

Device          \FileSystem\udfs \UdfsCdRom                                            CLBUDF.SYS (UDF File System Driver /CyberLink Corporation.)
Device          \FileSystem\udfs \UdfsDisk                                             CLBUDF.SYS (UDF File System Driver /CyberLink Corporation.)

AttachedDevice  \Driver\kbdclass \Device\KeyboardClass0                                Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice  \Driver\kbdclass \Device\KeyboardClass1                                Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice  \FileSystem\fastfat \Fat                                               fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)
AttachedDevice  \FileSystem\fastfat \Fat                                               AsDsm.sys (Data Security Manager Driver/Windows (R) Codename Longhorn DDK provider)

Device          \FileSystem\cdfs \Cdfs                                                 CLBUDF.SYS (UDF File System Driver /CyberLink Corporation.)

---- Files - GMER 1.0.15 ----

File            C:\ADSM_PData_0150                                                     0 bytes
File            C:\ADSM_PData_0150\DB                                                  0 bytes
File            C:\ADSM_PData_0150\DB\SI.db                                            624 bytes
File            C:\ADSM_PData_0150\DB\UL.db                                            1040 bytes
File            C:\ADSM_PData_0150\DB\VL.db                                            6160 bytes
File            C:\ADSM_PData_0150\DB\WAL.db                                           2048 bytes
File            C:\ADSM_PData_0150\DB\_avt                                             512 bytes
File            C:\ADSM_PData_0150\DragWait.exe                                        315392 bytes executable
File            C:\ADSM_PData_0150\_avt                                                512 bytes
File            C:\Program Files\ASUS\ASUS Data Security Manager\driver\x86            0 bytes
File            C:\Program Files\ASUS\ASUS Data Security Manager\driver\x86\AsDsm.sys  29752 bytes executable
File            C:\Program Files\ASUS\ASUS Data Security Manager\driver\x86\_avt       512 bytes
File            C:\Users\***\Gesicherte Musik                                      0 bytes
File            C:\Users\***\Gesicherte Musik\_avt                                 512 bytes
File            C:\Users\***\Gesicherte Musik\_lit                                 512 bytes
File            C:\Users\***\Gesichertes Dokument                                  0 bytes
File            C:\Users\***\Gesichertes Dokument\_avt                             512 bytes
File            C:\Users\***\Gesichertes Dokument\_lit                             512 bytes
File            C:\Users\***\Gesichertes Video                                     0 bytes
File            C:\Users\***\Gesichertes Video\_avt                                512 bytes
File            C:\Users\***\Gesichertes Video\_lit                                512 bytes

---- EOF - GMER 1.0.15 ----

[kira]

Herzlich Willkommen hier bei uns am HijackThis Supportboard!

**Bevor du mit Teil 1. der Aufgabe beginnst: HIER KLICKEN UND SORGFÄLTIG DURCHLESEN!** und ich bitte um kurze Bestätigung, dass du dies gelesen und akzeptiert hast!
Ein System zu bereinigen kann ein paar Tage dauern (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst
► Unrechtmäßig erworbene Software (durch Keygen, Crack, Keymaker) wird hier nicht geduldet, in diesem Fall wird der Support eingestellt.!

ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG!

Bitte lese Dir zuerst in Ruhe die Anweisungen durch und Du sollst dabei die Reihenfolge einhalten! Ansonsten verlangsamt unsere Arbeit, wenn wir immer wieder noch an Kleinigkeiten nachschlagen müssen und dadurch eventuell die Übersicht verloren geht...


► Erster Teil des 3-teiligen Verfahren, werden wir dein System auf Viren untersuchen, bzw nach einem anderen Verursacher suchen:
**Vista und Win7 Verwender: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen

1.

Achtung wichtig!:
Falls Du selber im Logfile Änderungen vorgenommen hast, musst Du durch die Originalbezeichnung ersetzen und so in Script einfügen! sonst funktioniert nicht!
(Benutzerordner, dein Name oder sonstige Änderungen durch X, Stern oder andere Namen ersetzt)

Fixen mit OTL

• Starte die OTL.exe.
• Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
• Kopiere folgendes Skript (unverändert inkl. :OTL, also - nach dem "Code", alles was in der Codebox steht - ):

Code:

:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUS
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.linkury.com/newtab.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUS_de___DE358
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - prefs.js..browser.search.defaultenginename: "Search the web"
FF - prefs.js..browser.search.order.1: "Search the web"
FF - prefs.js..extensions.enabledItems: helperbar@helperbar.com:1.0
FF - prefs.js..keyword.URL: "http://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
FF - user.js..browser.search.selectedEngine: "Search the web"
FF - user.js..browser.search.order.1: "Search the web"
FF - user.js..browser.search.defaultenginename: "Search the web"
FF - user.js..keyword.URL: "http://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
[2012.04.21 03:54:08 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.04.21 03:54:08 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.04.21 03:54:08 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.10.31 02:41:37 | 000,000,158 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search the web.src
[2012.04.21 03:54:08 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.04.21 03:54:08 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
[2012.03.17 15:28:29 | 000,002,412 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\f5pzbxqc.default\searchplugins\Linkury Smartbar Search.xml
[2011.10.31 02:41:37 | 000,000,000 | ---D | M] (toolplugin) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\f5pzbxqc.default\extensions\welcome@toolmin.com
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.01.19 10:47:05 | 000,008,192 | ---- | M] (Microsoft) - F:\AutoOff.exe -- [ NTFS ]
[2012.05.24 19:17:00 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.05.24 19:17:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

:Files
ipconfig /flushdns /c

:Commands
[purity]
[emptytemp]

• und füge es hier ein:
• Schließe alle Programme.
• Klicke auf den Fix Button.
• Klick auf .
• OTL verlangt einen Neustart. Bitte zulassen.
• Nach dem Neustart findest Du ein Textdokument.
  Kopiere den Inhalt hier in Code-Tags in Deinen Thread.

2.
Das Program installieren und ausführen:
Anleitung:-> Bereinigung mit Malwarebytes' Anti-Malware (Vollständiger Suchlauf)

3.
erneut einen Scan mit OTL:

• Doppelklick auf die OTL.exe
• Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
• Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
• Unter Extra Registry, wähle bitte Use SafeList
• Mache Häkchen bei LOP- und Purity-Prüfung
• Klicke nun auf Run Scan links oben
• Wenn der Scan beendet wurde werden 2 Logfiles erstellt
• Poste die Logfiles in Code-Tags hier in den Thread.

4.
Um festzustellen, ob veraltete oder schädliche Software unter Programme installiert sind, ich würde gerne noch all deine installierten Programme sehen:

• Download den CCleaner
  
• Software-Lizenzvereinbarung lesen, falls irgendeine Toolbar angeboten wird, bitte abwählen!-> starten -> Falls nötig, auf "Deutsch" einstellen.
• starten-> klick auf `Extras` (um auf deinem System installierte Software zu anzeigen)-> dann auf `Als Textdatei speichern...`
• ein Textdatei wird automatisch erstellt, poste auch dieses Logfile (also die Liste alle installierten Programme...eine Textdatei)

5.
Die folgende Aufgabe im Taskplan sagt mir nichts:

Code:

C:\Windows\tasks\hpwebreg_CN0BQ236QB05JZ.job

Bitte alle Ergebnisse im Code-Tags posten!

vor dein Log schreibst Du (also am Anfang des Logfiles):[code]
hier kommt dein Logfile rein
dahinter - also am Ende der Logdatei:[/code]
Wie es geht:-> Logfiles in Code-Tags setzen

gruß
kira

[siddharta01]

Hallo Kira,

vielen Dank für Deine Hilfe!
Mit den Forenregeln erkläre ich mich einverstanden!
Zu dem speziellen Taskplan kann ich leider auch nichts sagen- google findet da nur einen alten thread von mir
hier aus dem Forum
Ich glaube beim scan mit malware hat der Guard von Avira nochmal den Dldr.small.ck-Virus gefunden. Aktion:
Zugriff verweigert.
Habe die einzelnen Punkte nach bestem Wissen abgearbeitet:

1. otl fix:

Code:

All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search\\Default_Search_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
Prefs.js: "Search the web" removed from browser.search.defaultenginename
Prefs.js: "Search the web" removed from browser.search.order.1
Prefs.js: helperbar@helperbar.com:1.0 removed from extensions.enabledItems
Prefs.js: "http://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q=" removed from keyword.URL
C:\Users\***\AppData\Roaming\Mozilla\FireFox\Profiles\f5pzbxqc.default\user.js moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll not found.
C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml moved successfully.
C:\Program Files\mozilla firefox\searchplugins\bing.xml moved successfully.
C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml moved successfully.
C:\Program Files\mozilla firefox\searchplugins\Search the web.src moved successfully.
C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml moved successfully.
C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml moved successfully.
File C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\f5pzbxqc.default\searchplugins\Linkury Smartbar Search.xml not found.
Folder C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\f5pzbxqc.default\extensions\welcome@toolmin.com\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE7CD045-E861-484f-8273-0445EE161910}\ not found.
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}\ not found.
File C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{DFEFCDEE-CF1A-4FC8-89AF-189327213627} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DFEFCDEE-CF1A-4FC8-89AF-189327213627}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}\ not found.
File C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File F:\AutoOff.exe not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\***\Desktop\cmd.bat deleted successfully.
C:\Users\***\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: ***
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 14655893 bytes
->Java cache emptied: 50275 bytes
->FireFox cache emptied: 1183915296 bytes
->Flash cache emptied: 58556 bytes
 
User: *** Standard
->Temp folder emptied: 41377 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 43327239 bytes
->Flash cache emptied: 1432 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56466 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 91847627 bytes
RecycleBin emptied: 81677720 bytes
 
Total Files Cleaned = 1.350,00 mb
 
 
OTL by OldTimer - Version 3.2.43.1 log created on 05262012_133541

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\CLDigitalHome\CLMS_AGENT_LOG1.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

2. Malwarebyte:

Code:

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.05.26.03

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
**** :: ****-PC [Administrator]

26.05.2012 13:55:50
mbam-log-2012-05-26 (13-55-50).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 511581
Laufzeit: 2 Stunde(n), 34 Minute(n), 31 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

3. otl:

Code:

OTL logfile created on: 26.05.2012 16:42:46 - Run 2
OTL by OldTimer - Version 3.2.43.1     Folder = C:\Users\***\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,91 Gb Available Physical Memory | 63,74% Memory free
6,19 Gb Paging File | 5,13 Gb Available in Paging File | 82,85% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 138,43 Gb Free Space | 59,44% Space Free | Partition Type: NTFS
Drive D: | 221,16 Gb Total Space | 119,14 Gb Free Space | 53,87% Space Free | Partition Type: NTFS
Drive E: | 439,89 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 465,76 Gb Total Space | 455,05 Gb Free Space | 97,70% Space Free | Partition Type: NTFS
Drive G: | 1,90 Gb Total Space | 1,09 Gb Free Space | 57,10% Space Free | Partition Type: FAT
 
Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\***\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\phonostar-Player\phonostarTimer.exe ()
PRC - C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe (CyberLink)
PRC - C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe (CyberLink)
PRC - C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe ()
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Mobile Partner Manager\AssistantServices.exe ()
PRC - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
PRC - C:\Windows\ASScrPro.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\ASUS\SmartLogon\sensorsrv.exe (ASUS)
PRC - C:\ASUS.SYS\DVMExportService.exe (DeviceVM)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files\P4G\BatteryLife.exe (ATK)
PRC - C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe (ASUS)
PRC - C:\Program Files\ASUS\Splendid\ACMON.exe (ATK)
PRC - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files\ATK Hotkey\Hcontrol.exe (ATK0100)
PRC - C:\Program Files\ATK Hotkey\WDC.exe ()
PRC - C:\Program Files\ATK Hotkey\HControlUser.exe ()
PRC - C:\Program Files\ATK Hotkey\ATKOSD.exe ()
PRC - C:\Program Files\ASUS\ASUS Live Update\ALU.exe ()
PRC - C:\Program Files\ATK Hotkey\MsgTranAgt.exe ()
PRC - C:\Windows\System32\ASUSTPE.exe (ASUS)
PRC - C:\Program Files\ATK Hotkey\ASLDRSrv.exe ()
PRC - C:\Program Files\ATK Hotkey\KBFiltr.exe ()
PRC - C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
PRC - C:\Program Files\Wireless Console 2\wcourier.exe ()
PRC - C:\Windows\System32\ACEngSvr.exe (ASUSTeK)
PRC - C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ef684a2ee2f7276eec3973a0654d2bd4\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\1b337cf9a031145849bc48c11b2cfe58\Accessibility.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e4d54640bacd18e047a4573cb4611bd3\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5d8696f15e49aedf883dd945806a7049\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll ()
MOD - C:\Program Files\phonostar-Player\phonostarTimer.exe ()
MOD - C:\Program Files\ASCOMP Software\Secure Eraser\SecEraser32.dll ()
MOD - C:\Windows\ASScrPro.exe ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3219.36943__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3219.37086__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3219.36921__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3219.36946__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3219.37053__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3219.37023__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3219.36938__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3219.36998__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3219.36931__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3219.37088__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3219.36930__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3219.37031__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3219.37085__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3219.37032__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3219.37030__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3219.37084__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3219.37002__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3219.36933__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3219.36948__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3219.36993__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3219.37044__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3219.37021__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3219.36954__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3219.36947__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3219.37017__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3219.37001__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3219.36998__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3219.36953__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3219.37016__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3219.37020__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3219.37000__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3219.37000__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3184.27483__90ba9c70f846762e\LOG.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3184.27484__90ba9c70f846762e\NEWAEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3184.27511__90ba9c70f846762e\DEM.OS.I0602.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3184.27499__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3184.27491__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3184.27510__90ba9c70f846762e\MOM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3184.27511__90ba9c70f846762e\DEM.OS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3184.27506__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3184.27533__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3184.27509__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3184.27533__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3184.27520__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3184.27501__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3184.27485__90ba9c70f846762e\CLI.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3184.27520__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3184.27518__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3184.27517__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3184.27528__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3184.27520__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3184.27509__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3184.27567__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3184.27527__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3184.27516__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3184.27513__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3184.27519__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3184.27503__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3184.27499__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3184.27492__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3184.27514__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3184.27512__90ba9c70f846762e\DEM.Graphics.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3184.27498__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3184.27515__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3184.27513__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3184.27518__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3184.27510__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3184.27508__90ba9c70f846762e\APM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3184.27499__90ba9c70f846762e\AEM.Server.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3219.37103__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll ()
MOD - C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.3219.37116__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3219.36917__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.3219.37066_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.resources\2.0.3219.36926_de_90ba9c70f846762e\CLI.Component.Dashboard.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3219.36926__90ba9c70f846762e\CLI.Component.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3219.37066__90ba9c70f846762e\CLI.Component.Systemtray.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3219.36937__90ba9c70f846762e\CLI.Component.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3219.37076__90ba9c70f846762e\MOM.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3219.36918__90ba9c70f846762e\CLI.Component.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3219.37072__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3219.36920__90ba9c70f846762e\CLI.Component.SkinFactory.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3184.27505__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3184.27488__90ba9c70f846762e\CLI.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3184.27496__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3184.27493__90ba9c70f846762e\LOG.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3184.27504__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3184.27510__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3184.27504__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.3184.27488__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3219.36919__90ba9c70f846762e\ATIDEMOS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3219.36914__90ba9c70f846762e\APM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3219.36916__90ba9c70f846762e\AEM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3219.37075__90ba9c70f846762e\CCC.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3184.27521__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\System32\atitmmxx.dll ()
MOD - C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll ()
MOD - C:\Program Files\ATK Hotkey\HControlUser.exe ()
MOD - C:\Program Files\ASUS\ASUS Live Update\ALU.exe ()
MOD - C:\Program Files\ATK Hotkey\MsgTran.dll ()
MOD - C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll ()
MOD - C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll ()
MOD - C:\Program Files\Hewlett-Packard\HP Share-to-Web\HPGS2WNFPS.DLL ()
MOD - C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (CyberLink PowerDVD 11.0 Service) -- C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe (CyberLink)
SRV - (CyberLink PowerDVD 11.0 Monitor Service) -- C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe (CyberLink)
SRV - (CLHNServiceForPowerDVD) -- C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe ()
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (UI Assistant Service) -- C:\Program Files\Mobile Partner Manager\AssistantServices.exe ()
SRV - (VMCService) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
SRV - (SandraAgentSrv) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010\RpcAgentSrv.exe (SiSoftware)
SRV - (MDES) -- C:\ASUS.SYS\DVMExportService.exe (DeviceVM)
SRV - (ADSMService) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ASUSTek Computer Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (ASLDRService) -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe ()
SRV - (ATKGFNEXSrv) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
SRV - (RMWPService) -- C:\Program Files\Reference Manager 12\WebPublisher\thirdparty\Apache2\bin\RMWP_Apache_Admin.exe (Apache Software Foundation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (SRTSPX) -- C:\Windows\system32\drivers\NIS\1000000.07D\SRTSPX.SYS File not found
DRV - (SRTSP) -- C:\Windows\system32\drivers\NIS\1000000.07D\SRTSP.SYS File not found
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVEX15.SYS File not found
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVENG.SYS File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - ({329F96B6-DF1E-4328-BFDA-39EA953C1312}) -- C:\Program Files\CyberLink\PowerDVD11\Common\NavFilter\000.fcl (CyberLink Corp.)
DRV - (ntk_PowerDVD) -- C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD.sys (Cyberlink Corp.)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (tbhsd) -- C:\Windows\System32\drivers\tbhsd.sys (RapidSolution Software AG)
DRV - (ZTEusbser6k) -- C:\Windows\System32\drivers\ZTEusbser6k.sys (ZTE Incorporated)
DRV - (ZTEusbnmea) -- C:\Windows\System32\drivers\ZTEusbnmea.sys (ZTE Incorporated)
DRV - (ZTEusbmdm6k) -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
DRV - (CLBUDF) -- C:\Windows\System32\drivers\CLBUDF.sys (CyberLink Corporation.)
DRV - (CLBStor) -- C:\Windows\System32\drivers\CLBStor.sys (Cyberlink Co.,Ltd.)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (ZTEusbnet) -- C:\Windows\System32\drivers\ZTEusbnet.sys (ZTE Corporation)
DRV - (ZTEusbvoice) -- C:\Windows\System32\drivers\zteusbvoice.sys (ZTE Incorporated)
DRV - (SANDRA) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010\WNt500x86\Sandra.sys (SiSoftware)
DRV - (massfilter) -- C:\Windows\System32\drivers\massfilter.sys (ZTE Incorporated)
DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( )
DRV - (lullaby) -- C:\Windows\System32\drivers\lullaby.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (SiSGbeLH) -- C:\Windows\System32\drivers\SiSGB6.sys (Silicon Integrated Systems Corp.)
DRV - (CRFILTER) -- C:\Windows\System32\drivers\CRFILTER.sys (Generic)
DRV - (DNE) -- C:\Windows\System32\drivers\dne2000.sys (Deterministic Networks, Inc.)
DRV - (WSDPrintDevice) -- C:\Windows\System32\drivers\WSDPrint.sys (Microsoft Corporation)
DRV - (AsDsm) -- C:\Windows\System32\drivers\AsDsm.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (ASMMAP) -- C:\Program Files\ATKGFNEX\ASMMAP.sys ()
DRV - (CVirtA) -- C:\Windows\System32\drivers\CVirtA.sys (Cisco Systems, Inc.)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100)
DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKLM\..\SearchScopes,DefaultScope = 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = 
IE - HKCU\..\SearchScopes,DefaultScope = 
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@phonostar.de/phonostar: C:\Program Files\phonostar-Player\npphonostarDetectNP.dll ( )
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.05.22 13:03:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.05.22 13:03:06 | 000,000,000 | ---D | M]
 
[2009.11.18 05:32:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2012.05.24 10:21:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\f5pzbxqc.default\extensions
[2012.05.23 11:00:04 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\f5pzbxqc.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2012.04.28 17:03:04 | 000,000,000 | ---D | M] (Biobar) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\f5pzbxqc.default\extensions\{3e559c3c-4aad-4168-bd47-e1056298df8e}
[2012.05.20 01:11:45 | 000,000,000 | ---D | M] (WOT) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\f5pzbxqc.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012.04.28 17:09:22 | 000,000,000 | ---D | M] (Google Redesigned) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\f5pzbxqc.default\extensions\{cc85cd4e-5a5b-4eda-a25c-bdaffa93b406}
[2011.10.31 02:41:37 | 000,000,000 | ---D | M] (toolplugin) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\f5pzbxqc.default\extensions\welcome@toolmin.com
[2012.03.17 15:28:29 | 000,002,412 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\f5pzbxqc.default\searchplugins\Linkury Smartbar Search.xml
[2012.04.29 12:20:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2012.05.20 01:11:44 | 000,061,219 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\EXTENSIONS\{9AA46F4F-4DC7-4C06-97AF-5035170634FE}.XPI
[2012.01.23 09:52:31 | 000,138,614 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\EXTENSIONS\{D40F5E7B-D2CF-4856-B441-CC613EEFFBE3}.XPI
[2012.01.02 22:25:30 | 000,195,719 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\EXTENSIONS\ISREADITLATER@IDEASHOWER.COM.XPI
[2011.12.04 21:35:41 | 000,101,213 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\EXTENSIONS\LINKALERT.CONLAN@ADDONS.MOZILLA.COM.XPI
[2012.03.04 22:30:51 | 000,325,600 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\EXTENSIONS\SMARTERWIKI@WIKIATIC.COM.XPI
[2012.05.24 10:21:50 | 000,020,892 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\EXTENSIONS\STUCKER@BIOLEGEND.COM.XPI
[2012.04.21 03:18:00 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.03.24 14:06:08 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.10.03 11:14:54 | 000,083,456 | ---- | M] (vShare.tv ) -- C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll
[2012.04.21 03:54:08 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
 
O1 HOSTS File: ([2009.11.21 04:04:40 | 000,357,056 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	www.123topsearch.com
O1 - Hosts: 127.0.0.1	123topsearch.com
O1 - Hosts: 127.0.0.1	www.132.com
O1 - Hosts: 127.0.0.1	132.com
O1 - Hosts: 127.0.0.1	www.136136.net
O1 - Hosts: 127.0.0.1	136136.net
O1 - Hosts: 127.0.0.1	www.163ns.com
O1 - Hosts: 12248 more lines...
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [ADSMTray] C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe ()
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe ()
O4 - HKLM..\Run: [ASUSTPE] C:\Windows\System32\ASUSTPE.exe (ASUS)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [HControlUser] C:\Program Files\ATK Hotkey\HcontrolUser.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [phonostar-PlayerTimer] C:\Program Files\phonostar-Player\phonostarTimer.exe ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: An vorhandenes PDF anfügen - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html File not found
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html File not found
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html File not found
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html File not found
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI832F~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2EB7E767-3A5F-45DC-A8CF-47F492C56E50}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C1A1FAB5-C100-42A4-8AF6-08E25A0B5C56}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\ASUS\wallpapers\ASUS.jpg
O24 - Desktop BackupWallPaper: C:\Windows\ASUS\wallpapers\ASUS.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.01.19 10:47:05 | 000,008,192 | ---- | M] (Microsoft) - F:\AutoOff.exe -- [ NTFS ]
O32 - Unable to obtain root file information for disk F:\
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.05.26 16:39:59 | 000,000,000 | -H-D | C] -- C:\dvmexp
[2012.05.26 13:35:41 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.05.24 19:13:19 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2012.05.23 12:36:41 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\BullGuard
[2012.05.23 12:34:56 | 000,000,000 | ---D | C] -- C:\ProgramData\BullGuard
[2012.05.21 11:33:22 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012.05.21 11:33:22 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012.05.21 11:33:21 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012.05.21 11:33:21 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012.05.21 11:33:21 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2012.05.21 11:30:46 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012.05.21 11:30:46 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012.05.21 11:30:46 | 002,044,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.05.11 20:24:14 | 000,000,000 | ---D | C] -- C:\Program Files\Veetle
[2012.05.11 19:11:29 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\ASCOMP Software
[2012.05.11 19:11:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASCOMP Software
[2012.05.11 19:11:25 | 000,000,000 | ---D | C] -- C:\Program Files\ASCOMP Software
[2012.05.08 18:39:00 | 000,000,000 | ---D | C] -- C:\Program Files\Napster 5.0
[2012.05.05 10:13:28 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\JAM Software
[2012.05.05 10:13:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free
[2012.05.05 10:13:24 | 000,000,000 | ---D | C] -- C:\Program Files\JAM Software
[2012.04.28 16:36:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.04.28 16:36:02 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.05.26 16:44:17 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.05.26 16:44:17 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.05.26 16:44:17 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.05.26 16:44:17 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.05.26 16:41:23 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.05.26 16:39:54 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.05.26 16:39:54 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.05.26 16:39:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.05.26 16:39:43 | 3220,463,616 | -HS- | M] () -- C:\hiberfil.sys
[2012.05.26 13:46:09 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2012.05.25 15:48:04 | 000,002,657 | ---- | M] () -- C:\Users\***\Desktop\HiJackThis.lnk
[2012.05.24 19:31:25 | 000,302,592 | ---- | M] () -- C:\Users\***\Desktop\hee04u9t.exe
[2012.05.24 19:13:22 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2012.05.24 14:04:16 | 000,000,811 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.05.21 13:21:23 | 002,365,768 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.05.11 19:11:26 | 000,001,949 | ---- | M] () -- C:\Users\Public\Desktop\Secure Eraser.lnk
[2012.05.08 18:39:01 | 000,000,791 | ---- | M] () -- C:\Users\Public\Desktop\Napster 5.0.lnk
[2012.05.05 10:41:19 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.05.05 10:41:19 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.05.05 10:13:27 | 000,001,021 | ---- | M] () -- C:\Users\***\Desktop\TreeSize Free.lnk
[2012.05.03 23:57:16 | 000,002,194 | ---- | M] () -- C:\Windows\tasks\hpwebreg_CN0BQ236QB05JZ.job
[2012.04.29 12:20:04 | 000,000,853 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.05.24 19:31:23 | 000,302,592 | ---- | C] () -- C:\Users\***\Desktop\hee04u9t.exe
[2012.05.11 19:11:26 | 000,001,949 | ---- | C] () -- C:\Users\Public\Desktop\Secure Eraser.lnk
[2012.05.05 10:13:27 | 000,001,021 | ---- | C] () -- C:\Users\***\Desktop\TreeSize Free.lnk
[2012.01.28 16:17:50 | 000,000,064 | ---- | C] () -- C:\ProgramData\sandra.ldb
[2011.10.22 15:30:29 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2011.05.26 12:13:27 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2010.12.06 17:15:55 | 000,000,410 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2010.12.06 17:15:55 | 000,000,162 | ---- | C] () -- C:\Windows\brpcfx.ini
[2010.12.06 17:15:17 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010.12.06 17:15:17 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2010.12.06 17:10:46 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf08b.dat
[2010.12.06 17:06:47 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat
[2010.08.23 12:40:56 | 000,000,020 | ---- | C] () -- C:\Windows\Hposcv07.INI
[2010.06.25 10:07:02 | 000,000,110 | -H-- | C] () -- C:\ProgramData\obid31
[2010.06.25 10:02:44 | 000,000,016 | -H-- | C] () -- C:\ProgramData\obtf503
 
========== LOP Check ==========
 
[2009.12.03 11:35:58 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Amazon
[2012.05.11 19:11:29 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ASCOMP Software
[2009.11.25 16:08:21 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Avanquest
[2012.05.23 12:36:41 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\BullGuard
[2012.04.19 21:40:10 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\com.Rhapsody.Napster5
[2009.12.01 16:42:16 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\EndNote
[2009.12.07 19:38:39 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FileOpen
[2010.06.25 10:09:11 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\GraphPad Software
[2012.04.15 11:31:11 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\gtk-2.0
[2009.12.01 16:37:33 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ISI ResearchSoft
[2012.05.05 10:13:28 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\JAM Software
[2012.03.13 19:20:52 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenCandy
[2010.08.23 12:41:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Ordner HP Share-to-Web
[2010.12.10 11:33:19 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\PC-FAX TX
[2012.03.13 19:20:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\pdfforge
[2009.12.04 16:48:04 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\phonostar GmbH
[2009.12.04 16:29:47 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\streamripper
[2012.01.11 19:50:41 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\toolplugin
[2011.07.13 19:29:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Vodafone
[2012.05.26 16:38:35 | 000,032,626 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >

Code:

OTL Extras logfile created on: 26.05.2012 16:42:46 - Run 2
OTL by OldTimer - Version 3.2.43.1     Folder = C:\Users\***\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,91 Gb Available Physical Memory | 63,74% Memory free
6,19 Gb Paging File | 5,13 Gb Available in Paging File | 82,85% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 138,43 Gb Free Space | 59,44% Space Free | Partition Type: NTFS
Drive D: | 221,16 Gb Total Space | 119,14 Gb Free Space | 53,87% Space Free | Partition Type: NTFS
Drive E: | 439,89 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 465,76 Gb Total Space | 455,05 Gb Free Space | 97,70% Space Free | Partition Type: NTFS
Drive G: | 1,90 Gb Total Space | 1,09 Gb Free Space | 57,10% Space Free | Partition Type: FAT
 
Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft OfficeXp\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft OfficeXp\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLCblueray\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [MediaMonkey.1Play] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)
Directory [MediaMonkey.2PlayNext] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)
Directory [MediaMonkey.3Enqueue] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLCblueray\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00314F2A-E40A-4061-87F5-CE2FF1D99872}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{08988F40-DF08-44A5-B64A-85C4CA27078C}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{0F311C91-4EAC-4A53-B3DD-64B67F1CDD72}" = rport=445 | protocol=6 | dir=out | app=system | 
"{21982B59-3185-483E-9B3B-1DE1201C41D7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{24472726-077A-481D-B9F3-5CBE68B81589}" = lport=138 | protocol=17 | dir=in | app=system | 
"{39B62F5F-0BBC-444D-B60B-A129D94A2649}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{3C53F47E-AD5E-470C-91D7-5F8CD593CA93}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{49856363-5B4E-45BD-B934-56A1A1E4D4F9}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{60E20FA4-471F-493B-AC53-7EBC70497B8D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{61A3CB33-73B2-42CD-AD55-0F92A7D512CE}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{6227544C-3A9C-48D1-8E95-0DC08BA9026D}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{69C1105B-B2D2-4348-9E68-991EAB7808D9}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{6D115A2A-D13B-430B-8C09-0EFDD6CAAB9F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{8A010C35-ACAE-4CBB-A3EC-E55C042811BC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{8C3C01BA-7032-4CA8-938C-3FADB5995A39}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\rpcagentsrv.exe | 
"{A3035336-7A73-4F0C-BD03-E03647156D35}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{A95C92B4-1A6C-4AB0-A9B4-D9DEC7A60E21}" = rport=137 | protocol=17 | dir=out | app=system | 
"{AD2C0C0A-01A2-48F7-8419-7CDA655440F1}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{B8C47D09-9FE9-4093-A9C9-724A5EC5841D}" = lport=445 | protocol=6 | dir=in | app=system | 
"{C680A807-3466-42EE-A88B-AFB24A4DFDCE}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{C72E63FF-C52F-448E-878F-451ED3916170}" = lport=137 | protocol=17 | dir=in | app=system | 
"{C87BD488-31B4-476C-A773-0755D334339B}" = rport=139 | protocol=6 | dir=out | app=system | 
"{CD1283B9-6447-4A20-BF94-D271930AF98F}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 | 
"{D0531F20-AD3C-4D02-890C-B7DD44494710}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{D382D1FD-B4C1-4082-8862-32BCD31B07CE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{D43ED587-120B-4A1E-BC79-11388A3650B5}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{D4695925-1440-4497-AAA4-56AB48C146B0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{E9DC357D-9DF6-4E4B-838E-CEB7D4B5EA07}" = rport=138 | protocol=17 | dir=out | app=system | 
"{F436C566-AA9E-4C14-A01B-7ACD2D506BD6}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{F8DF85B2-EB8D-4FE9-B8D2-1D63203CF71D}" = lport=139 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{072B4045-623C-48E5-A7D6-DAB65CB2BE76}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{08A42082-FF43-4826-A31A-A59B61AB9FAE}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet 6500 e710a-f\bin\hpnetworkcommunicator.exe | 
"{0AEB36D3-C19C-455F-9A06-835C53C224B3}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet 6500 e710a-f\bin\hpnetworkcommunicator.exe | 
"{0F453290-670C-4DBC-8B04-74315407BA72}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet 6500 e710a-f\bin\devicesetup.exe | 
"{10422751-A2B5-401E-ADB4-40FF76DBDDC8}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd9.exe | 
"{1A782211-F135-49B3-B975-926CA5864872}" = dir=in | app=c:\program files\cyberlink\powerdvd11\powerdvd11.exe | 
"{225C00AE-1BFB-407D-9E90-905D01723B30}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{2732CF4D-CD62-4A99-AA4F-F74D4EBD77F6}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{2BFA74AB-3967-40D7-BF55-D8BFD53B8C4F}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe | 
"{2C9BC4DC-5763-49AD-8AC1-080E9C37EF1D}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{30F49C9E-FD9D-40D4-B6CA-F7489D8F9FD5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{3AEBAD32-3F28-481B-9A53-24771732FD6A}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{40A3B424-2CB9-41BC-A85B-0F3DABF2674B}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | 
"{410DDD05-8537-4C22-AC23-3B4B806EB11E}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{59407F72-ECB6-4070-8BB8-7B61BB47374A}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe | 
"{715EA083-68C8-4E5E-9CE3-83D5F05F8028}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{75BD6FCE-F412-4979-A36C-BE77C14433B0}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{80D7A3F0-C170-4D34-B66B-A75B03701099}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{89A89B76-8C53-4174-BEB1-662D74570C2F}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{97257A9E-B9FF-46BA-8165-BBCA5287718B}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{9D4F2DB8-9A10-4389-9129-05910538F54A}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\rpcagentsrv.exe | 
"{9EFE1365-79AA-48B5-8D06-E334089EE72E}" = dir=in | app=c:\program files\cyberlink\powerdvd11\common\mediaserver\clmsserverforpdvd11.exe | 
"{9F570117-2525-4AE7-9927-B3BC069EC6A7}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet 6500 e710a-f\bin\devicesetup.exe | 
"{A07D750D-641B-4AD0-9EFC-255728B56D0D}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{A2B83277-13C5-4810-BE3A-97F819BB10B8}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe | 
"{AAEC1112-DBB8-413B-B9CA-DE04D9F06A01}" = dir=in | app=c:\program files\cyberlink\powerdvd11\movie\powerdvd cinema\powerdvdcinema11.exe | 
"{B20F92DF-721B-42A0-A83F-D3E5EBD497C6}" = dir=in | app=c:\program files\cyberlink\powerdvd11\pdvd11serv.exe | 
"{C0077E66-9DA5-41BB-AA53-635DEEDB8195}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{D52EB0A4-6EB2-403C-A245-339415BE5262}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
"{E9C3C253-D212-40FC-884D-04B7CA9E2FCC}" = protocol=6 | dir=in | app=c:\program files\veetle\player\veetlenet.exe | 
"{ED51510F-53B3-452B-84C3-5275BD9299F1}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"TCP Query User{0B923A8C-5BC0-400E-90DC-4B29703A00AA}C:\users\***\appdata\local\radiosure\radiosure.exe" = protocol=6 | dir=in | app=c:\users\***\appdata\local\radiosure\radiosure.exe | 
"TCP Query User{36E5536E-CD2C-4474-B1F9-84B4031A0174}C:\program files\phonostar-player\phonostar.exe" = protocol=6 | dir=in | app=c:\program files\phonostar-player\phonostar.exe | 
"TCP Query User{45E9E4AA-03BF-4891-8B61-E6411E4B5917}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{5CBD3EB1-97CB-4E98-9227-A3B6C91AD461}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"TCP Query User{5D629FDB-23B0-427C-B520-D622676C8C29}C:\program files\phonostar-player\phonostar.exe" = protocol=6 | dir=in | app=c:\program files\phonostar-player\phonostar.exe | 
"TCP Query User{5EEBFFC4-C897-4D31-9F3E-96522A625A67}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{636E678C-F991-4D9D-A020-710B09233778}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"TCP Query User{751D1AFC-BAC0-4A6F-AA70-2F40970339E0}C:\program files\zattoo\zattood.exe" = protocol=6 | dir=in | app=c:\program files\zattoo\zattood.exe | 
"TCP Query User{AAFAAF42-C900-4E89-8DBA-5029F74D7C72}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{AB07017E-06EA-4B27-84C2-0CDB90D01EEB}C:\program files\napster\napster.exe" = protocol=6 | dir=in | app=c:\program files\napster\napster.exe | 
"TCP Query User{D1BDA1B4-7A6B-4C85-B65B-2E1FCD8C32C5}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"TCP Query User{D5EF1DC5-386E-43D0-A229-7239F988C984}C:\program files\napster\napster.exe" = protocol=6 | dir=in | app=c:\program files\napster\napster.exe | 
"TCP Query User{E452B15D-5D13-4CB9-84C5-EFC4D9C1BF9B}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"TCP Query User{F887FA42-BE85-4B99-A7C9-BDEB26FC52D3}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe | 
"UDP Query User{023EE6BC-E56A-487C-93F8-713B414F8B97}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"UDP Query User{05CA6B36-F35A-4529-AC63-ABEE008EDA55}C:\program files\phonostar-player\phonostar.exe" = protocol=17 | dir=in | app=c:\program files\phonostar-player\phonostar.exe | 
"UDP Query User{1188CCB1-97A3-4366-936C-ABDEB4A4AE6C}C:\program files\zattoo\zattood.exe" = protocol=17 | dir=in | app=c:\program files\zattoo\zattood.exe | 
"UDP Query User{14544B85-3676-4FF4-8641-7E7584768C14}C:\program files\napster\napster.exe" = protocol=17 | dir=in | app=c:\program files\napster\napster.exe | 
"UDP Query User{20449CDB-278E-45C5-B010-D1B31CF0C054}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{226843DE-23E4-4553-AC72-461023575057}C:\program files\phonostar-player\phonostar.exe" = protocol=17 | dir=in | app=c:\program files\phonostar-player\phonostar.exe | 
"UDP Query User{348FF0AD-641E-4BA2-A33A-592F9A5F4DC2}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe | 
"UDP Query User{38EB0727-1270-4997-9229-4CEAA7BE74A1}C:\users\***\appdata\local\radiosure\radiosure.exe" = protocol=17 | dir=in | app=c:\users\***\appdata\local\radiosure\radiosure.exe | 
"UDP Query User{6DAEB697-8627-4E10-94A9-7FDA9F8BA448}C:\program files\napster\napster.exe" = protocol=17 | dir=in | app=c:\program files\napster\napster.exe | 
"UDP Query User{781C8710-6AE4-4559-83FF-D3C3D3F87D73}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"UDP Query User{8398616B-67F4-48CA-86A9-783F6D81B276}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"UDP Query User{B8FDE6B0-4922-4F33-86BC-C20F58C70B22}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{C1F20795-F047-4755-8EEC-20A1957914FC}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"UDP Query User{E6AC3C4D-9A87-435E-8BE0-8BCBC4EF638E}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{005B94DC-2954-CC01-27C4-2D369D037EE0}" = CCC Help Polish
"{0138F525-6C8A-333F-A105-14AE030B9A54}" = Visual C++ 9.0 CRT (x86) WinSXS MSM
"{024AA2AC-FFA9-1806-6BB5-B7725E81B133}" = CCC Help Greek
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{067CA42C-B66D-9995-041D-39A998AC0DB9}" = CCC Help Japanese
"{078B7B83-4F8E-30F3-1F6C-27CB7A58B34F}" = CCC Help Portuguese
"{07AD1E36-8AF3-54AA-3ADF-757FF315BA0B}" = Catalyst Control Center Graphics Previews Vista
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{0849C3F0-2084-8CBF-3C7C-ADBBE2F4C885}" = Catalyst Control Center InstallProxy
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0C3D4387-58C3-03FA-9250-E80587ED1970}" = Catalyst Control Center Localization French
"{0C8EBB00-4909-459C-8347-B2068B7F0319}" = CyberLink DVD Menu Template Pack
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software  1.14.17.1
"{0EE024E4-7A22-5C59-CB86-D2163B4A5940}" = Catalyst Control Center Graphics Full Existing
"{0F3C61B5-3051-4DE6-8A6A-45100BCC1F41}" = Dolby Control Center
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{12E6E331-91E3-2964-5E42-FD5101EC1924}" = Skins
"{13303431-D0FE-AA95-BEBB-DD936E89129D}" = CCC Help French
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{179AF346-87A7-047D-3034-08D379B06512}" = Catalyst Control Center Localization Danish
"{180C2A98-E757-3FE1-9118-3106F696AD64}" = CCC Help Finnish
"{1821904F-DAD2-ADF5-8F1C-32AA87DA9099}" = CCC Help Thai
"{19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}" = CyberLink InstantBurn
"{1B003CCD-DD4C-C45A-5E64-CF2F677735E4}" = Catalyst Control Center Localization Hungarian
"{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}" = ASUS Data Security Manager
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20E2C98F-37F6-3AEE-3EEB-0817E40C1B5E}" = Catalyst Control Center Localization Thai
"{214B35FA-D554-BA98-C46D-8543CE723D59}" = Catalyst Control Center Localization Turkish
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23990464-BE2A-1041-2436-A9EA742B84D4}" = Catalyst Control Center Graphics Light
"{24638AD1-5F7E-9900-147E-B3EEA1B84EAE}" = Napster 5.0 Beta
"{2480C7AD-DD7D-26B4-E4A0-04CAC853ADAF}" = Catalyst Control Center Localization Greek
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{28F5F2A0-6A42-FB10-9468-8218592804A6}" = CCC Help Italian
"{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}" = CyberLink BD_3D Advisor 2.0
"{2F8C0EC4-ECCE-35D3-163D-B1BE983C902E}" = Catalyst Control Center Localization Japanese
"{308A38F5-3061-64FE-698C-9E30BE7AE7F4}" = Catalyst Control Center Localization Dutch
"{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}" = CyberLink WaveEditor
"{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{37B93E3B-991E-0E7E-DD8E-F5836622397F}" = ATI Catalyst Install Manager
"{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey
"{39758F7A-E763-917E-E7BE-081561D0D9AB}" = CCC Help Norwegian
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A08B59E-A9F0-4F4D-B7E5-6875D7F13327}" = Brother MFL-Pro Suite MFC-250C
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A608351-5980-4A47-AE08-3742C55B4016}" = Windows Live Family Safety
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{3B939E1F-6E91-D459-1876-685B0C152704}" = Catalyst Control Center Localization Swedish
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{47ECCB1F-2811-49C0-B6A7-26778639ABA0}" = 32 Bit HP CIO Components Installer
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4DD0A3FE-82C3-3DF4-019F-2F1F71032830}" = ccc-core-static
"{58C613C0-74A9-2753-FDDB-7E250DA1A775}" = CCC Help Chinese Standard
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{62CF8923-31DC-4285-A23C-17CE5AA6A679}" = Express Gate
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{64F12E84-C845-6131-ACC4-71E884E58D32}" = Catalyst Control Center Localization Italian
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Apple Application Support
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{6B8C292E-38D1-70BC-200B-08A855200B56}" = Catalyst Control Center Localization Chinese Traditional
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73E17E13-EE46-1D1A-7240-C9B17FA07A58}" = CCC Help Hungarian
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{7DE5AA66-A8CE-8689-2A1A-C7D679EDD038}" = CCC Help Chinese Traditional
"{804EC25F-031C-692F-9FEF-F9EC6E9A5BFF}" = CCC Help Swedish
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{88E9BEAC-B245-9C4E-C4F0-F5D8918CF8E8}" = CCC Help Czech
"{89B6F63A-7E0C-424A-9D39-C4EF59E96D78}" = hppQFolderP2050
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BCAC105-C501-41F9-AED1-587024ABCA8C}" = Reference Manager 12 Professional Edition
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{90F80407-6000-11D3-8CFE-0150048383C9}" = Tool zum Entfernen verborgener Daten
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{94F29521-B6BB-ADBF-183A-4DEFD1CB123A}" = Catalyst Control Center Localization Korean
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0120-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{958B08B0-C784-4A77-8D2B-C0A58F1E14B5}" = HP Officejet 6500 E710a-f Hilfe
"{96B51C0B-D3BE-4DF3-959C-28B22C10CFBB}" = Vodafone Mobile Connect Lite
"{976AF33B-E8BB-968F-D2E9-2956ECCDB695}" = Catalyst Control Center Localization Spanish
"{995F2783-8311-49BF-833E-DB659774B4F6}" = hppFonts
"{9A01320F-7C1D-8B61-B96D-6F62C0662B62}" = Catalyst Control Center Localization Norwegian
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear eXtreme
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C450606-ED24-4958-92BA-B8940C99D441}" = PixiePack Codec Pack
"{A13F629F-58F2-4820-81AC-356956B4AF08}" = CCC Help Danish
"{A5B8FB6E-2D93-EA96-41D2-0A8DE245463E}" = ccc-utility
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A8AE28A8-7A3C-DA73-B71B-F0E1E934184F}" = Catalyst Control Center Localization Portuguese
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = Mobile Partner Manager
"{AB3C268A-E54B-4F6D-BF97-2DFCEEFA94F5}" = Catalyst Control Center - Branding
"{AC18C2B2-32A3-1405-4404-7A299E804D53}" = Catalyst Control Center Localization Czech
"{AC76BA86-1033-F400-7760-000000000003}" = Adobe Acrobat 8 Professional - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch
"{ACA1C809-F50A-B6EA-B7AE-D1E46ABDDF15}" = Catalyst Control Center Graphics Previews Common
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = CyberLink PowerBackup
"{AF389D43-5DE7-39F6-947B-985F0F722E2F}" = CCC Help Spanish
"{AFE40488-240F-311D-65AB-C5081016DD5A}" = Catalyst Control Center Localization German
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B50A4BE8-906F-5E89-825D-7A194F77F915}" = Catalyst Control Center Localization Russian
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BD69DAB8-E483-4E45-A052-16D1C360B67D}" = hppusgP2050
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2296}_is1" = SiSoftware Sandra Lite 2010
"{C49EE0A6-96F1-D141-EFB8-525930D8E3F0}" = CCC Help Korean
"{C51975DE-6450-4B3A-908F-5CA91494B1D3}" = HP Officejet 6500 E710a-f - Grundlegende Software für das Gerät
"{C5245592-6EB6-9D13-55FE-D360A9F5CC97}" = CCC Help Turkish
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CDC072CD-AB8C-6958-DE84-6FA2236E973C}" = CCC Help German
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D2D58C26-6BF8-5203-340E-190CF5B7E23B}" = CCC Help Dutch
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D86BEAB5-9A12-E681-2B27-14F45D78439E}" = Catalyst Control Center Graphics Full New
"{DA41F9E9-B878-467F-95E7-27E4D1943533}" = Multimedia Card Reader
"{DB891739-2EB3-45A8-9CBD-941C255CECD4}" = ASUS Touch Pad Extra
"{DBBA3B20-3D85-6426-F00A-F8AFA81D581C}" = Catalyst Control Center Localization Polish
"{DC35EF73-C7BD-4452-A793-4269990E1EA3}" = Windows Live Movie Maker-Betaversion
"{DC905847-D537-427F-BF91-47CC7ACCDE58}" = ASUS FancyStart
"{DD2D3F4B-BF4F-85C9-1A0F-913D80407B2E}" = Catalyst Control Center Localization Finnish
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{E3455E2A-A26D-0632-D088-6ACC10C1F9F8}" = CCC Help English
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EDC08986-48D6-41aa-BCE1-F63FDB63CF6D}" = GraphPad Prism 5 (Trial)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F232C87C-6E92-4775-8210-DFE90B7777D9}" = CyberLink PowerDVD 11
"{F2724B69-2CAF-E4F8-A05D-82D858970092}" = Catalyst Control Center Localization Chinese Standard
"{F2C6DD1F-B4ED-A876-8B1D-293A1760C1F8}" = CCC Help Russian
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB0C267C-8B4F-4867-8161-A6A3B66D42C1}" = Marketsplash Schnellzugriffe
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FE875E53-A922-87D5-DF74-E030D41C54D7}" = Catalyst Control Center Core Implementation
"7-Zip" = 7-Zip 4.65
"Adobe Acrobat 8 Professional - English, Français, Deutsch" = Adobe Acrobat 8.1.3 Professional
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"Chromas" = Chromas
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.Rhapsody.Napster5" = Napster 5.0 Beta
"FreePDF_XP" = FreePDF (Remove only)
"GPL Ghostscript 8.70" = GPL Ghostscript 8.70
"GraphPad InStat_is1" = GraphPad InStat 3 (Trial)
"HP Fotodruck-Programm" = HP Fotodruck-Programm
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}" = CyberLink WaveEditor
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{ADD5DB49-72CF-11D8-9D75-000129760D75}" = CyberLink PowerBackup
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"InstallShield_{F232C87C-6E92-4775-8210-DFE90B7777D9}" = CyberLink PowerDVD 11
"ISI ResearchSoft - Export Helper" = ISI ResearchSoft - Export Helper
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"MediaMonkey_is1" = MediaMonkey 3.2
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 12.0 (x86 de)" = Mozilla Firefox 12.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"phonostar3RadioPlayer_is1" = phonostar-Player Version 3.02.5
"Picasa 3" = Picasa 3
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"Secure Eraser_is1" = Secure Eraser v4.0
"SopCast" = SopCast 3.5.0
"ST6UNST #1" = Langenscheidt Vokabeltrainer
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TreeSize Free_is1" = TreeSize Free V2.7
"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam
"USB Mass Storage Filter Driver" = Multimedia Card Reader
"Veetle TV" = Veetle TV
"VLC media player" = VLC media player 2.0.0-rc1-20120129-0209
"vShare.tv plugin" = vShare.tv plugin 1.3
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinLiveSuite_Wave3" = Windows Live Essentials
"Zattoo" = Zattoo 3.3.4 Beta
"Zattoo4" = Zattoo4 4.0.4
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 16.01.2012 17:42:08 | Computer Name = ***-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 17.01.2012 07:49:52 | Computer Name = ***-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
Error - 17.01.2012 16:03:36 | Computer Name = ***-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
Error - 18.01.2012 11:44:24 | Computer Name = ***-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
Error - 19.01.2012 15:55:35 | Computer Name = ***-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
Error - 20.01.2012 12:44:37 | Computer Name = ***-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
Error - 21.01.2012 05:04:14 | Computer Name = ***-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
Error - 21.01.2012 16:54:35 | Computer Name = ***-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 22.01.2012 04:16:13 | Computer Name = ***-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
Error - 23.01.2012 03:30:25 | Computer Name = ***-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
[ System Events ]
Error - 25.05.2012 08:37:47 | Computer Name = ***-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
Error - 25.05.2012 12:38:50 | Computer Name = ***-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 26.05.2012 04:50:31 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 26.05.2012 04:51:18 | Computer Name = ***-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
Error - 26.05.2012 07:32:38 | Computer Name = ***-PC | Source = Print | ID = 6161
Description = Das Dokument Windows Vista Viren? Dldr.small.ck; EXP/12-0507.AM.2 
... im Besitz von *** konnte nicht auf dem Drucker HP Officejet 6500 E710a-f
 gedruckt werden. Versuchen Sie erneut, das Dokument zu drucken, oder starten Sie
 den Druckspooler erneut.   Datentyp: NT EMF 1.008. Größe der Spooldatei in Bytes:
 264932. Anzahl der gedruckten Bytes: 165152. Gesamtanzahl der Seiten des Dokuments:
 2. Anzahl der gedruckten Seiten: 1. Clientcomputer: \\***-PC. Vom Druckprozessor
 zurückgegebener Win32-Fehlercode: 0. Der Vorgang wurde erfolgreich beendet.  
 
Error - 26.05.2012 07:35:42 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7034
Description = 
 
Error - 26.05.2012 07:41:14 | Computer Name = ***-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
Error - 26.05.2012 07:41:17 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 26.05.2012 10:41:16 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 26.05.2012 10:42:07 | Computer Name = ***-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
 
< End of report >

4. ccleaner Programmliste

Code:

7-Zip 4.65		28.11.2011	3,13MB	
Adobe Acrobat 8.1.3 Professional	Adobe Systems	28.11.2011	1.265MB	8.1.3
Adobe AIR	Adobe Systems Incorporated	18.04.2012		3.2.0.2070
Adobe Flash Player 10 ActiveX	Adobe Systems Incorporated	28.11.2011	2,95MB	10.0.32.18
Adobe Flash Player 11 Plugin	Adobe Systems Incorporated	04.05.2012		11.2.202.235
Adobe Media Player	Adobe Systems Incorporated	28.11.2011	2,95MB	1.1
Adobe Photoshop CS4	Adobe Systems Incorporated	28.11.2011		11.0
Adobe Reader X (10.1.1) - Deutsch	Adobe Systems Incorporated	25.10.2011	118,9MB	10.1.1
Amazon MP3-Downloader 1.0.9		13.01.2012	1,67MB	
Apple Application Support	Apple Inc.	19.08.2011	60,2MB	2.0.1
Apple Software Update	Apple Inc.	19.08.2011	2,38MB	2.1.3.127
ASUS CopyProtect	ASUS	10.04.2009	3,17MB	1.0.0007
ASUS Data Security Manager	ASUS	10.04.2009	11,3MB	1.00.0007
ASUS FancyStart	ASUSTeK Computer Inc.	10.04.2009	10,6MB	1.0.1
ASUS LifeFrame3	ASUS	10.04.2009	30,7MB	3.0.10
ASUS Live Update	ASUS	28.11.2011	0,46MB	2.5.6
ASUS Power4Gear eXtreme	ASUS	10.04.2009	7,14MB	1.0.19
ASUS SmartLogon	ASUS	10.04.2009	10,7MB	1.0.0006
ASUS Splendid Video Enhancement Technology	ASUS	10.04.2009	25,0MB	1.02.0021
ASUS Touch Pad Extra		28.11.2011	0,78MB	
Asus_Camera_ScreenSaver	ASUS	28.11.2011		2.0.0008
ATI Catalyst Install Manager	ATI Technologies, Inc.	10.04.2009	13,7MB	3.0.699.0
ATK Generic Function Service	ATK	10.04.2009	0,45MB	1.00.0008
ATK Hotkey	ATK	10.04.2009	6,07MB	1.00.0034
ATK Media	ASUS	10.04.2009	0,18MB	2.0.0000
ATKOSD2	ASUS	10.04.2009	7,28MB	7.0.0001
Avira AntiVir Personal - Free Antivirus	Avira GmbH	13.02.2012	77,8MB	10.2.0.707
Brother MFL-Pro Suite MFC-250C	Brother Industries, Ltd.	05.12.2010	3,79MB	1.1.8.0
CCleaner	Piriform	23.05.2012	2,73MB	3.18
Chromas		28.11.2011	0,74MB	
Compatibility Pack für 2007 Office System	Microsoft Corporation	20.05.2012		12.0.6612.1000
CyberLink BD_3D Advisor 2.0	CyberLink Corp.	27.01.2012	5,85MB	2.0.4606
CyberLink DVD Menu Template Pack	CyberLink Corp.	28.11.2011	389MB	2.0
CyberLink InstantBurn	CyberLink Corp.	28.11.2011	15,3MB	5.0.5509b
CyberLink LabelPrint	CyberLink Corp.	28.11.2011	86,4MB	2.0.2908
CyberLink Media Suite	CyberLink Corp.	28.11.2011	36,8MB	8.0.1126
CyberLink MediaShow	CyberLink Corp.	28.11.2011	262MB	5.0.1130a
CyberLink PhotoNow	CyberLink Corp.	28.11.2011	21,0MB	1.1.6904
CyberLink Power2Go	CyberLink Corp.	30.10.2011	122,2MB	6.0.1924
CyberLink PowerBackup	CyberLink Corp.	28.11.2011	38,5MB	2.6.1120
CyberLink PowerDVD 11	CyberLink Corp.	03.12.2011	248MB	11.0.2218.53
CyberLink PowerDVD 9	CyberLink Corp.	28.11.2011	215MB	9.0.4105.01
CyberLink PowerDVD Copy	CyberLink Corp.	28.11.2011	30,3MB	1.5.1120a
CyberLink PowerProducer	CyberLink Corp.	28.11.2011	152,3MB	5.0.2.2403
CyberLink WaveEditor	CyberLink Corp.	28.11.2011	24,4MB	1.0.1126
Dolby Control Center	Dolby	10.04.2009	75,5MB	1.2.0704
Express Gate	DeviceVM, Inc.	10.04.2009	745MB	1.0.3.2
FreePDF (Remove only)		28.11.2011	3,44MB	
GIMP 2.6.7		18.11.2009	38,1MB	
Google Earth Plug-in	Google	19.04.2012	48,8MB	6.2.2.6613
GPL Ghostscript 8.70		28.11.2011	22,9MB	
GraphPad InStat 3 (Trial)	GraphPad Software	24.06.2010	2,20MB	
GraphPad Prism 5 (Trial)	GraphPad Software	24.06.2010	44,1MB	5.03
HiJackThis	Trend Micro	22.10.2011	0,36MB	1.0.0
HP Customer Participation Program 10.0	HP	28.11.2011	28,5MB	10.0
HP Fotodruck-Programm		28.11.2011		
HP Officejet 6500 E710a-f - Grundlegende Software für das Gerät	Hewlett-Packard Co.	17.06.2011	143,3MB	22.0.334.0
HP Officejet 6500 E710a-f Hilfe	Hewlett Packard	17.06.2011	26,2MB	140.0.2.2
HP Update	Hewlett-Packard	17.06.2011	2,97MB	5.002.005.003
I.R.I.S. OCR	HP	17.06.2011	70,8MB	12.3.4
ISI ResearchSoft - Export Helper		28.11.2011		
Java(TM) 6 Update 31	Oracle	23.03.2012	95,1MB	6.0.310
Langenscheidt Vokabeltrainer		28.11.2011	348MB	
LightScribe System Software  1.14.17.1	LightScribe	10.04.2009	21,0MB	1.14.17.1
Malwarebytes Anti-Malware Version 1.61.0.1400	Malwarebytes Corporation	18.04.2012	6,76MB	1.61.0.1400
Marketsplash Schnellzugriffe	Hewlett-Packard	17.06.2011	0,29MB	1.0.0.9
MediaMonkey 3.2	Ventis Media Inc.	27.11.2009	32,2MB	3.2
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU	Microsoft Corporation	28.11.2011	37,0MB	
Microsoft .NET Framework 3.5 SP1	Microsoft Corporation	28.11.2011	37,0MB	
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	28.11.2011	120,3MB	4.0.30319
Microsoft Office File Validation Add-In	Microsoft Corporation	25.10.2011	7,92MB	14.0.5130.5003
Microsoft Office Live Add-in 1.5	Microsoft Corporation	25.05.2010	0,49MB	2.0.4024.1
Microsoft Office Outlook Connector	Microsoft Corporation	17.11.2009	6,14MB	12.0.6414.1000
Microsoft Office Professional Edition 2003	Microsoft Corporation	20.05.2012		11.0.8173.0
Microsoft Office XP Professional mit FrontPage	Microsoft Corporation	18.08.2011		10.0.6626.0
Microsoft Silverlight	Microsoft Corporation	20.05.2012		5.1.10411.0
Microsoft SQL Server 2005 Compact Edition [ENU]	Microsoft Corporation	17.11.2009	1,74MB	3.1.0000
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053	Microsoft Corporation	17.11.2009	0,25MB	8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	18.08.2011	0,29MB	8.0.59193
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148	Microsoft Corporation	17.11.2009	0,19MB	9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570	Microsoft Corporation	25.05.2011	0,58MB	9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17	Microsoft Corporation	17.11.2009	0,58MB	9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161	Microsoft Corporation	18.08.2011	0,58MB	9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219	Microsoft Corporation	21.03.2012	11,1MB	10.0.40219
Mobile Partner Manager	ZTE Corporation	04.06.2011	30,6MB	1.0.0.1
Mozilla Firefox 12.0 (x86 de)	Mozilla	28.04.2012	39,9MB	12.0
Mozilla Maintenance Service	Mozilla	28.04.2012	0,21MB	12.0
MSXML 4.0 SP2 (KB954430)	Microsoft Corporation	18.11.2009	1,28MB	4.20.9870.0
MSXML 4.0 SP2 (KB973688)	Microsoft Corporation	24.11.2009	1,34MB	4.20.9876.0
Multimedia Card Reader	 	10.04.2009	0,17MB	1.01.0000.00
Napster 5.0 Beta	Rhapsody International Inc	07.05.2012	9,22MB	1.0.32
PDFCreator	Frank Heindörfer, Philip Chinery	12.03.2012	21,4MB	1.3.0
phonostar-Player Version 3.02.5		16.03.2012	31,0MB	
Picasa 3	Google, Inc.	28.11.2011	54,8MB	3.8
PixiePack Codec Pack	None	05.01.2010	16,4MB	1.1.400.0
QuickTime	Apple Inc.	19.08.2011	73,0MB	7.70.80.34
Realtek High Definition Audio Driver	Realtek Semiconductor Corp.	10.04.2009	22,1MB	6.0.1.5667
RedMon - Redirection Port Monitor		28.11.2011		
Reference Manager 12 Professional Edition	Thomson Reuters	30.11.2009		12.0.2.2703
Secure Eraser v4.0	ASCOMP Software GmbH	10.05.2012	10,6MB	
SiSoftware Sandra Lite 2010	SiSoftware	18.12.2009	67,0MB	16.11.2010.1
SopCast 3.5.0	www.sopcast.com	12.03.2012	9,14MB	3.5.0
Synaptics Pointing Device Driver	Synaptics	28.11.2011	13,7MB	10.1.8.0
Tool zum Entfernen verborgener Daten	Microsoft Corporation	06.01.2010	0,43MB	11.0.6361.0
TreeSize Free V2.7	JAM Software	04.05.2012	4,02MB	2.7
USB 2.0 1.3M UVC WebCam		28.11.2011		
Veetle TV	Veetle, Inc	10.05.2012	11,1MB	0.9.19
VLC media player 2.0.0-rc1-20120129-0209	VideoLAN	28.01.2012	73,1MB	2.0.0-rc1-20120129-0209
Vodafone Mobile Connect Lite	Vodafone	12.07.2011	32,4MB	9.4.4.17702
vShare.tv plugin 1.3	vShare.tv, Inc.	28.11.2011	0,58MB	1.3
Windows Live Essentials	Microsoft Corporation	28.11.2011	152,4MB	14.0.8050.1202
Windows Live ID-Anmelde-Assistent	Microsoft Corporation	25.05.2010	4,69MB	6.500.3165.0
Windows Live Sync	Microsoft Corporation	17.11.2009	2,80MB	14.0.8050.1202
Windows Live-Uploadtool	Microsoft Corporation	17.11.2009	0,22MB	14.0.8014.1029
Windows Media Player Firefox Plugin	Microsoft Corp	01.12.2009	0,29MB	1.0.0.8
WinFlash		28.11.2011	1,37MB	
Wireless Console 2	ATK	10.04.2009	2,12MB	2.0.10
Zattoo 3.3.4 Beta	Zattoo Inc.	28.11.2011	17,9MB	3.3.4 Beta
Zattoo4 4.0.4	Zattoo Inc.	28.11.2011	40,2MB	4.0.4

Gruß

[kira]

Systemreinigung und Prüfung:

1.
kannst löschen:

Code:

C:\Windows\tasks\hpwebreg_CN0BQ236QB05JZ.job

Windows Hilfe -> "Taskplaner" eingeben...
oder
um die Aufgabenplanung zu starten:
"Programme" -> "Zubehör" -> "Systemprogramme"
Alternativ auch [Win]+[R] drücken und den Befehl taskschd.msc eingeben
-> http://www.winfaq.de/faq_html/Conten...?h=tip2548.htm

2.

Achtung wichtig!:
Falls Du selber im Logfile Änderungen vorgenommen hast, musst Du durch die Originalbezeichnung ersetzen und so in Script einfügen! sonst funktioniert nicht!
(Benutzerordner, dein Name oder sonstige Änderungen durch X, Stern oder andere Namen ersetzt)

Fixen mit OTL

• Starte die OTL.exe.
• Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
• Kopiere folgendes Skript (unverändert inkl. :OTL):

Code:

:OTL


:Files
C:\Users\***\AppData\Roaming\BullGuard
ipconfig /flushdns /c

:Commands
[purity]
[emptytemp]

• und füge es hier ein:
• Schließe alle Programme.
• Klicke auf den Fix Button.
• Klick auf .
• OTL verlangt einen Neustart. Bitte zulassen.
• Nach dem Neustart findest Du ein Textdokument.
  Kopiere den Inhalt hier in Code-Tags in Deinen Thread.

3.
Öffne CCleaner - Anleitung CCleaner

• "Cleaner"->"Analysieren"->Klick auf den Button "Start CCleaner"
• "Registry""Fehler suchen"-> "Fehler beheben"->"Alle beheben"
• Starte dein System neu auf

4.
Tipps (unabhängig davon ob man ihn benutzt oder nicht, muss gepfegt werden!):
->Tipps zu Internet Explorer
-> Standard Suchmaschine des Explorers ändern
-> Wie kann ich den Cache im Internet Explorer leeren?

5.
Systemreinigung und Prüfung:
Anleitung:-> Grundreinigung mit SUPERAntiSpyware
Achte darauf, eventuell angebotene Toolbar nicht mitzuinstallieren, also während der Installation den Haken bei der Toolbar (falls nötig), entfernen.

6.
♦ Schon seit langem gehört "Worm.Win32.Autorun" zu den beliebtesten Verbreitungswegen von Viren, sollte man daher, die auf dem Speichermedium gesicherten Daten (wie USB-Stick/Festplatte und andere) zeitweise prüfen lassen
-> Ext anschließbare Geräte (um die gesicherten Daten zu prüfen) miteinbeziehen:
♦ Also schließe jetzt alle externe Datenträgeran Deinen Rechner an, dabei die Hochstell-Taste [Shift-Taste] gedrückt halten, damit die Autorun-Funktion nicht ausgeführt wird. (So verhindest Du die Ausführung der AUTORUN-Funktion) - Man kann die AUTORUN-Funktion aber auch generell abschalten.►Anleitung

7.
ESET Online Scanner
Prüfe Deinen Rechner jetzt, auf Viren, Trojaner, Würmer und anderen Schadcode, mit dem kostenlosen Online Virenscanner von Eset:

Achtung!:
Keinen andere Virenscanner auf Deinem PC installieren, sondern dein PC NUR online scannen!!!
♦ Prüfe Deinen Rechner jetzt, auf Viren, Trojaner, Würmer und anderen Schadcode, mit dem kostenlosen Online Virenscanner von:

► Eset/Nod32 bitte auswählen!!!-> Link und Anleitung zum ESET/NOD32 online Scanner-> Kostenlose Online Scanner

♦ Speichere und Poste bitte das Protokoll

8.
erneut einen Scan mit OTL: - ältere Logdateien löschen!

• Doppelklick auf die OTL.exe
• Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
• Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
• Unter Extra Registry, wähle bitte Use SafeList
• Klicke nun auf Run Scan links oben
• Wenn der Scan beendet wurde werden 2 Logfiles erstellt - OTL.txt und extra.txt
• Poste die Logfiles in Code-Tags hier in den Thread.

► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?

[siddharta01]

Ich habe bei der Entfernung der autorun.inf Dateien Schwierigkeiten gehabt: Flasdisinfector lief nicht- kann es sein, dass
das unter Vista nicht läuft? auch tweakui lief nicht. Habe nach allen autoruns gesucht und im editor geöffnet. Da ich nicht
genau wusste, was Verweise auf VBS sind und wie die aussehen, habe ich erst einmal keine autorun.inf gelöscht. Der Avira-guard
meckert auch immer noch über eine autorun.inf meiner neuen externen Festplatte.

Bei dem scan
mit eset war es komisch, dass die log-datei schon ca. 2 h vor dem Ende des scans erstellt wurde (konnte man an den Eigenschaften
der log-datei erkennen). Mein Rechner läuft ansonsten einwandfrei.

Hier die Ergebnisse der scans:

otl fix:

Code:

:OTL


:Files
C:\Users\***\AppData\Roaming\BullGuard
ipconfig /flushdns /c

:Commands
[purity]
[emptytemp]

2. superantispyware:

Code:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 05/27/2012 at 04:54 PM

Application Version : 5.0.1150

Core Rules Database Version : 8650
Trace Rules Database Version: 6462

Scan type       : Complete Scan
Total Scan Time : 01:41:48

Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Administrator

Memory items scanned      : 857
Memory threats detected   : 0
Registry items scanned    : 35441
Registry threats detected : 0
File items scanned        : 70800
File threats detected     : 492

Adware.Tracking Cookie
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\GQ7EOC94.txt [ /zanox.com ]
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\OS7ZR6MT.txt [ /112.2o7.net ]
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\9M238TRL.txt [ /dyntracker.com ]
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\GGVF1O2Q.txt [ /ru4.com ]
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\TFSGZFDK.txt [ /account.napster.de ]
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Z5FL6WDI.txt [ /tracking.quisma.com ]
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\E9VMM25O.txt [ /ads.adk2.com ]
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\CRENQPVY.txt [ /pro-market.net ]
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\0DG02UWX.txt [ /ad.zanox.com ]
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\NYNNN7NM.txt [ /invitemedia.com ]
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\0QVXVWEH.txt [ /ad.yieldmanager.com ]
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\UZ1C94AP.txt [ /smartadserver.com ]
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\GWSUIWHL.txt [ /adbrite.com ]
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\AMW0HPKK.txt [ /tribalfusion.com ]
	C:\USERS\***\Cookies\GQ7EOC94.txt [ Cookie:***@zanox.com/ ]
	C:\USERS\***\Cookies\OS7ZR6MT.txt [ Cookie:***@112.2o7.net/ ]
	C:\USERS\***\Cookies\9M238TRL.txt [ Cookie:***@dyntracker.com/ ]
	C:\USERS\***\Cookies\GGVF1O2Q.txt [ Cookie:***@ru4.com/ ]
	C:\USERS\***\Cookies\TFSGZFDK.txt [ Cookie:***@account.napster.de/ ]
	C:\USERS\***\Cookies\Z5FL6WDI.txt [ Cookie:***@tracking.quisma.com/ ]
	C:\USERS\***\Cookies\NYNNN7NM.txt [ Cookie:***@invitemedia.com/ ]
	C:\USERS\***\Cookies\0QVXVWEH.txt [ Cookie:***@ad.yieldmanager.com/ ]
	C:\USERS\***\Cookies\UZ1C94AP.txt [ Cookie:***@smartadserver.com/ ]
	C:\USERS\***\Cookies\AMW0HPKK.txt [ Cookie:***@tribalfusion.com/ ]
	.serving-sys.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.amazon-adsystem.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.amazon-adsystem.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.specificclick.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.stepstone.112.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.a.revenuemax.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.imrworldwide.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.imrworldwide.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	eas.apm.emediate.eu [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.im.banner.t-online.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.xiti.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.rambler.ru [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.histats.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.histats.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.ru4.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.ero-advertising.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	tracking.sim-technik.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	eas.apm.emediate.eu [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.ero-advertising.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	de.sitestat.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	de.sitestat.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.technoratimedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.technoratimedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	7.rotator.wigetmedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.liveperson.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.ad.adnet.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.gostats.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	fr.sitestat.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	fr.sitestat.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	tracking.klicktel.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	www.mediatum.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.ero-advertising.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.yadro.ru [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.deutschepostag.112.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.banners.victor.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.clicksor.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.clicksor.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.traffictrack.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	ad.adition.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	ad.adition.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	nl.sitestat.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	nl.sitestat.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.overture.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.pfizer.122.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	track.effiliation.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.hightraffic.hugoboss.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.kontera.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.accounts.google.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.accounts.google.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	dc.tremormedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	rts.pgmediaserve.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	rts.pgmediaserve.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	rts.pgmediaserve.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.bwincom.122.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.skydeutschland.122.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	adx.chip.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.ero-advertising.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.cpvadverts.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.cpvadverts.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.businessenhanced.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.businessenhanced.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.myroitracking.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.clicksor.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.clicksor.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.ero-advertising.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.ero-advertising.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.unister-adservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.unister-adservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.unister-adservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.unister-adservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.unister-adservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	track.effiliation.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	server.adformdsp.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adformdsp.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adform.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	de.sitestat.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.guj.122.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	gulfnews.advertserve.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	tracker.softgarden.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.bettercareersearch.dl.mywebsearch.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.utilitychest.dl.mywebsearch.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.mywebsearch.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	de.sitestat.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adinterax.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adinterax.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.olympiaverlag.122.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.ad.adnet.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	eas.apm.emediate.eu [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	eas.apm.emediate.eu [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.track.senzapudore.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	stat.easydate.biz [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	stat.ed.cupidplc.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	tracker.bmtsystem.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.im.banner.t-online.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.realmedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.realmedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.interclick.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.interclick.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adxpose.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.xm.xtendmedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	track.adform.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	7.rotator.wigetmedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.account.frogster-online.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.www.mobildiscounter.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.tradetracker.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	media.neodau.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	media.neodau.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	media.neodau.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	track.adcocktail.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.www.media970.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	edates.traffective-tracking.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	edates.traffective-tracking.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	edates.traffective-tracking.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.de.partypoker.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	de.partypoker.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	ads2.bartime.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adserver.adtechus.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.ru4.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.pro-market.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.pro-market.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	ww251.smartadserver.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.im.banner.t-online.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	ad.zanox.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.uk.at.atwola.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.ar.atwola.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.legolas-media.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.legolas-media.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.tacoda.at.atwola.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.revenuemantra.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.s.clickability.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.track.senzapudore.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.track.senzapudore.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.tacoda.at.atwola.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.yieldmanager.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.s.clickability.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.newsquestdigitalmedia.122.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.torstardigital.122.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.ads.pointroll.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.pointroll.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.tacoda.at.atwola.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.ads.pointroll.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.pointroll.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.ads.pointroll.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.ads.pointroll.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.ads.pointroll.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.ads.pointroll.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.ads.pointroll.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.ads.pointroll.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.at.atwola.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.tacoda.at.atwola.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.tacoda.at.atwola.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.tacoda.at.atwola.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.at.atwola.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.legolas-media.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.legolas-media.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.overture.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.im.banner.t-online.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.getclicky.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.static.getclicky.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	in.getclicky.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	ad.dyntracker.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	tomtailor.dyntracker.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	e2.emediate.se [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.tracking.mindshare.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	ad.dyntracker.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.dennispublishing.112.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	accounts.google.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.vogelservices.122.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.content.yieldmanager.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	adx.chip.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	server.adform.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	adx2.chip.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	adx.chip.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	adx.chip.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	adx.chip.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	counters.gigya.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.bizrate.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.bizrate.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.bizrate.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.bizrate.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.bizrate.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	clicks.pangora.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	clicks.pangora.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	clicks.pangora.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	clicks.pangora.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	clicks.pangora.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	www.zanox-affiliate.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.bizrate.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.bizrate.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.bizrate.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.e-2dj6wjmikidzgco.stats.esomniture.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.overture.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.overture.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	stat.dealtime.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.dealtime.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.nextag.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.nextag.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	ad.adserver01.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	ad.adserver01.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	partners.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	eas.apm.emediate.eu [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	partners.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.mm.chitika.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	www.counter-gratis.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	s06.flagcounter.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	www.active-tracking.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	www.active-tracking.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	www.active-tracking.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	server.adform.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.bs.serving-sys.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.bs.serving-sys.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	www.blogcounter.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.tribalfusion.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	adserver.doccheck.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	eas.apm.emediate.eu [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.clickfuse.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.clickfuse.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.im.banner.t-online.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.im.banner.t-online.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.im.banner.t-online.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.wysistat.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.blogads.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.blogads.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	ad4.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.lucidmedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.questionmarket.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	www.netdebit-counter.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	ad.dyntracker.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.zanox-affiliate.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	ad.dyntracker.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	www.zanox-affiliate.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	ad2.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.ad.adnet.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.zanox.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	ad.dyntracker.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	ad.zanox.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	ad1.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	ad3.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.clickfuse.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	track.adform.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adform.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adform.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	ww251.smartadserver.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.im.banner.t-online.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\*** STANDARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4BU58QIR.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\*** STANDARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4BU58QIR.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\*** STANDARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4BU58QIR.DEFAULT\COOKIES.SQLITE ]
	ad2.adfarm1.adition.com [ C:\USERS\*** STANDARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4BU58QIR.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\*** STANDARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4BU58QIR.DEFAULT\COOKIES.SQLITE ]
	.pro-market.net [ C:\USERS\*** STANDARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4BU58QIR.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\*** STANDARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4BU58QIR.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\*** STANDARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4BU58QIR.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\*** STANDARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4BU58QIR.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\*** STANDARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4BU58QIR.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\*** STANDARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4BU58QIR.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\*** STANDARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4BU58QIR.DEFAULT\COOKIES.SQLITE ]
	rts.pgmediaserve.com [ C:\USERS\*** STANDARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4BU58QIR.DEFAULT\COOKIES.SQLITE ]
	rts.pgmediaserve.com [ C:\USERS\*** STANDARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4BU58QIR.DEFAULT\COOKIES.SQLITE ]
	rts.pgmediaserve.com [ C:\USERS\*** STANDARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4BU58QIR.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\*** STANDARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4BU58QIR.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\*** STANDARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4BU58QIR.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\*** STANDARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4BU58QIR.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\*** STANDARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4BU58QIR.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\*** STANDARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4BU58QIR.DEFAULT\COOKIES.SQLITE ]
	.de.partypoker.com [ C:\USERS\*** STANDARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4BU58QIR.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\*** STANDARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4BU58QIR.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\*** STANDARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4BU58QIR.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\*** STANDARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4BU58QIR.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\*** STANDARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4BU58QIR.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\*** STANDARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4BU58QIR.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\*** STANDARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4BU58QIR.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\*** STANDARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4BU58QIR.DEFAULT\COOKIES.SQLITE ]
	ad4.adfarm1.adition.com [ C:\USERS\*** STANDARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4BU58QIR.DEFAULT\COOKIES.SQLITE ]
	.rambler.ru [ C:\USERS\*** STANDARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4BU58QIR.DEFAULT\COOKIES.SQLITE ]
	.yadro.ru [ C:\USERS\*** STANDARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4BU58QIR.DEFAULT\COOKIES.SQLITE ]
	ad3.bannerbank.ru [ C:\USERS\*** STANDARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4BU58QIR.DEFAULT\COOKIES.SQLITE ]
	.rambler.ru [ C:\USERS\*** STANDARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4BU58QIR.DEFAULT\COOKIES.SQLITE ]

3. eset: Dieses log-file wurde ca. 2 h erstellt, bevor der scanner fertig war. Da scheint also irgendwas nicht zu stimmen, oder?
In der Quarantäne waren aber ca. 8 Dateien verschoben.

Code:

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK

4. otl:

Code:

OTL logfile created on: 28.05.2012 12:19:16 - Run 3
OTL by OldTimer - Version 3.2.43.1     Folder = C:\Users\***\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,01 Gb Available Physical Memory | 66,91% Memory free
6,20 Gb Paging File | 4,84 Gb Available in Paging File | 78,05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 136,68 Gb Free Space | 58,69% Space Free | Partition Type: NTFS
Drive D: | 221,16 Gb Total Space | 119,14 Gb Free Space | 53,87% Space Free | Partition Type: NTFS
Drive E: | 439,89 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 465,76 Gb Total Space | 455,05 Gb Free Space | 97,70% Space Free | Partition Type: NTFS
Drive G: | 1,90 Gb Total Space | 1,09 Gb Free Space | 57,10% Space Free | Partition Type: FAT
Drive H: | 3,68 Gb Total Space | 3,62 Gb Free Space | 98,29% Space Free | Partition Type: FAT32
 
Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\***\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
PRC - C:\Program Files\phonostar-Player\phonostarTimer.exe ()
PRC - C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe (CyberLink)
PRC - C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe (CyberLink)
PRC - C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe ()
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Mobile Partner Manager\AssistantServices.exe ()
PRC - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
PRC - C:\Windows\ASScrPro.exe ()
PRC - C:\Windows\System32\wercon.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\ASUS\SmartLogon\sensorsrv.exe (ASUS)
PRC - C:\ASUS.SYS\DVMExportService.exe (DeviceVM)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files\P4G\BatteryLife.exe (ATK)
PRC - C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe (ASUS)
PRC - C:\Program Files\ASUS\Splendid\ACMON.exe (ATK)
PRC - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files\ATK Hotkey\Hcontrol.exe (ATK0100)
PRC - C:\Program Files\ATK Hotkey\WDC.exe ()
PRC - C:\Program Files\ATK Hotkey\HControlUser.exe ()
PRC - C:\Program Files\ATK Hotkey\ATKOSD.exe ()
PRC - C:\Program Files\ASUS\ASUS Live Update\ALU.exe ()
PRC - C:\Program Files\ATK Hotkey\MsgTranAgt.exe ()
PRC - C:\Windows\System32\ASUSTPE.exe (ASUS)
PRC - C:\Program Files\ATK Hotkey\ASLDRSrv.exe ()
PRC - C:\Program Files\ATK Hotkey\KBFiltr.exe ()
PRC - C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
PRC - C:\Program Files\Wireless Console 2\wcourier.exe ()
PRC - C:\Windows\System32\ACEngSvr.exe (ASUSTeK)
PRC - C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll ()
MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll ()
MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL ()
MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ef684a2ee2f7276eec3973a0654d2bd4\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\1b337cf9a031145849bc48c11b2cfe58\Accessibility.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e4d54640bacd18e047a4573cb4611bd3\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5d8696f15e49aedf883dd945806a7049\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll ()
MOD - C:\Program Files\phonostar-Player\phonostarTimer.exe ()
MOD - C:\Program Files\ASCOMP Software\Secure Eraser\SecEraser32.dll ()
MOD - C:\Windows\ASScrPro.exe ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3219.36943__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3219.37086__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3219.36921__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3219.36946__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3219.37053__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3219.37023__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3219.36938__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3219.36998__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3219.36931__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3219.37088__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3219.36930__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3219.37031__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3219.37085__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3219.37032__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3219.37030__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3219.37084__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3219.37002__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3219.36933__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3219.36948__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3219.36993__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3219.37044__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3219.37021__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3219.36954__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3219.36947__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3219.37017__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3219.37001__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3219.36998__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3219.36953__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3219.37016__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3219.37020__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3219.37000__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3219.37000__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3184.27483__90ba9c70f846762e\LOG.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3184.27484__90ba9c70f846762e\NEWAEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3184.27511__90ba9c70f846762e\DEM.OS.I0602.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3184.27499__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3184.27491__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3184.27510__90ba9c70f846762e\MOM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3184.27511__90ba9c70f846762e\DEM.OS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3184.27506__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3184.27533__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3184.27509__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3184.27533__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3184.27520__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3184.27501__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3184.27485__90ba9c70f846762e\CLI.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3184.27520__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3184.27518__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3184.27517__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3184.27528__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3184.27520__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3184.27509__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3184.27567__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3184.27527__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3184.27516__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3184.27513__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3184.27519__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3184.27503__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3184.27499__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3184.27492__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3184.27514__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3184.27512__90ba9c70f846762e\DEM.Graphics.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3184.27498__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3184.27515__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3184.27513__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3184.27518__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3184.27510__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3184.27508__90ba9c70f846762e\APM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3184.27499__90ba9c70f846762e\AEM.Server.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3219.37103__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll ()
MOD - C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.3219.37116__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3219.36917__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.3219.37066_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.resources\2.0.3219.36926_de_90ba9c70f846762e\CLI.Component.Dashboard.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3219.36926__90ba9c70f846762e\CLI.Component.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3219.37066__90ba9c70f846762e\CLI.Component.Systemtray.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3219.36937__90ba9c70f846762e\CLI.Component.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3219.37076__90ba9c70f846762e\MOM.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3219.36918__90ba9c70f846762e\CLI.Component.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3219.37072__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3219.36920__90ba9c70f846762e\CLI.Component.SkinFactory.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3184.27505__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3184.27488__90ba9c70f846762e\CLI.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3184.27496__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3184.27493__90ba9c70f846762e\LOG.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3184.27504__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3184.27510__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3184.27504__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.3184.27488__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3219.36919__90ba9c70f846762e\ATIDEMOS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3219.36914__90ba9c70f846762e\APM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3219.36916__90ba9c70f846762e\AEM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3219.37075__90ba9c70f846762e\CCC.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3184.27521__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\System32\atitmmxx.dll ()
MOD - C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll ()
MOD - C:\Program Files\ATK Hotkey\HControlUser.exe ()
MOD - C:\Program Files\ASUS\ASUS Live Update\ALU.exe ()
MOD - C:\Program Files\ATK Hotkey\MsgTran.dll ()
MOD - C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll ()
MOD - C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll ()
MOD - C:\Program Files\Hewlett-Packard\HP Share-to-Web\HPGS2WNFPS.DLL ()
MOD - C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (CyberLink PowerDVD 11.0 Service) -- C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe (CyberLink)
SRV - (CyberLink PowerDVD 11.0 Monitor Service) -- C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe (CyberLink)
SRV - (CLHNServiceForPowerDVD) -- C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe ()
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (UI Assistant Service) -- C:\Program Files\Mobile Partner Manager\AssistantServices.exe ()
SRV - (VMCService) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
SRV - (SandraAgentSrv) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010\RpcAgentSrv.exe (SiSoftware)
SRV - (MDES) -- C:\ASUS.SYS\DVMExportService.exe (DeviceVM)
SRV - (ADSMService) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ASUSTek Computer Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (ASLDRService) -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe ()
SRV - (ATKGFNEXSrv) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
SRV - (RMWPService) -- C:\Program Files\Reference Manager 12\WebPublisher\thirdparty\Apache2\bin\RMWP_Apache_Admin.exe (Apache Software Foundation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (SRTSPX) -- C:\Windows\system32\drivers\NIS\1000000.07D\SRTSPX.SYS File not found
DRV - (SRTSP) -- C:\Windows\system32\drivers\NIS\1000000.07D\SRTSP.SYS File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVEX15.SYS File not found
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVENG.SYS File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - ({329F96B6-DF1E-4328-BFDA-39EA953C1312}) -- C:\Program Files\CyberLink\PowerDVD11\Common\NavFilter\000.fcl (CyberLink Corp.)
DRV - (ntk_PowerDVD) -- C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD.sys (Cyberlink Corp.)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (tbhsd) -- C:\Windows\System32\drivers\tbhsd.sys (RapidSolution Software AG)
DRV - (ZTEusbser6k) -- C:\Windows\System32\drivers\ZTEusbser6k.sys (ZTE Incorporated)
DRV - (ZTEusbnmea) -- C:\Windows\System32\drivers\ZTEusbnmea.sys (ZTE Incorporated)
DRV - (ZTEusbmdm6k) -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
DRV - (CLBUDF) -- C:\Windows\System32\drivers\CLBUDF.sys (CyberLink Corporation.)
DRV - (CLBStor) -- C:\Windows\System32\drivers\CLBStor.sys (Cyberlink Co.,Ltd.)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (ZTEusbnet) -- C:\Windows\System32\drivers\ZTEusbnet.sys (ZTE Corporation)
DRV - (ZTEusbvoice) -- C:\Windows\System32\drivers\zteusbvoice.sys (ZTE Incorporated)
DRV - (SANDRA) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010\WNt500x86\Sandra.sys (SiSoftware)
DRV - (massfilter) -- C:\Windows\System32\drivers\massfilter.sys (ZTE Incorporated)
DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( )
DRV - (lullaby) -- C:\Windows\System32\drivers\lullaby.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (SiSGbeLH) -- C:\Windows\System32\drivers\SiSGB6.sys (Silicon Integrated Systems Corp.)
DRV - (CRFILTER) -- C:\Windows\System32\drivers\CRFILTER.sys (Generic)
DRV - (DNE) -- C:\Windows\System32\drivers\dne2000.sys (Deterministic Networks, Inc.)
DRV - (WSDPrintDevice) -- C:\Windows\System32\drivers\WSDPrint.sys (Microsoft Corporation)
DRV - (AsDsm) -- C:\Windows\System32\drivers\AsDsm.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (ASMMAP) -- C:\Program Files\ATKGFNEX\ASMMAP.sys ()
DRV - (CVirtA) -- C:\Windows\System32\drivers\CVirtA.sys (Cisco Systems, Inc.)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100)
DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKLM\..\SearchScopes,DefaultScope = 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = 
IE - HKCU\..\SearchScopes,DefaultScope = 
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@phonostar.de/phonostar: C:\Program Files\phonostar-Player\npphonostarDetectNP.dll ( )
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.05.22 13:03:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.05.22 13:03:06 | 000,000,000 | ---D | M]
 
[2009.11.18 05:32:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2012.05.24 10:21:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\f5pzbxqc.default\extensions
[2012.05.23 11:00:04 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\f5pzbxqc.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2012.04.28 17:03:04 | 000,000,000 | ---D | M] (Biobar) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\f5pzbxqc.default\extensions\{3e559c3c-4aad-4168-bd47-e1056298df8e}
[2012.05.20 01:11:45 | 000,000,000 | ---D | M] (WOT) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\f5pzbxqc.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012.04.28 17:09:22 | 000,000,000 | ---D | M] (Google Redesigned) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\f5pzbxqc.default\extensions\{cc85cd4e-5a5b-4eda-a25c-bdaffa93b406}
[2011.10.31 02:41:37 | 000,000,000 | ---D | M] (toolplugin) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\f5pzbxqc.default\extensions\welcome@toolmin.com
[2012.03.17 15:28:29 | 000,002,412 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\f5pzbxqc.default\searchplugins\Linkury Smartbar Search.xml
[2012.04.29 12:20:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2012.05.20 01:11:44 | 000,061,219 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\EXTENSIONS\{9AA46F4F-4DC7-4C06-97AF-5035170634FE}.XPI
[2012.01.23 09:52:31 | 000,138,614 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\EXTENSIONS\{D40F5E7B-D2CF-4856-B441-CC613EEFFBE3}.XPI
[2012.01.02 22:25:30 | 000,195,719 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\EXTENSIONS\ISREADITLATER@IDEASHOWER.COM.XPI
[2011.12.04 21:35:41 | 000,101,213 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\EXTENSIONS\LINKALERT.CONLAN@ADDONS.MOZILLA.COM.XPI
[2012.03.04 22:30:51 | 000,325,600 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\EXTENSIONS\SMARTERWIKI@WIKIATIC.COM.XPI
[2012.05.24 10:21:50 | 000,020,892 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F5PZBXQC.DEFAULT\EXTENSIONS\STUCKER@BIOLEGEND.COM.XPI
[2012.04.21 03:18:00 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.03.24 14:06:08 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.10.03 11:14:54 | 000,083,456 | ---- | M] (vShare.tv ) -- C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll
[2012.04.21 03:54:08 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
 
O1 HOSTS File: ([2009.11.21 04:04:40 | 000,357,056 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	www.123topsearch.com
O1 - Hosts: 127.0.0.1	123topsearch.com
O1 - Hosts: 127.0.0.1	www.132.com
O1 - Hosts: 127.0.0.1	132.com
O1 - Hosts: 127.0.0.1	www.136136.net
O1 - Hosts: 127.0.0.1	136136.net
O1 - Hosts: 127.0.0.1	www.163ns.com
O1 - Hosts: 12248 more lines...
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [ADSMTray] C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe ()
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe ()
O4 - HKLM..\Run: [ASUSTPE] C:\Windows\System32\ASUSTPE.exe (ASUS)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [HControlUser] C:\Program Files\ATK Hotkey\HcontrolUser.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [phonostar-PlayerTimer] C:\Program Files\phonostar-Player\phonostarTimer.exe ()
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: An vorhandenes PDF anfügen - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html File not found
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html File not found
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html File not found
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html File not found
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI832F~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2EB7E767-3A5F-45DC-A8CF-47F492C56E50}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C1A1FAB5-C100-42A4-8AF6-08E25A0B5C56}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Windows\ASUS\wallpapers\ASUS.jpg
O24 - Desktop BackupWallPaper: C:\Windows\ASUS\wallpapers\ASUS.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.01.19 10:47:05 | 000,008,192 | ---- | M] (Microsoft) - F:\AutoOff.exe -- [ NTFS ]
O32 - Unable to obtain root file information for disk F:\
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.05.28 04:30:54 | 000,000,000 | -H-D | C] -- C:\dvmexp
[2012.05.27 22:27:48 | 000,266,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TweakUI.exe
[2012.05.27 22:27:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Powertoys for Windows XP
[2012.05.27 15:07:11 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\SUPERAntiSpyware.com
[2012.05.27 15:06:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012.05.26 13:35:41 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.05.24 19:13:19 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2012.05.23 12:34:56 | 000,000,000 | ---D | C] -- C:\ProgramData\BullGuard
[2012.05.21 11:33:22 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012.05.21 11:33:22 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012.05.21 11:33:21 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012.05.21 11:33:21 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012.05.21 11:33:21 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2012.05.21 11:30:46 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012.05.21 11:30:46 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012.05.21 11:30:46 | 002,044,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.05.11 20:24:14 | 000,000,000 | ---D | C] -- C:\Program Files\Veetle
[2012.05.11 19:11:29 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\ASCOMP Software
[2012.05.11 19:11:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASCOMP Software
[2012.05.11 19:11:25 | 000,000,000 | ---D | C] -- C:\Program Files\ASCOMP Software
[2012.05.08 18:39:00 | 000,000,000 | ---D | C] -- C:\Program Files\Napster 5.0
[2012.05.05 10:13:28 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\JAM Software
[2012.05.05 10:13:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free
[2012.05.05 10:13:24 | 000,000,000 | ---D | C] -- C:\Program Files\JAM Software
[2012.04.28 16:36:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.04.28 16:36:02 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.05.28 12:08:02 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.05.28 12:08:02 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.05.28 12:08:02 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.05.28 12:08:02 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.05.28 12:02:30 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.05.28 12:02:12 | 000,000,680 | ---- | M] () -- C:\Users\***\AppData\Local\d3d9caps.dat
[2012.05.28 12:01:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.05.28 12:01:58 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.05.28 12:01:57 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.05.28 04:34:19 | 000,000,306 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2012.05.28 04:30:47 | 000,002,467 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
[2012.05.28 04:30:27 | 3220,463,616 | -HS- | M] () -- C:\hiberfil.sys
[2012.05.27 17:10:56 | 000,000,445 | ---- | M] () -- C:\Users\***\Desktop\findfile.bat
[2012.05.27 15:06:30 | 000,001,807 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.05.27 14:37:00 | 000,000,206 | ---- | M] () -- C:\Users\***\Documents\cc_20120527_143658.reg
[2012.05.27 14:36:37 | 000,039,922 | ---- | M] () -- C:\Users\***\Documents\cc_20120527_143631.reg
[2012.05.27 14:31:59 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2012.05.26 19:03:57 | 002,008,032 | ---- | M] () -- C:\Users\***\Desktop\Zattoo-4.0.5.exe
[2012.05.26 19:03:09 | 000,017,408 | ---- | M] () -- C:\Users\***\AppData\Local\WebpageIcons.db
[2012.05.25 15:48:04 | 000,002,657 | ---- | M] () -- C:\Users\***\Desktop\HiJackThis.lnk
[2012.05.24 19:31:25 | 000,302,592 | ---- | M] () -- C:\Users\***\Desktop\hee04u9t.exe
[2012.05.24 19:13:22 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2012.05.24 14:04:16 | 000,000,811 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.05.21 13:21:23 | 002,365,768 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.05.11 19:11:26 | 000,001,949 | ---- | M] () -- C:\Users\Public\Desktop\Secure Eraser.lnk
[2012.05.08 18:39:01 | 000,000,791 | ---- | M] () -- C:\Users\Public\Desktop\Napster 5.0.lnk
[2012.05.05 10:41:19 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.05.05 10:41:19 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.05.05 10:13:27 | 000,001,021 | ---- | M] () -- C:\Users\***\Desktop\TreeSize Free.lnk
[2012.04.29 12:20:04 | 000,000,853 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.05.27 22:27:48 | 000,160,217 | ---- | C] () -- C:\Windows\System32\PowerToysLicense.rtf
[2012.05.27 17:10:56 | 000,000,445 | ---- | C] () -- C:\Users\***\Desktop\findfile.bat
[2012.05.27 15:06:30 | 000,001,807 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.05.27 14:36:59 | 000,000,206 | ---- | C] () -- C:\Users\***\Documents\cc_20120527_143658.reg
[2012.05.27 14:36:33 | 000,039,922 | ---- | C] () -- C:\Users\***\Documents\cc_20120527_143631.reg
[2012.05.26 19:03:51 | 002,008,032 | ---- | C] () -- C:\Users\***\Desktop\Zattoo-4.0.5.exe
[2012.05.24 19:31:23 | 000,302,592 | ---- | C] () -- C:\Users\***\Desktop\hee04u9t.exe
[2012.05.11 19:11:26 | 000,001,949 | ---- | C] () -- C:\Users\Public\Desktop\Secure Eraser.lnk
[2012.05.05 10:13:27 | 000,001,021 | ---- | C] () -- C:\Users\***\Desktop\TreeSize Free.lnk
[2012.01.28 16:17:50 | 000,000,064 | ---- | C] () -- C:\ProgramData\sandra.ldb
[2011.10.22 15:30:29 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2011.05.26 12:13:27 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2010.12.06 17:15:55 | 000,000,410 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2010.12.06 17:15:55 | 000,000,162 | ---- | C] () -- C:\Windows\brpcfx.ini
[2010.12.06 17:15:17 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010.12.06 17:15:17 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2010.12.06 17:10:46 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf08b.dat
[2010.12.06 17:06:47 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat
[2010.08.23 12:40:56 | 000,000,020 | ---- | C] () -- C:\Windows\Hposcv07.INI
[2010.06.25 10:07:02 | 000,000,110 | -H-- | C] () -- C:\ProgramData\obid31
[2010.06.25 10:02:44 | 000,000,016 | -H-- | C] () -- C:\ProgramData\obtf503

< End of report >

Code:

OTL Extras logfile created on: 28.05.2012 12:19:16 - Run 3
OTL by OldTimer - Version 3.2.43.1     Folder = C:\Users\***\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,01 Gb Available Physical Memory | 66,91% Memory free
6,20 Gb Paging File | 4,84 Gb Available in Paging File | 78,05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 136,68 Gb Free Space | 58,69% Space Free | Partition Type: NTFS
Drive D: | 221,16 Gb Total Space | 119,14 Gb Free Space | 53,87% Space Free | Partition Type: NTFS
Drive E: | 439,89 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 465,76 Gb Total Space | 455,05 Gb Free Space | 97,70% Space Free | Partition Type: NTFS
Drive G: | 1,90 Gb Total Space | 1,09 Gb Free Space | 57,10% Space Free | Partition Type: FAT
Drive H: | 3,68 Gb Total Space | 3,62 Gb Free Space | 98,29% Space Free | Partition Type: FAT32
 
Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft OfficeXp\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft OfficeXp\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLCblueray\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [MediaMonkey.1Play] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)
Directory [MediaMonkey.2PlayNext] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)
Directory [MediaMonkey.3Enqueue] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLCblueray\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00314F2A-E40A-4061-87F5-CE2FF1D99872}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{08988F40-DF08-44A5-B64A-85C4CA27078C}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{0F311C91-4EAC-4A53-B3DD-64B67F1CDD72}" = rport=445 | protocol=6 | dir=out | app=system | 
"{21982B59-3185-483E-9B3B-1DE1201C41D7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{24472726-077A-481D-B9F3-5CBE68B81589}" = lport=138 | protocol=17 | dir=in | app=system | 
"{39B62F5F-0BBC-444D-B60B-A129D94A2649}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{3C53F47E-AD5E-470C-91D7-5F8CD593CA93}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{49856363-5B4E-45BD-B934-56A1A1E4D4F9}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{60E20FA4-471F-493B-AC53-7EBC70497B8D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{61A3CB33-73B2-42CD-AD55-0F92A7D512CE}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{6227544C-3A9C-48D1-8E95-0DC08BA9026D}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{69C1105B-B2D2-4348-9E68-991EAB7808D9}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{6D115A2A-D13B-430B-8C09-0EFDD6CAAB9F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{8A010C35-ACAE-4CBB-A3EC-E55C042811BC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{8C3C01BA-7032-4CA8-938C-3FADB5995A39}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\rpcagentsrv.exe | 
"{A3035336-7A73-4F0C-BD03-E03647156D35}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{A95C92B4-1A6C-4AB0-A9B4-D9DEC7A60E21}" = rport=137 | protocol=17 | dir=out | app=system | 
"{AD2C0C0A-01A2-48F7-8419-7CDA655440F1}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{B8C47D09-9FE9-4093-A9C9-724A5EC5841D}" = lport=445 | protocol=6 | dir=in | app=system | 
"{C680A807-3466-42EE-A88B-AFB24A4DFDCE}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{C72E63FF-C52F-448E-878F-451ED3916170}" = lport=137 | protocol=17 | dir=in | app=system | 
"{C87BD488-31B4-476C-A773-0755D334339B}" = rport=139 | protocol=6 | dir=out | app=system | 
"{CD1283B9-6447-4A20-BF94-D271930AF98F}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 | 
"{D0531F20-AD3C-4D02-890C-B7DD44494710}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{D382D1FD-B4C1-4082-8862-32BCD31B07CE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{D43ED587-120B-4A1E-BC79-11388A3650B5}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{D4695925-1440-4497-AAA4-56AB48C146B0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{E9DC357D-9DF6-4E4B-838E-CEB7D4B5EA07}" = rport=138 | protocol=17 | dir=out | app=system | 
"{F436C566-AA9E-4C14-A01B-7ACD2D506BD6}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{F8DF85B2-EB8D-4FE9-B8D2-1D63203CF71D}" = lport=139 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{072B4045-623C-48E5-A7D6-DAB65CB2BE76}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{08A42082-FF43-4826-A31A-A59B61AB9FAE}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet 6500 e710a-f\bin\hpnetworkcommunicator.exe | 
"{0AEB36D3-C19C-455F-9A06-835C53C224B3}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet 6500 e710a-f\bin\hpnetworkcommunicator.exe | 
"{0F453290-670C-4DBC-8B04-74315407BA72}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet 6500 e710a-f\bin\devicesetup.exe | 
"{10422751-A2B5-401E-ADB4-40FF76DBDDC8}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd9.exe | 
"{1A782211-F135-49B3-B975-926CA5864872}" = dir=in | app=c:\program files\cyberlink\powerdvd11\powerdvd11.exe | 
"{225C00AE-1BFB-407D-9E90-905D01723B30}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{2732CF4D-CD62-4A99-AA4F-F74D4EBD77F6}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{2BFA74AB-3967-40D7-BF55-D8BFD53B8C4F}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe | 
"{2C9BC4DC-5763-49AD-8AC1-080E9C37EF1D}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{30F49C9E-FD9D-40D4-B6CA-F7489D8F9FD5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{3AEBAD32-3F28-481B-9A53-24771732FD6A}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{40A3B424-2CB9-41BC-A85B-0F3DABF2674B}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | 
"{410DDD05-8537-4C22-AC23-3B4B806EB11E}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{59407F72-ECB6-4070-8BB8-7B61BB47374A}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe | 
"{715EA083-68C8-4E5E-9CE3-83D5F05F8028}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{75BD6FCE-F412-4979-A36C-BE77C14433B0}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{80D7A3F0-C170-4D34-B66B-A75B03701099}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{89A89B76-8C53-4174-BEB1-662D74570C2F}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{97257A9E-B9FF-46BA-8165-BBCA5287718B}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"{9D4F2DB8-9A10-4389-9129-05910538F54A}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\rpcagentsrv.exe | 
"{9EFE1365-79AA-48B5-8D06-E334089EE72E}" = dir=in | app=c:\program files\cyberlink\powerdvd11\common\mediaserver\clmsserverforpdvd11.exe | 
"{9F570117-2525-4AE7-9927-B3BC069EC6A7}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet 6500 e710a-f\bin\devicesetup.exe | 
"{A07D750D-641B-4AD0-9EFC-255728B56D0D}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{A2B83277-13C5-4810-BE3A-97F819BB10B8}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe | 
"{AAEC1112-DBB8-413B-B9CA-DE04D9F06A01}" = dir=in | app=c:\program files\cyberlink\powerdvd11\movie\powerdvd cinema\powerdvdcinema11.exe | 
"{B20F92DF-721B-42A0-A83F-D3E5EBD497C6}" = dir=in | app=c:\program files\cyberlink\powerdvd11\pdvd11serv.exe | 
"{C0077E66-9DA5-41BB-AA53-635DEEDB8195}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{D52EB0A4-6EB2-403C-A245-339415BE5262}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
"{E9C3C253-D212-40FC-884D-04B7CA9E2FCC}" = protocol=6 | dir=in | app=c:\program files\veetle\player\veetlenet.exe | 
"{ED51510F-53B3-452B-84C3-5275BD9299F1}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010\wnt500x86\rpcsandrasrv.exe | 
"TCP Query User{0B923A8C-5BC0-400E-90DC-4B29703A00AA}C:\users\***\appdata\local\radiosure\radiosure.exe" = protocol=6 | dir=in | app=c:\users\***\appdata\local\radiosure\radiosure.exe | 
"TCP Query User{36E5536E-CD2C-4474-B1F9-84B4031A0174}C:\program files\phonostar-player\phonostar.exe" = protocol=6 | dir=in | app=c:\program files\phonostar-player\phonostar.exe | 
"TCP Query User{45E9E4AA-03BF-4891-8B61-E6411E4B5917}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{5CBD3EB1-97CB-4E98-9227-A3B6C91AD461}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"TCP Query User{5D629FDB-23B0-427C-B520-D622676C8C29}C:\program files\phonostar-player\phonostar.exe" = protocol=6 | dir=in | app=c:\program files\phonostar-player\phonostar.exe | 
"TCP Query User{5EEBFFC4-C897-4D31-9F3E-96522A625A67}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{636E678C-F991-4D9D-A020-710B09233778}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"TCP Query User{751D1AFC-BAC0-4A6F-AA70-2F40970339E0}C:\program files\zattoo\zattood.exe" = protocol=6 | dir=in | app=c:\program files\zattoo\zattood.exe | 
"TCP Query User{AAFAAF42-C900-4E89-8DBA-5029F74D7C72}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{D1BDA1B4-7A6B-4C85-B65B-2E1FCD8C32C5}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"TCP Query User{E452B15D-5D13-4CB9-84C5-EFC4D9C1BF9B}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"TCP Query User{F887FA42-BE85-4B99-A7C9-BDEB26FC52D3}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe | 
"UDP Query User{023EE6BC-E56A-487C-93F8-713B414F8B97}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"UDP Query User{05CA6B36-F35A-4529-AC63-ABEE008EDA55}C:\program files\phonostar-player\phonostar.exe" = protocol=17 | dir=in | app=c:\program files\phonostar-player\phonostar.exe | 
"UDP Query User{1188CCB1-97A3-4366-936C-ABDEB4A4AE6C}C:\program files\zattoo\zattood.exe" = protocol=17 | dir=in | app=c:\program files\zattoo\zattood.exe | 
"UDP Query User{20449CDB-278E-45C5-B010-D1B31CF0C054}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{226843DE-23E4-4553-AC72-461023575057}C:\program files\phonostar-player\phonostar.exe" = protocol=17 | dir=in | app=c:\program files\phonostar-player\phonostar.exe | 
"UDP Query User{348FF0AD-641E-4BA2-A33A-592F9A5F4DC2}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe | 
"UDP Query User{38EB0727-1270-4997-9229-4CEAA7BE74A1}C:\users\***\appdata\local\radiosure\radiosure.exe" = protocol=17 | dir=in | app=c:\users\***\appdata\local\radiosure\radiosure.exe | 
"UDP Query User{781C8710-6AE4-4559-83FF-D3C3D3F87D73}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"UDP Query User{8398616B-67F4-48CA-86A9-783F6D81B276}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"UDP Query User{B8FDE6B0-4922-4F33-86BC-C20F58C70B22}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{C1F20795-F047-4755-8EEC-20A1957914FC}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"UDP Query User{E6AC3C4D-9A87-435E-8BE0-8BCBC4EF638E}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{005B94DC-2954-CC01-27C4-2D369D037EE0}" = CCC Help Polish
"{0138F525-6C8A-333F-A105-14AE030B9A54}" = Visual C++ 9.0 CRT (x86) WinSXS MSM
"{024AA2AC-FFA9-1806-6BB5-B7725E81B133}" = CCC Help Greek
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{067CA42C-B66D-9995-041D-39A998AC0DB9}" = CCC Help Japanese
"{078B7B83-4F8E-30F3-1F6C-27CB7A58B34F}" = CCC Help Portuguese
"{07AD1E36-8AF3-54AA-3ADF-757FF315BA0B}" = Catalyst Control Center Graphics Previews Vista
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{0849C3F0-2084-8CBF-3C7C-ADBBE2F4C885}" = Catalyst Control Center InstallProxy
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0C3D4387-58C3-03FA-9250-E80587ED1970}" = Catalyst Control Center Localization French
"{0C8EBB00-4909-459C-8347-B2068B7F0319}" = CyberLink DVD Menu Template Pack
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software  1.14.17.1
"{0EE024E4-7A22-5C59-CB86-D2163B4A5940}" = Catalyst Control Center Graphics Full Existing
"{0F3C61B5-3051-4DE6-8A6A-45100BCC1F41}" = Dolby Control Center
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{12E6E331-91E3-2964-5E42-FD5101EC1924}" = Skins
"{13303431-D0FE-AA95-BEBB-DD936E89129D}" = CCC Help French
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{179AF346-87A7-047D-3034-08D379B06512}" = Catalyst Control Center Localization Danish
"{180C2A98-E757-3FE1-9118-3106F696AD64}" = CCC Help Finnish
"{1821904F-DAD2-ADF5-8F1C-32AA87DA9099}" = CCC Help Thai
"{19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}" = CyberLink InstantBurn
"{1B003CCD-DD4C-C45A-5E64-CF2F677735E4}" = Catalyst Control Center Localization Hungarian
"{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}" = ASUS Data Security Manager
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20E2C98F-37F6-3AEE-3EEB-0817E40C1B5E}" = Catalyst Control Center Localization Thai
"{214B35FA-D554-BA98-C46D-8543CE723D59}" = Catalyst Control Center Localization Turkish
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23990464-BE2A-1041-2436-A9EA742B84D4}" = Catalyst Control Center Graphics Light
"{24638AD1-5F7E-9900-147E-B3EEA1B84EAE}" = Napster 5.0 Beta
"{2480C7AD-DD7D-26B4-E4A0-04CAC853ADAF}" = Catalyst Control Center Localization Greek
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{28F5F2A0-6A42-FB10-9468-8218592804A6}" = CCC Help Italian
"{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}" = CyberLink BD_3D Advisor 2.0
"{2F8C0EC4-ECCE-35D3-163D-B1BE983C902E}" = Catalyst Control Center Localization Japanese
"{308A38F5-3061-64FE-698C-9E30BE7AE7F4}" = Catalyst Control Center Localization Dutch
"{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}" = CyberLink WaveEditor
"{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{37B93E3B-991E-0E7E-DD8E-F5836622397F}" = ATI Catalyst Install Manager
"{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey
"{39758F7A-E763-917E-E7BE-081561D0D9AB}" = CCC Help Norwegian
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A08B59E-A9F0-4F4D-B7E5-6875D7F13327}" = Brother MFL-Pro Suite MFC-250C
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A608351-5980-4A47-AE08-3742C55B4016}" = Windows Live Family Safety
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{3B939E1F-6E91-D459-1876-685B0C152704}" = Catalyst Control Center Localization Swedish
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{47ECCB1F-2811-49C0-B6A7-26778639ABA0}" = 32 Bit HP CIO Components Installer
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4DD0A3FE-82C3-3DF4-019F-2F1F71032830}" = ccc-core-static
"{58C613C0-74A9-2753-FDDB-7E250DA1A775}" = CCC Help Chinese Standard
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{62CF8923-31DC-4285-A23C-17CE5AA6A679}" = Express Gate
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{64F12E84-C845-6131-ACC4-71E884E58D32}" = Catalyst Control Center Localization Italian
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Apple Application Support
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{6B8C292E-38D1-70BC-200B-08A855200B56}" = Catalyst Control Center Localization Chinese Traditional
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73E17E13-EE46-1D1A-7240-C9B17FA07A58}" = CCC Help Hungarian
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{7DE5AA66-A8CE-8689-2A1A-C7D679EDD038}" = CCC Help Chinese Traditional
"{804EC25F-031C-692F-9FEF-F9EC6E9A5BFF}" = CCC Help Swedish
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{88E9BEAC-B245-9C4E-C4F0-F5D8918CF8E8}" = CCC Help Czech
"{89B6F63A-7E0C-424A-9D39-C4EF59E96D78}" = hppQFolderP2050
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BCAC105-C501-41F9-AED1-587024ABCA8C}" = Reference Manager 12 Professional Edition
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{90F80407-6000-11D3-8CFE-0150048383C9}" = Tool zum Entfernen verborgener Daten
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{94F29521-B6BB-ADBF-183A-4DEFD1CB123A}" = Catalyst Control Center Localization Korean
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0120-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{958B08B0-C784-4A77-8D2B-C0A58F1E14B5}" = HP Officejet 6500 E710a-f Hilfe
"{96B51C0B-D3BE-4DF3-959C-28B22C10CFBB}" = Vodafone Mobile Connect Lite
"{976AF33B-E8BB-968F-D2E9-2956ECCDB695}" = Catalyst Control Center Localization Spanish
"{995F2783-8311-49BF-833E-DB659774B4F6}" = hppFonts
"{9A01320F-7C1D-8B61-B96D-6F62C0662B62}" = Catalyst Control Center Localization Norwegian
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear eXtreme
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C450606-ED24-4958-92BA-B8940C99D441}" = PixiePack Codec Pack
"{A13F629F-58F2-4820-81AC-356956B4AF08}" = CCC Help Danish
"{A5B8FB6E-2D93-EA96-41D2-0A8DE245463E}" = ccc-utility
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A8AE28A8-7A3C-DA73-B71B-F0E1E934184F}" = Catalyst Control Center Localization Portuguese
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = Mobile Partner Manager
"{AB3C268A-E54B-4F6D-BF97-2DFCEEFA94F5}" = Catalyst Control Center - Branding
"{AC18C2B2-32A3-1405-4404-7A299E804D53}" = Catalyst Control Center Localization Czech
"{AC76BA86-1033-F400-7760-000000000003}" = Adobe Acrobat 8 Professional - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch
"{ACA1C809-F50A-B6EA-B7AE-D1E46ABDDF15}" = Catalyst Control Center Graphics Previews Common
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = CyberLink PowerBackup
"{AF389D43-5DE7-39F6-947B-985F0F722E2F}" = CCC Help Spanish
"{AFE40488-240F-311D-65AB-C5081016DD5A}" = Catalyst Control Center Localization German
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B50A4BE8-906F-5E89-825D-7A194F77F915}" = Catalyst Control Center Localization Russian
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BD69DAB8-E483-4E45-A052-16D1C360B67D}" = hppusgP2050
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2296}_is1" = SiSoftware Sandra Lite 2010
"{C49EE0A6-96F1-D141-EFB8-525930D8E3F0}" = CCC Help Korean
"{C51975DE-6450-4B3A-908F-5CA91494B1D3}" = HP Officejet 6500 E710a-f - Grundlegende Software für das Gerät
"{C5245592-6EB6-9D13-55FE-D360A9F5CC97}" = CCC Help Turkish
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CDC072CD-AB8C-6958-DE84-6FA2236E973C}" = CCC Help German
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D2D58C26-6BF8-5203-340E-190CF5B7E23B}" = CCC Help Dutch
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D86BEAB5-9A12-E681-2B27-14F45D78439E}" = Catalyst Control Center Graphics Full New
"{DA41F9E9-B878-467F-95E7-27E4D1943533}" = Multimedia Card Reader
"{DB891739-2EB3-45A8-9CBD-941C255CECD4}" = ASUS Touch Pad Extra
"{DBBA3B20-3D85-6426-F00A-F8AFA81D581C}" = Catalyst Control Center Localization Polish
"{DC35EF73-C7BD-4452-A793-4269990E1EA3}" = Windows Live Movie Maker-Betaversion
"{DC905847-D537-427F-BF91-47CC7ACCDE58}" = ASUS FancyStart
"{DD2D3F4B-BF4F-85C9-1A0F-913D80407B2E}" = Catalyst Control Center Localization Finnish
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{E3455E2A-A26D-0632-D088-6ACC10C1F9F8}" = CCC Help English
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EDC08986-48D6-41aa-BCE1-F63FDB63CF6D}" = GraphPad Prism 5 (Trial)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F232C87C-6E92-4775-8210-DFE90B7777D9}" = CyberLink PowerDVD 11
"{F2724B69-2CAF-E4F8-A05D-82D858970092}" = Catalyst Control Center Localization Chinese Standard
"{F2C6DD1F-B4ED-A876-8B1D-293A1760C1F8}" = CCC Help Russian
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB0C267C-8B4F-4867-8161-A6A3B66D42C1}" = Marketsplash Schnellzugriffe
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FE875E53-A922-87D5-DF74-E030D41C54D7}" = Catalyst Control Center Core Implementation
"7-Zip" = 7-Zip 4.65
"Adobe Acrobat 8 Professional - English, Français, Deutsch" = Adobe Acrobat 8.1.3 Professional
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"Chromas" = Chromas
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.Rhapsody.Napster5" = Napster 5.0 Beta
"FreePDF_XP" = FreePDF (Remove only)
"GPL Ghostscript 8.70" = GPL Ghostscript 8.70
"GraphPad InStat_is1" = GraphPad InStat 3 (Trial)
"HP Fotodruck-Programm" = HP Fotodruck-Programm
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}" = CyberLink WaveEditor
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{ADD5DB49-72CF-11D8-9D75-000129760D75}" = CyberLink PowerBackup
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"InstallShield_{F232C87C-6E92-4775-8210-DFE90B7777D9}" = CyberLink PowerDVD 11
"ISI ResearchSoft - Export Helper" = ISI ResearchSoft - Export Helper
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"MediaMonkey_is1" = MediaMonkey 3.2
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 12.0 (x86 de)" = Mozilla Firefox 12.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"phonostar3RadioPlayer_is1" = phonostar-Player Version 3.02.5
"Picasa 3" = Picasa 3
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"Secure Eraser_is1" = Secure Eraser v4.0
"SopCast" = SopCast 3.5.0
"ST6UNST #1" = Langenscheidt Vokabeltrainer
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TreeSize Free_is1" = TreeSize Free V2.7
"Tweak UI 2.10" = Tweak UI
"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam
"USB Mass Storage Filter Driver" = Multimedia Card Reader
"Veetle TV" = Veetle TV
"VLC media player" = VLC media player 2.0.0-rc1-20120129-0209
"vShare.tv plugin" = vShare.tv plugin 1.3
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinLiveSuite_Wave3" = Windows Live Essentials
"Zattoo" = Zattoo 3.3.4 Beta
"Zattoo4" = Zattoo4 4.0.4
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 16.01.2012 17:42:08 | Computer Name = ***-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 17.01.2012 07:49:52 | Computer Name = ***-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
Error - 17.01.2012 16:03:36 | Computer Name = ***-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
Error - 18.01.2012 11:44:24 | Computer Name = ***-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
Error - 19.01.2012 15:55:35 | Computer Name = ***-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
Error - 20.01.2012 12:44:37 | Computer Name = ***-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
Error - 21.01.2012 05:04:14 | Computer Name = ***-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
Error - 21.01.2012 16:54:35 | Computer Name = ***-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 22.01.2012 04:16:13 | Computer Name = ***-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
Error - 23.01.2012 03:30:25 | Computer Name = ***-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
[ System Events ]
Error - 27.05.2012 08:40:00 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 27.05.2012 08:41:19 | Computer Name = ***-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
Error - 27.05.2012 10:59:37 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 27.05.2012 11:01:50 | Computer Name = ***-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
Error - 27.05.2012 12:40:12 | Computer Name = ***-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 27.05.2012 14:28:34 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 27.05.2012 14:29:52 | Computer Name = ***-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
Error - 27.05.2012 22:32:04 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 27.05.2012 22:33:54 | Computer Name = ***-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
Error - 28.05.2012 01:46:19 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7034
Description = 
 
 
< End of report >

hier das Ergebnis der Suche nach autorun.inf :

Code:

 Datentr„ger in Laufwerk C: ist VistaOS
 Volumeseriennummer: 6E09-E1D4

 Verzeichnis von C:\HP_P2050_Default_Install_4.0

21.05.2009  19:40           608.181 autorun.inf
               1 Datei(en),        608.181 Bytes

 Verzeichnis von C:\Program Files\Adobe\Adobe Photoshop CS4\Scripting\Sample Scripts\VBScript

19.09.2008  03:07             2.012 ApplyStyle.vbs
19.09.2008  03:07             4.684 BatchProcess.vbs
19.09.2008  03:07             2.333 ClipboardInteraction.vbs
19.09.2008  03:07             2.320 CreateAndExecuteAction.vbs
19.09.2008  03:07             1.307 CreateNewTextArt.vbs
19.09.2008  03:07             2.366 Crop.vbs
19.09.2008  03:07               589 DocumentByName.vbs
19.09.2008  03:07             1.860 DuplicateLayers.vbs
19.09.2008  03:07             2.473 ExecuteAction.vbs
19.09.2008  03:07               508 ExecuteJavaScript.vbs
19.09.2008  03:07             2.692 Filters.vbs
19.09.2008  03:07             2.404 HistoryState.vbs
19.09.2008  03:07             1.520 OpenDocument.vbs
19.09.2008  03:07             3.657 SaveAsFormats.vbs
19.09.2008  03:07             2.304 Selection.vbs
19.09.2008  03:07             1.880 SelectionEffects.vbs
19.09.2008  03:07             3.959 TextArt.vbs
19.09.2008  03:07             2.624 TextArtCenter.vbs
19.09.2008  03:07             1.819 Trim.vbs
              19 Datei(en),         43.311 Bytes

 Verzeichnis von C:\Program Files\Common Files\Adobe\Bridge CS4 Extensions\Adobe Output Module\mediagallery\resources\flashgallery

07.05.2008  10:29                48 AUTORUN.inf
               1 Datei(en),             48 Bytes

 Verzeichnis von C:\Program Files\GIMP-2.0\share\gimp\2.0\brushes

14.08.2009  01:13                79 Calligraphic-Brush-0.vbr
14.08.2009  01:13                82 Calligraphic-Brush-1.vbr
14.08.2009  01:13                82 Calligraphic-Brush-2.vbr
14.08.2009  01:13                81 Calligraphic-Brush-3.vbr
14.08.2009  01:13                71 Circle-1.vbr
14.08.2009  01:13                71 Circle-11.vbr
14.08.2009  01:13                71 Circle-13.vbr
14.08.2009  01:13                71 Circle-15.vbr
14.08.2009  01:13                71 Circle-17.vbr
14.08.2009  01:13                71 Circle-19.vbr
14.08.2009  01:13                71 Circle-3.vbr
14.08.2009  01:13                71 Circle-5.vbr
14.08.2009  01:13                71 Circle-7.vbr
14.08.2009  01:13                71 Circle-9.vbr
14.08.2009  01:13                77 Circle-Fuzzy-11.vbr
14.08.2009  01:13                77 Circle-Fuzzy-13.vbr
14.08.2009  01:13                77 Circle-Fuzzy-15.vbr
14.08.2009  01:13                77 Circle-Fuzzy-17.vbr
14.08.2009  01:13                77 Circle-Fuzzy-19.vbr
14.08.2009  01:13                77 Circle-Fuzzy-3.vbr
14.08.2009  01:13                77 Circle-Fuzzy-5.vbr
14.08.2009  01:13                77 Circle-Fuzzy-7.vbr
14.08.2009  01:13                77 Circle-Fuzzy-9.vbr
14.08.2009  01:13                89 Diagonal-Star-11.vbr
14.08.2009  01:13                89 Diagonal-Star-17.vbr
14.08.2009  01:13                90 Diagonal-Star-25.vbr
              26 Datei(en),          1.995 Bytes

 Verzeichnis von C:\Program Files\HP\Digital Imaging\{6F801026-6AF0-4520-9153-4C9B4CAAB361}

21.05.2009  19:40           608.181 autorun.inf
               1 Datei(en),        608.181 Bytes

 Verzeichnis von C:\Program Files\HP\Temp\{6F801026-6AF0-4520-9153-4C9B4CAAB361}

21.05.2009  19:40           608.181 autorun.inf
               1 Datei(en),        608.181 Bytes

 Verzeichnis von C:\Program Files\MediaMonkey\Scripts

21.08.2009  00:58             2.143 AutoIncTrackN.vbs
21.08.2009  00:58            17.308 Case.vbs
23.10.2009  02:32            17.551 Export.vbs
21.08.2009  00:58             3.274 ExportM3Us.vbs
21.08.2009  00:58             2.434 ExportOPML.vbs
21.08.2009  00:58             1.741 MediaMonkey init.vbs
21.08.2009  00:58            67.348 Stats.vbs
21.08.2009  00:58               672 SwapArtistTitle.vbs
               8 Datei(en),        112.471 Bytes

 Verzeichnis von C:\Program Files\PDFCreator\COM\Dot Net\VS2005\Visual Basic\Sample1

13.12.2009  13:25               510 AssemblyInfo.vb
21.12.2009  10:26            10.901 Form1.vb
13.12.2009  13:30             4.755 Sample1.vbproj
               3 Datei(en),         16.166 Bytes

 Verzeichnis von C:\Program Files\PDFCreator\COM\Dot Net\VS2005\Visual Basic\Sample2

13.12.2009  13:46               510 AssemblyInfo.vb
21.12.2009  10:26             7.436 Form1.vb
13.12.2009  13:43             4.842 Sample2.vbproj
               3 Datei(en),         12.788 Bytes

 Verzeichnis von C:\Program Files\PDFCreator\COM\VB6\Sample1

13.12.2009  14:23               937 Sample1.vbp
               1 Datei(en),            937 Bytes

 Verzeichnis von C:\Program Files\PDFCreator\COM\VB6\Sample2

13.12.2009  14:31               962 Sample2.vbp
               1 Datei(en),            962 Bytes

 Verzeichnis von C:\Program Files\PDFCreator\COM\Windows Scripting Host\VBScripts

14.01.2008  14:50             4.931 CombineAndAddBookmarks.vbs
14.01.2008  14:50             3.467 CombineJobs.vbs
14.01.2008  14:50            14.324 CompareColorCompressionModes.vbs
22.12.2009  23:10             3.002 Convert2PDF.vbs
14.01.2008  14:50             3.138 Convert2PDFAndPrint.vbs
14.01.2008  14:50             3.025 Convert2TIFF.vbs
14.01.2008  14:50             2.991 Convert2TXT.vbs
10.08.2008  21:31             2.055 ConvertJPEG2PDF.vbs
14.01.2008  14:50             3.357 GhostscriptDirect.vbs
14.01.2008  14:50             3.682 GUI.vbs
14.01.2008  14:50             1.878 PS2PDF.vbs
15.01.2008  13:18             1.420 SaveOptionsToFile.vbs
14.01.2008  14:50             3.104 ShowLogfile.vbs
14.01.2008  14:50             4.155 ShowOptions.vbs
14.01.2008  14:50             4.518 TestCompression1.vbs
14.01.2008  14:50             4.449 TestCompression2.vbs
14.01.2008  14:50             2.998 TestCompression3.vbs
14.01.2008  14:50             1.284 TestEvents.vbs
14.01.2008  14:50             2.261 Testpage2PDF.vbs
15.10.2008  23:49             2.710 Testpage2PDFSendEmail.vbs
06.05.2009  23:05             2.529 URL2PDF.vbs
              21 Datei(en),         75.278 Bytes

 Verzeichnis von C:\Program Files\PDFCreator\Scripts\RunProgramAfterSaving

11.01.2010  23:14             1.709 AddWatermarkToPDF.vbs
23.09.2010  21:39             1.638 EncryptAES128.vbs
14.01.2008  14:50             1.112 FTPUpload.vbs
14.01.2008  14:50             1.795 Logger.vbs
14.01.2008  14:50             1.966 MSAgent.vbs
14.01.2008  14:50             1.120 NetSend.vbs
14.01.2008  14:50               667 PopUpMessage.vbs
14.01.2008  14:50             1.206 SayIt.vbs
               8 Datei(en),         11.213 Bytes

 Verzeichnis von C:\Program Files\PDFCreator\Scripts\RunProgramBeforeSaving

14.01.2008  14:50               667 PopUpMessage.vbs
               1 Datei(en),            667 Bytes

 Verzeichnis von C:\Users\***\AppData\Local\Temp

08.08.2007  15:32               537 Drives.vbs
               1 Datei(en),            537 Bytes

 Verzeichnis von C:\Users\***\Desktop\autoruns

28.05.2012  13:11           608.181 autorun.inf
               1 Datei(en),        608.181 Bytes

 Verzeichnis von C:\Users\***\Downloads\grphpad

19.07.2008  20:05                45 autorun.inf
               1 Datei(en),             45 Bytes

 Verzeichnis von C:\Users\***\Eigene Dateien Gericom neu\GraphPad

19.07.2008  19:05                45 autorun.inf
               1 Datei(en),             45 Bytes

 Verzeichnis von C:\Windows\assembly\GAC_MSIL

02.11.2006  13:18    <DIR>          Microsoft.Vsa.Vb.CodeDOMProcessor
               0 Datei(en),              0 Bytes

 Verzeichnis von C:\Windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a

30.03.2009  06:42            12.800 Microsoft.Vsa.Vb.CodeDOMProcessor.dll
               1 Datei(en),         12.800 Bytes

 Verzeichnis von C:\Windows\assembly\tmp\5Y6F6VBC

02.05.2011  16:52            66.936 Microsoft.Vbe.Interop.dll
               1 Datei(en),         66.936 Bytes

 Verzeichnis von C:\Windows\Microsoft.NET\Framework

27.07.2008  20:03            14.904 sbs_microsoft.vsa.vb.codedomprocessor.dll
               1 Datei(en),         14.904 Bytes

 Verzeichnis von C:\Windows\Microsoft.NET\Framework\v2.0.50727

30.03.2009  06:42            12.800 Microsoft.Vsa.Vb.CodeDOMProcessor.dll
27.07.2008  20:03             6.144 Microsoft.Vsa.Vb.CodeDOMProcessor.tlb
               2 Datei(en),         18.944 Bytes

 Verzeichnis von C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f

18.11.2009  09:30    <DIR>          msil_microsoft.vsa.vb.codedomprocessor_b03f5f7f11d50a3a_6.0.6002.18005_none_44578232f2ea7160
               0 Datei(en),              0 Bytes

 Verzeichnis von C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\msil_microsoft.vsa.vb.codedomprocessor_b03f5f7f11d50a3a_6.0.6002.18005_none_44578232f2ea7160

30.03.2009  06:42            12.800 Microsoft.Vsa.Vb.CodeDOMProcessor.dll
               1 Datei(en),         12.800 Bytes

 Verzeichnis von C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-s..ity-licensing-tools_31bf3856ad364e35_6.0.6002.18005_none_c7357f7a65060ad7

18.02.2009  20:39            92.918 slmgr.vbs
               1 Datei(en),         92.918 Bytes

 Verzeichnis von C:\Windows\System32

21.01.2008  04:24            12.198 gatherWiredInfo.vbs
21.01.2008  04:23            15.181 gatherWirelessInfo.vbs
18.02.2009  20:39            92.918 slmgr.vbs
01.08.2009  08:27           201.184 winrm.vbs
               4 Datei(en),        321.481 Bytes

 Verzeichnis von C:\Windows\System32\Printing_Admin_Scripts\de-DE

16.04.2008  13:10           106.798 prncnfg.vbs
16.04.2008  13:10            51.986 prndrvr.vbs
16.04.2008  13:10            70.586 prnjobs.vbs
16.04.2008  13:10            82.080 prnmngr.vbs
16.04.2008  13:10            57.556 prnport.vbs
16.04.2008  13:10            51.806 prnqctl.vbs
16.04.2008  13:10             7.518 pubprn.vbs
               7 Datei(en),        428.330 Bytes

 Verzeichnis von C:\Windows\winsxs

02.11.2006  13:18    <DIR>          msil_microsoft.vsa.vb.codedomprocessor_b03f5f7f11d50a3a_6.0.6000.16386_none_44a77b3af2413480
18.11.2009  06:49    <DIR>          msil_microsoft.vsa.vb.codedomprocessor_b03f5f7f11d50a3a_6.0.6000.16720_none_44a2019ef24603f4
18.11.2009  06:49    <DIR>          msil_microsoft.vsa.vb.codedomprocessor_b03f5f7f11d50a3a_6.0.6000.20883_none_2dda18430be848e7
21.01.2008  04:24    <DIR>          msil_microsoft.vsa.vb.codedomprocessor_b03f5f7f11d50a3a_6.0.6001.18000_none_447bfcf6f298dd4c
18.11.2009  06:49    <DIR>          msil_microsoft.vsa.vb.codedomprocessor_b03f5f7f11d50a3a_6.0.6001.18111_none_447ce654f2981095
18.11.2009  06:49    <DIR>          msil_microsoft.vsa.vb.codedomprocessor_b03f5f7f11d50a3a_6.0.6001.22230_none_2db156f10c3d89a8
22.11.2009  02:35    <DIR>          msil_microsoft.vsa.vb.codedomprocessor_b03f5f7f11d50a3a_6.0.6002.18005_none_44578232f2ea7160
               0 Datei(en),              0 Bytes

 Verzeichnis von C:\Windows\winsxs\Manifests

02.11.2006  12:08             3.408 msil_microsoft.vsa.vb.codedomprocessor_b03f5f7f11d50a3a_6.0.6000.16386_none_44a77b3af2413480.manifest
28.07.2008  01:18             3.408 msil_microsoft.vsa.vb.codedomprocessor_b03f5f7f11d50a3a_6.0.6000.16720_none_44a2019ef24603f4.manifest
28.07.2008  01:21             3.408 msil_microsoft.vsa.vb.codedomprocessor_b03f5f7f11d50a3a_6.0.6000.20883_none_2dda18430be848e7.manifest
21.01.2008  04:20             3.408 msil_microsoft.vsa.vb.codedomprocessor_b03f5f7f11d50a3a_6.0.6001.18000_none_447bfcf6f298dd4c.manifest
28.07.2008  01:44             3.408 msil_microsoft.vsa.vb.codedomprocessor_b03f5f7f11d50a3a_6.0.6001.18111_none_447ce654f2981095.manifest
28.07.2008  01:30             3.408 msil_microsoft.vsa.vb.codedomprocessor_b03f5f7f11d50a3a_6.0.6001.22230_none_2db156f10c3d89a8.manifest
11.04.2009  01:18             3.408 msil_microsoft.vsa.vb.codedomprocessor_b03f5f7f11d50a3a_6.0.6002.18005_none_44578232f2ea7160.manifest
02.11.2006  12:02             5.792 x86_microsoft.vsa.vb.co..mprocessor.registry_31bf3856ad364e35_6.0.6000.16386_none_fffc393644cfead5.manifest
28.07.2008  01:12             5.792 x86_microsoft.vsa.vb.co..mprocessor.registry_31bf3856ad364e35_6.0.6000.16720_none_00371e9a44a49fc1.manifest
28.07.2008  01:14             5.792 x86_microsoft.vsa.vb.co..mprocessor.registry_31bf3856ad364e35_6.0.6000.20883_none_0082dcbb5df03336.manifest
28.07.2008  01:29             5.792 x86_microsoft.vsa.vb.co..mprocessor.registry_31bf3856ad364e35_6.0.6001.18111_none_02292d7641c22e18.manifest
28.07.2008  01:20             5.792 x86_microsoft.vsa.vb.co..mprocessor.registry_31bf3856ad364e35_6.0.6001.22230_none_029c2a1f5af0ec6d.manifest
02.11.2006  12:02            16.698 x86_microsoft.vsa.vb.codedomprocessor.tlb_31bf3856ad364e35_6.0.6000.16386_none_a5942ad985bbaca6.manifest
28.07.2008  01:12            16.698 x86_microsoft.vsa.vb.codedomprocessor.tlb_31bf3856ad364e35_6.0.6000.16720_none_a5cf103d85906192.manifest
28.07.2008  01:14            16.698 x86_microsoft.vsa.vb.codedomprocessor.tlb_31bf3856ad364e35_6.0.6000.20883_none_a61ace5e9edbf507.manifest
28.07.2008  01:29            16.698 x86_microsoft.vsa.vb.codedomprocessor.tlb_31bf3856ad364e35_6.0.6001.18111_none_a7c11f1982adefe9.manifest
28.07.2008  01:20            16.698 x86_microsoft.vsa.vb.codedomprocessor.tlb_31bf3856ad364e35_6.0.6001.22230_none_a8341bc29bdcae3e.manifest
              17 Datei(en),        136.306 Bytes

 Verzeichnis von C:\Windows\winsxs\msil_microsoft.vsa.vb.codedomprocessor_b03f5f7f11d50a3a_6.0.6000.16386_none_44a77b3af2413480

20.10.2006  03:14            12.800 Microsoft.Vsa.Vb.CodeDOMProcessor.dll
               1 Datei(en),         12.800 Bytes

 Verzeichnis von C:\Windows\winsxs\msil_microsoft.vsa.vb.codedomprocessor_b03f5f7f11d50a3a_6.0.6000.16720_none_44a2019ef24603f4

27.07.2008  20:00            12.800 Microsoft.Vsa.Vb.CodeDOMProcessor.dll
               1 Datei(en),         12.800 Bytes

 Verzeichnis von C:\Windows\winsxs\msil_microsoft.vsa.vb.codedomprocessor_b03f5f7f11d50a3a_6.0.6000.20883_none_2dda18430be848e7

27.07.2008  19:55            12.800 Microsoft.Vsa.Vb.CodeDOMProcessor.dll
               1 Datei(en),         12.800 Bytes

 Verzeichnis von C:\Windows\winsxs\msil_microsoft.vsa.vb.codedomprocessor_b03f5f7f11d50a3a_6.0.6001.18000_none_447bfcf6f298dd4c

21.01.2008  04:24            12.800 Microsoft.Vsa.Vb.CodeDOMProcessor.dll
               1 Datei(en),         12.800 Bytes

 Verzeichnis von C:\Windows\winsxs\msil_microsoft.vsa.vb.codedomprocessor_b03f5f7f11d50a3a_6.0.6001.18111_none_447ce654f2981095

27.07.2008  20:03            12.800 Microsoft.Vsa.Vb.CodeDOMProcessor.dll
               1 Datei(en),         12.800 Bytes

 Verzeichnis von C:\Windows\winsxs\msil_microsoft.vsa.vb.codedomprocessor_b03f5f7f11d50a3a_6.0.6001.22230_none_2db156f10c3d89a8

27.07.2008  19:58            12.800 Microsoft.Vsa.Vb.CodeDOMProcessor.dll
               1 Datei(en),         12.800 Bytes

 Verzeichnis von C:\Windows\winsxs\msil_microsoft.vsa.vb.codedomprocessor_b03f5f7f11d50a3a_6.0.6002.18005_none_44578232f2ea7160

30.03.2009  06:42            12.800 Microsoft.Vsa.Vb.CodeDOMProcessor.dll
               1 Datei(en),         12.800 Bytes

 Verzeichnis von C:\Windows\winsxs\x86_microsoft-windows-dot3svc_31bf3856ad364e35_6.0.6001.18000_none_6b6c0ec873844bfa

21.01.2008  04:24            12.198 gatherWiredInfo.vbs
               1 Datei(en),         12.198 Bytes

 Verzeichnis von C:\Windows\winsxs\x86_microsoft-windows-dot3svc_31bf3856ad364e35_6.0.6002.18005_none_6d5787d470a61746

21.01.2008  04:24            12.198 gatherWiredInfo.vbs
               1 Datei(en),         12.198 Bytes

 Verzeichnis von C:\Windows\winsxs\x86_microsoft-windows-iis-legacyscripts_31bf3856ad364e35_6.0.6001.18000_none_7e466ce97736febd

02.11.2006  14:36            98.133 adsutil.vbs
02.11.2006  14:36             4.346 clusftp.vbs
02.11.2006  14:36             4.341 clusweb.vbs
02.11.2006  14:36            41.401 IIsExt.vbs
21.01.2008  04:25            12.796 iisswtch.vbs
               5 Datei(en),        161.017 Bytes

 Verzeichnis von C:\Windows\winsxs\x86_microsoft-windows-p..inscripts.resources_31bf3856ad364e35_6.0.6000.16386_de-de_6385c801608735e3

16.04.2008  13:10           106.798 prncnfg.vbs
16.04.2008  13:10            51.986 prndrvr.vbs
16.04.2008  13:10            70.586 prnjobs.vbs
16.04.2008  13:10            82.080 prnmngr.vbs
16.04.2008  13:10            57.556 prnport.vbs
16.04.2008  13:10            51.806 prnqctl.vbs
16.04.2008  13:10             7.518 pubprn.vbs
               7 Datei(en),        428.330 Bytes

 Verzeichnis von C:\Windows\winsxs\x86_microsoft-windows-s..ity-licensing-tools_31bf3856ad364e35_6.0.6001.18000_none_c54a066e67e43f8b

21.01.2008  04:24            80.047 slmgr.vbs
               1 Datei(en),         80.047 Bytes

 Verzeichnis von C:\Windows\winsxs\x86_microsoft-windows-s..ity-licensing-tools_31bf3856ad364e35_6.0.6002.18005_none_c7357f7a65060ad7

18.02.2009  20:39            92.918 slmgr.vbs
               1 Datei(en),         92.918 Bytes

 Verzeichnis von C:\Windows\winsxs\x86_microsoft-windows-w..for-management-core_31bf3856ad364e35_6.0.6001.18000_none_ca65755fad07cc55

21.01.2008  04:24           195.122 winrm.vbs
               1 Datei(en),        195.122 Bytes

 Verzeichnis von C:\Windows\winsxs\x86_microsoft-windows-w..for-management-core_31bf3856ad364e35_6.0.6002.18005_none_cc50ee6baa2997a1

21.01.2008  04:24           195.122 winrm.vbs
               1 Datei(en),        195.122 Bytes

 Verzeichnis von C:\Windows\winsxs\x86_microsoft-windows-w..for-management-core_31bf3856ad364e35_7.0.6001.18181_none_bb807475382e6b2a

01.08.2009  08:27           201.184 winrm.vbs
               1 Datei(en),        201.184 Bytes

 Verzeichnis von C:\Windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6000.16884_none_9a0b894107fccf79

01.04.2009  18:30            14.827 gatherWirelessInfo.vbs
               1 Datei(en),         14.827 Bytes

 Verzeichnis von C:\Windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6000.21082_none_9a92fd9a211c6fd7

01.04.2009  18:30            14.827 gatherWirelessInfo.vbs
               1 Datei(en),         14.827 Bytes

 Verzeichnis von C:\Windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6001.18000_none_9c44425304e62138

21.01.2008  04:23            15.181 gatherWirelessInfo.vbs
               1 Datei(en),         15.181 Bytes

 Verzeichnis von C:\Windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6001.18288_none_9bf5c90f051fc5c6

21.01.2008  04:23            15.181 gatherWirelessInfo.vbs
               1 Datei(en),         15.181 Bytes

 Verzeichnis von C:\Windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6001.22468_none_9c9507981e2d2ad5

21.01.2008  04:23            15.181 gatherWirelessInfo.vbs
               1 Datei(en),         15.181 Bytes

 Verzeichnis von C:\Windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.18005_none_9e2fbb5f0207ec84

21.01.2008  04:23            15.181 gatherWirelessInfo.vbs
               1 Datei(en),         15.181 Bytes

 Verzeichnis von C:\Windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.18064_none_9deddb8d02397ad3

21.01.2008  04:23            15.181 gatherWirelessInfo.vbs
               1 Datei(en),         15.181 Bytes

 Verzeichnis von C:\Windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.22170_none_9e68a7441b62d132

21.01.2008  04:23            15.181 gatherWirelessInfo.vbs
               1 Datei(en),         15.181 Bytes

 Verzeichnis von C:\Windows\winsxs\x86_netfx-sbs_ms_vsa_vb_codedomproc_31bf3856ad364e35_6.0.6000.16720_none_f5ad60ba98e5129e

27.07.2008  20:00            14.904 sbs_microsoft.vsa.vb.codedomprocessor.dll
               1 Datei(en),         14.904 Bytes

 Verzeichnis von C:\Windows\winsxs\x86_netfx-sbs_ms_vsa_vb_codedomproc_31bf3856ad364e35_6.0.6000.20883_none_f5f91edbb230a613

27.07.2008  19:55            14.904 sbs_microsoft.vsa.vb.codedomprocessor.dll
               1 Datei(en),         14.904 Bytes

 Verzeichnis von C:\Windows\winsxs\x86_netfx-sbs_ms_vsa_vb_codedomproc_31bf3856ad364e35_6.0.6001.18000_none_f7a93d5295fb6e86

21.01.2008  04:24            14.904 sbs_microsoft.vsa.vb.codedomprocessor.dll
               1 Datei(en),         14.904 Bytes

 Verzeichnis von C:\Windows\winsxs\x86_netfx-sbs_ms_vsa_vb_codedomproc_31bf3856ad364e35_6.0.6001.18111_none_f79f6f969602a0f5

27.07.2008  20:03            14.904 sbs_microsoft.vsa.vb.codedomprocessor.dll
               1 Datei(en),         14.904 Bytes

 Verzeichnis von C:\Windows\winsxs\x86_netfx-sbs_ms_vsa_vb_codedomproc_31bf3856ad364e35_6.0.6001.22230_none_f8126c3faf315f4a

27.07.2008  19:58            14.904 sbs_microsoft.vsa.vb.codedomprocessor.dll
               1 Datei(en),         14.904 Bytes

 Verzeichnis von C:\Windows\winsxs\x86_netfx-vsa_codedom_tlb_b03f5f7f11d50a3a_6.0.6000.16386_none_23cdaa8f338ceb01

20.10.2006  03:14             6.144 Microsoft.Vsa.Vb.CodeDOMProcessor.tlb
               1 Datei(en),          6.144 Bytes

 Verzeichnis von C:\Windows\winsxs\x86_netfx-vsa_codedom_tlb_b03f5f7f11d50a3a_6.0.6000.16720_none_23c830f33391ba75

27.07.2008  20:00             6.144 Microsoft.Vsa.Vb.CodeDOMProcessor.tlb
               1 Datei(en),          6.144 Bytes

 Verzeichnis von C:\Windows\winsxs\x86_netfx-vsa_codedom_tlb_b03f5f7f11d50a3a_6.0.6000.20883_none_0d0047974d33ff68

27.07.2008  19:55             6.144 Microsoft.Vsa.Vb.CodeDOMProcessor.tlb
               1 Datei(en),          6.144 Bytes

 Verzeichnis von C:\Windows\winsxs\x86_netfx-vsa_codedom_tlb_b03f5f7f11d50a3a_6.0.6001.18111_none_23a315a933e3c716

27.07.2008  20:03             6.144 Microsoft.Vsa.Vb.CodeDOMProcessor.tlb
               1 Datei(en),          6.144 Bytes

 Verzeichnis von C:\Windows\winsxs\x86_netfx-vsa_codedom_tlb_b03f5f7f11d50a3a_6.0.6001.22230_none_0cd786454d894029

27.07.2008  19:58             6.144 Microsoft.Vsa.Vb.CodeDOMProcessor.tlb
               1 Datei(en),          6.144 Bytes

     Anzahl der angezeigten Dateien:
             178 Datei(en),      5.508.322 Bytes
               9 Verzeichnis(se), 146.537.705.472 Bytes frei
 Datentr„ger in Laufwerk C: ist VistaOS
 Volumeseriennummer: 6E09-E1D4

 Verzeichnis von C:\ProgramData\Microsoft Help

02.05.2011  17:48               338 MS.VBE.DEV.12.1031.hxn
18.11.2009  07:48               338 MS.VBE.DEV.12.1036.hxn
18.11.2009  07:49               338 MS.VBE.DEV.12.1040.hxn
18.11.2009  07:48               338 MS.VBE.DEV.12.1043.hxn
               4 Datei(en),          1.352 Bytes

 Verzeichnis von C:\Users\All Users\Microsoft Help

02.05.2011  17:48               338 MS.VBE.DEV.12.1031.hxn
18.11.2009  07:48               338 MS.VBE.DEV.12.1036.hxn
18.11.2009  07:49               338 MS.VBE.DEV.12.1040.hxn
18.11.2009  07:48               338 MS.VBE.DEV.12.1043.hxn
               4 Datei(en),          1.352 Bytes

     Anzahl der angezeigten Dateien:
               8 Datei(en),          2.704 Bytes
               0 Verzeichnis(se), 146.539.778.048 Bytes frei
A            C:\app3.LOG
A  SHR       C:\bootmgr
A  S R       C:\BOOTSECT.BAK
A            C:\CA21.txt
A            C:\config.sys
A            C:\debug1214.txt
A            C:\devlist.txt
A            C:\Driver.10
A   HR       C:\F50SLAS.BIN
A            C:\Finish.log
A            C:\GPEapSim.log
A  SH   I    C:\hiberfil.sys
A            C:\HPDIU.log
A            C:\igoogle_log.txt
A       I    C:\inject.log
A            C:\inject.log.txt
A  SHR       C:\IO.SYS
A  SHR       C:\MSDOS.SYS
A            C:\NERO.LOG
A            C:\NetworkCfg.xml
A            C:\NIS2009.TXT
A            C:\OFFICE2007_A.TXT
A  SH        C:\pagefile.sys
A            C:\Pass.txt
A            C:\Patch.LOG
A            C:\READER_A.TXT
A            C:\RECOVERY.DAT
A            C:\RHDSetup.log
A            C:\store.log
A            C:\SumHidd.txt
A            C:\SumOS.txt
A            C:\V554.txt
A            C:\WindowsLive_A.TXT
 Datentr„ger in Laufwerk D: ist DATA
 Volumeseriennummer: BA5B-5235

 Verzeichnis von D:\091103\GraphPad

19.07.2008  19:05                45 autorun.inf
               1 Datei(en),             45 Bytes

     Anzahl der angezeigten Dateien:
               1 Datei(en),             45 Bytes
               0 Verzeichnis(se), 128.349.937.664 Bytes frei
 Datentr„ger in Laufwerk D: ist DATA
 Volumeseriennummer: BA5B-5235
A            D:\FirexFoxXPCOMLogging.txt
A            D:\Henriques et al 2006 C albicans and dubliniensis biofilm formation.pdf
 Datentr„ger in Laufwerk E: ist MY_DATA_021807
 Volumeseriennummer: 43CC-2F17
 Datentr„ger in Laufwerk E: ist MY_DATA_021807
 Volumeseriennummer: 43CC-2F17

 Verzeichnis von E:\o10prplcd01 (D)

27.02.2001  20:09               193 AUTORUN.INF
               1 Datei(en),            193 Bytes

 Verzeichnis von E:\o10prplcd01 (D)\ORK

02.03.2001  19:21               184 AUTORUN.INF
               1 Datei(en),            184 Bytes

     Anzahl der angezeigten Dateien:
               2 Datei(en),            377 Bytes
               0 Verzeichnis(se),              0 Bytes frei
Datei E:\*.* nicht gefunden 
 Datentr„ger in Laufwerk F: ist Volume
 Volumeseriennummer: BA89-8B58

 Verzeichnis von F:\

19.01.2012  10:47                76 autorun.inf
               1 Datei(en),             76 Bytes

     Anzahl der angezeigten Dateien:
               1 Datei(en),             76 Bytes
               0 Verzeichnis(se), 488.611.532.800 Bytes frei
 Datentr„ger in Laufwerk F: ist Volume
 Volumeseriennummer: BA89-8B58
A            F:\AutoOff.exe
A            F:\autorun.inf
A            F:\Menu.exe
A            F:\Start.txt
 Datentr„ger in Laufwerk G: ist KINGSTON
 Volumeseriennummer: E0FD-1813
 Datentr„ger in Laufwerk G: ist KINGSTON
 Volumeseriennummer: E0FD-1813
A            G:\license.txt
A            G:\radixgui.exe
A            G:\radix.sig
A            G:\Wissenschaftlicher Bibliothekar2.ppt
A            G:\Ad-Aware905Install.msi
A            G:\SUPERAntiSpyware.exe
A            G:\SDTHLPR.sys
A            G:\winvista.mbr
A            G:\win2kxp.mbr
A            G:\win7.mbr
A            G:\dbghelp.dll
A            G:\DisasmEngineDLL.dll
A            G:\symsrv.dll
A            G:\symsrv.yes
A            G:\log.txt
A            G:\selbstkontrolle 310511uam.ppt
A            G:\HHPC-6.csv
A            G:\Maánahmen Auditbericht Aesica (DIPS).doc
A            G:\Aufgaben.doc
A            G:\Antwort Auditbericht Chef.doc
A            G:\HHPC-13.CSV
A            G:\Partikelzahlen.xls
A            G:\Partikelmonitoring Plan.ppt
A            G:\Netropsin-Reagent.doc
A            G:\Partikelzahlen Gang.doc
A   H        G:\._080620 MZ Proth.114.JPG
A            G:\Partikelzahlen LKS.doc
A            G:\Partikelzahlen N„hrbodenk�che.doc
A   H        G:\._147-168.doc
A            G:\Partikelzahlen Laborleitung.doc
A            G:\Partikelzahlen LKS global.doc
A            G:\110928 Antwort Auditbericht Chef.doc
A            G:\Hygienemonitoring[4F].doc
A            G:\Hygienemonitoring[5F].doc
A            G:\LebenslaufFreiberg5.doc
A   H        G:\._100620 MZ44 EFb stats
A            G:\111004 DIP-Auditbericht Antwort.doc
A            G:\111004 DIP-Auditbericht Antwort2.doc
A            G:\TUFreiberg.5.doc
A            G:\bewerbung michling.pdf
A            G:\Poster Piosaxony Politics2.ppt
 Volume in Laufwerk H: hat keine Bezeichnung.
 Volumeseriennummer: 7F8D-1215
 Volume in Laufwerk H: hat keine Bezeichnung.
 Volumeseriennummer: 7F8D-1215
Datei H:\*.* nicht gefunden

Liebe Grüße

[kira]

Ich habe bei der Entfernung der autorun.inf Dateien Schwierigkeiten gehabt: Flasdisinfector lief nicht- kann es sein, dass
das unter Vista nicht läuft? auch tweakui lief nicht.

nein, unter Vista und Win7 nicht!

autorun.inf

kannst ja löschen

3. eset: Dieses log-file wurde ca. 2 h erstellt, bevor der scanner fertig war. Da scheint also irgendwas nicht zu stimmen, oder?
In der Quarantäne waren aber ca. 8 Dateien verschoben.

nein, das ist kein Protokoll!


Hier die Ergebnisse der scans:

otl fix:

Code:

:OTL


:Files
C:\Users\***\AppData\Roaming\BullGuard
ipconfig /flushdns /c

:Commands
[purity]
[emptytemp]

das ist kein Fix-Log!
nachsehen:

:\_OTL\Moved Files

[siddharta01]

oh, da habe ich wohl die falsche Datei erwischt.

Hier das otl-fix log:

Code:

All processes killed
========== OTL ==========
========== FILES ==========
C:\Users\***\AppData\Roaming\BullGuard\AppDumps folder moved successfully.
C:\Users\***\AppData\Roaming\BullGuard folder moved successfully.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\***\Desktop\cmd.bat deleted successfully.
C:\Users\***\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: ***
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 496223 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 51066256 bytes
->Flash cache emptied: 693 bytes
 
User: *** Standard
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 214080 bytes
RecycleBin emptied: 58770 bytes
 
Total Files Cleaned = 49,00 mb
 
 
OTL by OldTimer - Version 3.2.43.1 log created on 05272012_143019

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\CLDigitalHome\CLMS_AGENT_LOG1.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

vom eset scanner habe ich leider keine Daten mehr gefunden. Soll ich das nochmal machen oder einen anderen Scanner nehmen?

Liebe Grüße

[kira]

TweakUI und Flash Disinfector schon deinstalliert/entfernt?

Punkt 7 (ESET Online Scanner) bitte ja wiederholen

[siddharta01]

hallo,

es kann wieder weiter gehen.

Hier also der eset-scan:

Code:

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=c573ebb10e58ef468c4451ba64e29763
# end=stopped
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-06-08 11:55:01
# local_time=2012-06-08 01:55:01 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1797 16775165 100 100 4793 114045720 0 0
# compatibility_mode=5892 16776574 100 100 7836200 176685484 0 0
# compatibility_mode=8192 67108863 100 0 255 255 0 0
# scanned=94091
# found=0
# cleaned=0
# scan_time=3744
# version=7
# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=c573ebb10e58ef468c4451ba64e29763
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-06-08 03:19:51
# local_time=2012-06-08 05:19:51 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1797 16775165 100 100 603 114052836 4690 0
# compatibility_mode=5892 16776574 100 100 7843316 176692600 0 0
# compatibility_mode=8192 67108863 100 0 7371 7371 0 0
# scanned=298921
# found=0
# cleaned=0
# scan_time=8919

[kira]

► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?