Taskmanager lässt sich nicht öffnen!!!

[Schumacher76]

Wenn ich Strg + Alt + Entf drücke öffnet sich zwar das Menü von Windows, allerdings öffnet sich nach dem Klick auf dem Taskmanager dieser nicht! Es öffnet sich kurz ein Fenster, was aber sofort wieder verschwindet! Ich weiß auch nicht ob es sich um einen Virus handelt! Bitte um Hilfe!

[kira]

Herzlich Willkommen hier bei uns am HijackThis Supportboard!

**Bevor du mit Teil 1. der Aufgabe beginnst: HIER KLICKEN UND SORGFÄLTIG DURCHLESEN!** und ich bitte um kurze Bestätigung, dass du dies gelesen und akzeptiert hast!
Ein System zu bereinigen kann ein paar Tage dauern (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst
► Unrechtmäßig erworbene Software (durch Keygen, Crack, Keymaker) wird hier nicht geduldet, in diesem Fall wird der Support eingestellt.!

ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG!

Bitte lese Dir zuerst in Ruhe die Anweisungen durch und Du sollst dabei die Reihenfolge einhalten! Ansonsten verlangsamt unsere Arbeit, wenn wir immer wieder noch an Kleinigkeiten nachschlagen müssen und dadurch eventuell die Übersicht verloren geht...


► Erster Teil des 3-teiligen Verfahren, werden wir dein System auf Viren untersuchen, bzw nach einem anderen Verursacher suchen:
**Vista und Win7 Verwender: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen

1.
Das Program installieren und ausführen:
Anleitung:-> Bereinigung mit Malwarebytes' Anti-Malware (Vollständiger Suchlauf)

2.
Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

• Doppelklick auf die OTL.exe
• Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
• Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
• Unter Extra Registry, wähle bitte Use SafeList
• Mache Häkchen bei LOP- und Purity-Prüfung
• Klicke nun auf Run Scan links oben
• Wenn der Scan beendet wurde werden 2 Logfiles erstellt OTL.txt und extra.txt
• Poste die Logfiles in Code-Tags hier in den Thread.

3.
Um festzustellen, ob veraltete oder schädliche Software unter Programme installiert sind, ich würde gerne noch all deine installierten Programme sehen:

• Download den CCleaner
  
• Software-Lizenzvereinbarung lesen, falls irgendeine Toolbar angeboten wird, bitte abwählen!-> starten -> Falls nötig, auf "Deutsch" einstellen.
• starten-> klick auf `Extras` (um auf deinem System installierte Software zu anzeigen)-> dann auf `Als Textdatei speichern...`
• ein Textdatei wird automatisch erstellt, poste auch dieses Logfile (also die Liste alle installierten Programme...eine Textdatei)

Bitte alle Ergebnisse im Code-Tags posten!

vor dein Log schreibst Du (also am Anfang des Logfiles):[code]
hier kommt dein Logfile rein
dahinter - also am Ende der Logdatei:[/code]
Wie es geht:-> Logfiles in Code-Tags setzen

gruß
kira

[Schumacher76]

Hallo Kira,

danke für deine Antwort! Bevor ich das alles mache, vielleicht ist es doch gar kein Virus Problem! Vielleicht hat sich einfach nur was verstellt!

[Schumacher76]

Zu 1.

Code:

 Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.07.30.08

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
Naci :: AGUY-PC [Administrator]

30.07.2012 19:24:21
mbam-log-2012-07-30 (19-24-21).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 339557
Laufzeit: 49 Minute(n), 39 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

[Schumacher76]

Zu 1.

Code:

 OTL logfile created on: 30.07.2012 20:38:44 - Run 2
OTL by OldTimer - Version 3.2.55.0     Folder = C:\Users\Naci\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,64 Gb Available Physical Memory | 54,54% Memory free
5,99 Gb Paging File | 4,51 Gb Available in Paging File | 75,29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,56 Gb Total Space | 53,82 Gb Free Space | 55,16% Space Free | Partition Type: NTFS
Drive D: | 833,85 Gb Total Space | 765,76 Gb Free Space | 91,83% Space Free | Partition Type: NTFS
Drive E: | 696,57 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: AGUY-PC | User Name: Naci | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Naci\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Users\Naci\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Realtek\Audio\HDA\RtHDVBg.exe (Realtek Semiconductor)
PRC - C:\Programme\RemoteKeySrv\RemoteKeySrv.exe (Wistron Corporation)
PRC - C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Programme\Common Files\X10\Common\X10nets.exe (X10)
PRC - C:\Programme\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Programme\Canon\MyPrinter\BJMYPRT.EXE (CANON INC.)
PRC - C:\Programme\Common Files\microsoft shared\ink\TabTip.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\ink\InputPersonalization.exe (Microsoft Corporation)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
PRC - c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
MOD - C:\Programme\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Programme\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Programme\CyberLink\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Programme\WIDCOMM\Bluetooth Software\BTKeyInd.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (RemoteKeySrv) -- C:\Programme\RemoteKeySrv\RemoteKeySrv.exe (Wistron Corporation)
SRV - (IAStorDataMgrSvc) -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (x10nets) -- C:\Programme\Common Files\X10\Common\X10nets.exe (X10)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (PSI_SVC_2) -- c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (hwdatacard) -- system32\DRIVERS\ewusbmdm.sys File not found
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (hwpsgt) -- C:\Windows\System32\drivers\hwpsgt.sys ()
DRV - (lemsgt) -- C:\Windows\System32\drivers\lemsgt.sys ()
DRV - (Netaapl) -- C:\Windows\System32\drivers\netaapl.sys (Apple Inc.)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (rtl8192se) -- C:\Windows\System32\drivers\rtl8192se.sys (Realtek Semiconductor Corporation                           )
DRV - (RSUSBSTOR) -- C:\Windows\System32\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV - (NxpCap) -- C:\Windows\System32\drivers\NxpCap.sys (NXP Semiconductors Germany GmbH)
DRV - (btusbflt) -- C:\Windows\System32\drivers\btusbflt.sys (Broadcom Corporation.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (hidkmdf) -- C:\Windows\System32\drivers\hidkmdf.sys (Windows (R) Win 7 DDK provider)
DRV - (NW1950) -- C:\Windows\System32\drivers\NW1950.sys ()
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (XUIF) -- C:\Windows\System32\drivers\x10ufx2.sys (X10 Wireless Technology, Inc.)
DRV - (X10Hid) -- C:\Windows\System32\drivers\x10hid.sys (X10 Wireless Technology, Inc.)
DRV - (genport) -- C:\Programme\RemoteKeySrv\GENPORT.sys (Wistron)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B8 A1 EC 22 32 A8 CB 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.28 19:25:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.07.22 10:53:12 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.28 19:25:25 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.07.22 10:53:12 | 000,000,000 | ---D | M]
 
[2010.12.30 17:25:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Naci\AppData\Roaming\mozilla\Extensions
[2012.07.30 19:03:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Naci\AppData\Roaming\mozilla\Firefox\Profiles\y5fqs1ia.default\extensions
[2012.07.22 10:53:15 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.07.22 10:53:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.07.28 19:25:25 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.06.22 16:01:31 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.22 16:01:31 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.06.22 16:01:31 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.22 16:01:31 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.22 16:01:31 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.22 16:01:31 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O4 - HKLM..\Run: [Aeria Ignite] C:\Program Files\Aeria Games\Ignite\aeriaignite.exe (Aeria Games & Entertainment)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [IAStorIcon] C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PDVD9LanguageShortcut] C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [YouCam Mirror Tray icon] C:\Program Files\CyberLink\YouCam\YouCamTray.exe (CyberLink Corp.)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Naci\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [Spotify] "C:\Users\Naci\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart File not found
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Naci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Naci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RemoteKeySrv.lnk = C:\Programme\RemoteKeySrv\RemoteKeySrv.exe (Wistron Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Naci\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4C561652-E7FB-4DCA-BC8D-7260E2673116}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7DDFFE6B-ECEF-4BB5-8EFE-D18EB0FE02B0}: DhcpNameServer = 139.7.30.126 139.7.30.125
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{89c9c78d-61fc-11e1-9534-1c4bd6033c03}\Shell - "" = AutoRun
O33 - MountPoints2\{89c9c78d-61fc-11e1-9534-1c4bd6033c03}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{f572d32e-3087-11e0-9d26-1c4bd6033c03}\Shell - "" = AutoRun
O33 - MountPoints2\{f572d32e-3087-11e0-9d26-1c4bd6033c03}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{f572d332-3087-11e0-9d26-1c4bd6033c03}\Shell - "" = AutoRun
O33 - MountPoints2\{f572d332-3087-11e0-9d26-1c4bd6033c03}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{f572d371-3087-11e0-9d26-1c4bd6033c03}\Shell - "" = AutoRun
O33 - MountPoints2\{f572d371-3087-11e0-9d26-1c4bd6033c03}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{f572d374-3087-11e0-9d26-1c4bd6033c03}\Shell - "" = AutoRun
O33 - MountPoints2\{f572d374-3087-11e0-9d26-1c4bd6033c03}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.07.30 19:22:23 | 000,000,000 | ---D | C] -- C:\Users\Naci\AppData\Roaming\Malwarebytes
[2012.07.30 19:21:58 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.07.30 19:21:58 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.07.30 19:21:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.07.30 19:07:47 | 000,597,504 | ---- | C] (OldTimer Tools) -- C:\Users\Naci\Desktop\OTL.exe
[2012.07.22 14:21:19 | 000,000,000 | ---D | C] -- C:\Users\Naci\Desktop\Istanbul 2012
[2012.07.22 10:53:12 | 000,476,976 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\npdeployJava1.dll
[2012.07.14 12:12:14 | 000,000,000 | ---D | C] -- C:\Users\Naci\AppData\Local\Macromedia
[2012.07.14 12:01:29 | 000,000,000 | ---D | C] -- C:\Users\Naci\Desktop\Musik-Videos
[2012.07.11 22:56:59 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.07.11 08:12:33 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2012.07.11 08:12:31 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll
[2012.07.11 08:12:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2012.07.07 15:21:39 | 000,000,000 | ---D | C] -- C:\Users\Naci\AppData\Local\{56009EB3-8CB8-4FA8-BF1D-7C032452D605}
 
========== Files - Modified Within 30 Days ==========
 
[2012.07.30 19:21:59 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.30 19:07:54 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Naci\Desktop\OTL.exe
[2012.07.30 18:37:03 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.30 18:37:03 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.30 18:34:15 | 000,653,928 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.07.30 18:34:15 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.07.30 18:34:15 | 000,129,800 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.07.30 18:34:15 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.07.30 18:29:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.30 18:29:30 | 2414,432,256 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.22 10:53:06 | 000,476,976 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\npdeployJava1.dll
[2012.07.22 10:53:06 | 000,472,880 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2012.07.22 10:53:06 | 000,157,488 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012.07.22 10:53:06 | 000,149,296 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012.07.22 10:53:06 | 000,149,296 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012.07.14 11:55:06 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.07.14 11:55:06 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.07.12 09:16:53 | 000,366,528 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.07.03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
 
========== Files Created - No Company Name ==========
 
[2012.07.30 19:21:59 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.04.12 17:10:15 | 000,001,082 | ---- | C] () -- C:\Users\Naci\OpenOffice.org 3.3.lnk
[2012.04.12 16:11:45 | 000,116,224 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2012.04.12 16:11:45 | 000,045,056 | ---- | C] () -- C:\Windows\System32\unredmon.exe
[2012.02.07 20:33:58 | 000,016,384 | ---- | C] () -- C:\Users\Naci\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.11.21 17:43:12 | 000,137,344 | ---- | C] () -- C:\Windows\System32\drivers\hwpsgt.sys
[2011.11.21 17:42:53 | 000,009,472 | ---- | C] () -- C:\Windows\System32\drivers\lemsgt.sys
[2011.11.21 17:42:47 | 000,001,198 | ---- | C] () -- C:\Users\Naci\Vermeer 2.lnk
[2011.10.20 10:24:25 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2011.08.23 14:08:05 | 000,003,446 | ---- | C] () -- C:\Users\Naci\AppData\Roaming\wklnhst.dat
[2011.05.21 09:51:48 | 000,341,504 | ---- | C] () -- C:\Windows\System32\msdrm.dll
[2011.05.21 09:51:10 | 000,227,328 | ---- | C] () -- C:\Windows\System32\taskmgr.exe
[2011.05.21 09:51:09 | 001,188,864 | ---- | C] () -- C:\Windows\System32\DiagCpl.dll
[2011.05.21 09:50:49 | 000,270,336 | ---- | C] () -- C:\Windows\System32\sethc.exe
[2011.05.21 09:50:17 | 001,164,800 | ---- | C] () -- C:\Windows\System32\UIRibbonRes.dll
[2011.04.29 22:31:53 | 000,000,618 | ---- | C] () -- C:\Windows\eReg.dat
[2010.12.30 16:08:46 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
[2010.12.30 15:53:31 | 000,149,504 | ---- | C] () -- C:\Windows\unwise32_setup.exe
[2010.12.30 15:53:31 | 000,127,184 | ---- | C] () -- C:\Windows\Unwise.exe
[2010.12.30 15:52:45 | 000,007,648 | ---- | C] () -- C:\Windows\System32\716xCoInstaller.dll
[2010.12.30 15:52:45 | 000,000,480 | ---- | C] () -- C:\Windows\11317231_001416BE_ca.bin
[2010.12.30 15:52:45 | 000,000,480 | ---- | C] () -- C:\Windows\11317231_001316BE_ca.bin
[2010.12.30 15:52:45 | 000,000,480 | ---- | C] () -- C:\Windows\11317231_001216BE_ca.bin
[2010.12.30 15:43:41 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2010.12.30 15:40:51 | 000,013,224 | R--- | C] () -- C:\Windows\System32\drivers\RtPCEE3.DAT
 
========== LOP Check ==========
 
[2012.06.17 01:07:26 | 000,000,000 | ---D | M] -- C:\Users\Naci\AppData\Roaming\Aeria Games & Entertainment
[2011.01.13 15:34:16 | 000,000,000 | ---D | M] -- C:\Users\Naci\AppData\Roaming\Amazon
[2011.11.21 17:44:52 | 000,000,000 | ---D | M] -- C:\Users\Naci\AppData\Roaming\Ascaron Entertainment
[2012.06.24 13:44:44 | 000,000,000 | ---D | M] -- C:\Users\Naci\AppData\Roaming\Canon
[2011.12.28 14:27:01 | 000,000,000 | ---D | M] -- C:\Users\Naci\AppData\Roaming\DVDVideoSoft
[2011.12.28 14:26:52 | 000,000,000 | ---D | M] -- C:\Users\Naci\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.04.12 16:11:44 | 000,000,000 | ---D | M] -- C:\Users\Naci\AppData\Roaming\FreePDF
[2012.04.12 17:12:35 | 000,000,000 | ---D | M] -- C:\Users\Naci\AppData\Roaming\OpenOffice.org
[2011.03.25 00:06:34 | 000,000,000 | ---D | M] -- C:\Users\Naci\AppData\Roaming\PowerCinema
[2011.08.19 23:19:07 | 000,000,000 | ---D | M] -- C:\Users\Naci\AppData\Roaming\TeamViewer
[2011.08.28 13:54:58 | 000,000,000 | ---D | M] -- C:\Users\Naci\AppData\Roaming\Template
[2011.08.06 21:08:15 | 000,000,000 | ---D | M] -- C:\Users\Naci\AppData\Roaming\Windows Live Writer
[2012.06.12 19:53:34 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >

[Schumacher76]

Code:

 OTL Extras logfile created on: 30.07.2012 20:38:44 - Run 2
OTL by OldTimer - Version 3.2.55.0     Folder = C:\Users\Naci\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,64 Gb Available Physical Memory | 54,54% Memory free
5,99 Gb Paging File | 4,51 Gb Available in Paging File | 75,29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,56 Gb Total Space | 53,82 Gb Free Space | 55,16% Space Free | Partition Type: NTFS
Drive D: | 833,85 Gb Total Space | 765,76 Gb Free Space | 91,83% Space Free | Partition Type: NTFS
Drive E: | 696,57 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: AGUY-PC | User Name: Naci | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03D2DA3F-7E2B-42FE-AA20-08BD53B99F5A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{3BE35D12-3DB6-4D04-941E-D330E90FEE19}" = rport=445 | protocol=6 | dir=out | app=system | 
"{4530F754-894F-45C1-9F05-C97BCC69B00D}" = rport=139 | protocol=6 | dir=out | app=system | 
"{55C306E9-0F6F-44BA-8B58-D4D123D1D1D8}" = lport=137 | protocol=17 | dir=in | app=system | 
"{6985B4E4-1E76-4CC7-8099-270331111DCE}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{71CAE252-4583-4744-9EC7-397E30C0518E}" = rport=137 | protocol=17 | dir=out | app=system | 
"{71DD90B2-BB0D-4045-A380-4012A8A17CFD}" = rport=138 | protocol=17 | dir=out | app=system | 
"{863B40CF-3841-419C-A9EB-A341A3DDE766}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{944ADA5C-8E7D-49B2-AECB-3DE2AF8B3837}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{95B6679D-0996-411F-A4D0-A8D0D280B9C2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{9BEB9909-88A8-40DE-B553-ED2F7B4A42CE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{A57B43A7-DFF6-4EE4-B0BF-8C55A77E148A}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{C7C810B9-E577-4954-942C-21653870FB40}" = lport=138 | protocol=17 | dir=in | app=system | 
"{D02845B1-8AE1-4385-96BA-B71387AFD482}" = lport=139 | protocol=6 | dir=in | app=system | 
"{DB926BF8-1449-4852-9C40-A0CEF671EF8E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{F51D70C4-01FC-4091-8D73-69A0A30157C3}" = lport=445 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03D8806B-6101-4F86-978A-C205F0D08BBA}" = dir=in | app=c:\program files\cyberlink\powercinema\kernel\dms\clmsservice.exe | 
"{0F4D27E0-B162-474A-941A-B562BEAB4A90}" = dir=in | app=c:\program files\cyberlink\powercinema movie\powercinemamovie.exe | 
"{1B477B0B-5ED6-4123-92CB-D5A852A9074B}" = dir=in | app=c:\program files\cyberlink\youmemo\kernel\dmp\clbrowserengine.exe | 
"{22D017A1-E7DE-45EE-8ED1-6F70F3CB6AF8}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{276DA712-992A-468D-B0AF-FE42AD0D3893}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{2C705FD3-C008-4BB8-B8F2-A67E38D439EB}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{37C33CE5-A3AA-4371-B1B1-48E7AE348766}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd9.exe | 
"{3ADDDA64-7587-4848-BC9C-CDBF9C265BCC}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{3C06FB00-CCFC-46A7-B82F-8D2076ABA02F}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{4E84AFCA-1155-4739-85F4-CCA6F511E1C7}" = dir=in | app=c:\program files\cyberlink\youmemo\kernel\dms\clmsservice.exe | 
"{53A21F9B-2FF9-4DC1-9DA9-7198BF9A97D0}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | 
"{53BED78B-EA14-45A9-9F51-3142025A57D3}" = protocol=17 | dir=in | app=c:\users\naci\downloads\facemoods.exe | 
"{6D80C1A5-DBA5-4D5D-B6B5-327B1F637F70}" = dir=in | app=c:\program files\cyberlink\powercinema\kernel\dmp\clbrowserengine.exe | 
"{85C73DDC-0328-478D-9803-87C5DBEF94B8}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{8E23F225-C4DF-4045-ACD9-59D7C96B1C4B}" = protocol=6 | dir=in | app=c:\users\naci\downloads\facemoods.exe | 
"{98DCD0CE-7409-4809-83C0-C602234436DD}" = dir=in | app=c:\program files\cyberlink\youmemo\youmemo.exe | 
"{996D6D88-051A-4D25-A2D8-F9CE7B021F8A}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | 
"{A365AB8C-B909-4F54-BA01-4312B76B8894}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{AC53BA9E-2F86-43CD-9257-358C5E3E7E29}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe | 
"{BBC3DAEA-A717-4A8C-AA25-BBE01B3384A1}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{E34B3553-21B8-481F-A08F-5031FBA6C550}" = dir=in | app=c:\program files\cyberlink\youmemo\pcmservice.exe | 
"{E50CEC16-7C2C-4A04-8441-EF382F5F25B9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{E82BD61F-DAFB-48A3-9EC6-0E551240F98D}" = dir=in | app=c:\program files\cyberlink\powercinema\pcmservice.exe | 
"{ED1BBB99-56D1-4015-970E-27F1253D909B}" = dir=in | app=c:\program files\cyberlink\powercinema\powercinema.exe | 
"{EF91891C-DA08-4CAC-8637-47BF6EEF6EC1}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"TCP Query User{225241F9-192F-4D4A-A079-57FAF99CCBEF}C:\users\naci\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\naci\appdata\roaming\spotify\spotify.exe | 
"TCP Query User{41AA52E2-21DA-409A-8B19-C36A44B614F2}C:\users\naci\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\naci\appdata\local\akamai\netsession_win.exe | 
"TCP Query User{4ED701D3-DBAE-459F-A998-9D4A5F1F7702}C:\program files\ea games\command & conquer die ersten 10 jahre\command & conquer(tm) generals\game.dat" = protocol=6 | dir=in | app=c:\program files\ea games\command & conquer die ersten 10 jahre\command & conquer(tm) generals\game.dat | 
"TCP Query User{716F2705-C533-48BA-BDAE-61040DC86D12}C:\program files\ea games\command & conquer die ersten 10 jahre\command & conquer(tm) generals\game.dat" = protocol=6 | dir=in | app=c:\program files\ea games\command & conquer die ersten 10 jahre\command & conquer(tm) generals\game.dat | 
"TCP Query User{71A00AA9-4A4D-4FFF-81A6-FC52EE3BF753}C:\program files\ea games\command & conquer die ersten 10 jahre\command & conquer(tm) generals zero hour\generals.exe" = protocol=6 | dir=in | app=c:\program files\ea games\command & conquer die ersten 10 jahre\command & conquer(tm) generals zero hour\generals.exe | 
"TCP Query User{7B929ACC-F48E-4C98-AACE-7E2740C4CAB6}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{8C80AEA5-287E-451E-B0B6-E91E6680DD4D}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"TCP Query User{A5CC93A5-1F5E-4C72-9E52-52149563C2EE}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{CD1C2989-BFB9-4ACF-BEE0-B45554495D22}C:\aeriagames\wolfteam-de\wolfteam.bin" = protocol=6 | dir=in | app=c:\aeriagames\wolfteam-de\wolfteam.bin | 
"TCP Query User{E9913D2C-FCA1-4A47-8911-54604DAEF3E2}C:\program files\ea games\command and conquer generals\game.dat" = protocol=6 | dir=in | app=c:\program files\ea games\command and conquer generals\game.dat | 
"TCP Query User{F3640B11-7301-4432-AF94-C7C93CDE0882}C:\program files\ea games\command and conquer generals\game.dat" = protocol=6 | dir=in | app=c:\program files\ea games\command and conquer generals\game.dat | 
"UDP Query User{15FAC4D5-29DD-46AC-A67D-038015F4F5CF}C:\program files\ea games\command and conquer generals\game.dat" = protocol=17 | dir=in | app=c:\program files\ea games\command and conquer generals\game.dat | 
"UDP Query User{55C93221-B217-40F6-BC24-88E90A4034EF}C:\program files\ea games\command & conquer die ersten 10 jahre\command & conquer(tm) generals\game.dat" = protocol=17 | dir=in | app=c:\program files\ea games\command & conquer die ersten 10 jahre\command & conquer(tm) generals\game.dat | 
"UDP Query User{5BDDE5CF-42D2-484C-9F65-07637F5BF29A}C:\users\naci\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\naci\appdata\roaming\spotify\spotify.exe | 
"UDP Query User{5DE21ACA-E18A-4BA4-A8E5-E7D69497509B}C:\aeriagames\wolfteam-de\wolfteam.bin" = protocol=17 | dir=in | app=c:\aeriagames\wolfteam-de\wolfteam.bin | 
"UDP Query User{984727D1-F893-442F-8F6D-AAAF1CA53163}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"UDP Query User{9FC4FCB8-3554-4596-AE13-4508EFBED066}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"UDP Query User{A5BC4EA9-B96B-4B3C-9BBC-02188BE70D10}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"UDP Query User{AB859050-F9D1-4363-9770-C11304A64D63}C:\program files\ea games\command & conquer die ersten 10 jahre\command & conquer(tm) generals\game.dat" = protocol=17 | dir=in | app=c:\program files\ea games\command & conquer die ersten 10 jahre\command & conquer(tm) generals\game.dat | 
"UDP Query User{C6B0DBA7-4066-46FE-BF4F-8637AA5C1E01}C:\program files\ea games\command & conquer die ersten 10 jahre\command & conquer(tm) generals zero hour\generals.exe" = protocol=17 | dir=in | app=c:\program files\ea games\command & conquer die ersten 10 jahre\command & conquer(tm) generals zero hour\generals.exe | 
"UDP Query User{E808D571-2DDB-4D91-8150-1A6F2C55CB01}C:\program files\ea games\command and conquer generals\game.dat" = protocol=17 | dir=in | app=c:\program files\ea games\command and conquer generals\game.dat | 
"UDP Query User{FB308E21-ACD1-4A8E-9F32-03188BF50156}C:\users\naci\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\naci\appdata\local\akamai\netsession_win.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{806422F8-8E0A-494A-A369-0F34F1B89160}" = CorelDRAW Essentials 4 - Extra Content
"_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}" = CorelDRAW Essentials 4
"_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}" = CorelDRAW Essentials 4 - Windows Shell Extension
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"{07B62101-7EBD-434A-94B1-B38063BE5516}" = CorelDRAW Essentials 4 - PHOTO-PAINT
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0ED4216F-3540-4D6B-8199-1C8DDEA3924B}" = CorelDRAW Essentials 4 - Lang DE
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series" = Canon MP560 series MP Drivers
"{19AC095C-3520-4999-AA15-93B6D0248A50}" = CorelDRAW Essentials 4 - Content
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Medion Touch Center
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 33
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{34A9406E-1994-4C20-AC72-04CFA2B24545}" = CorelDRAW Essentials 4 - Lang EN
"{3576C335-958D-4D60-A812-F68F9A2796AF}" = CorelDRAW Essentials 4 - Lang IT
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CD4C30E-BD82-4592-B64A-8AD9784ECA9F}" = BMWi-Softwarepaket 10
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5176C4D8-E6C1-422A-8D6F-E13EB996DCEA}" = CyberLink YouMemo
"{525BA381-389C-4975-BDD3-C36DCF66D5BD}" = BMWi Updater
"{5500BB35-1C21-4328-9F16-F894B860FADE}" = CorelDRAW Essentials 4 - Lang NL
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{70CC0095-AA68-45BE-AE98-D8170182E9EB}" = PowerCinema Movie
"{710BF966-43C8-4216-A8EC-BC4E169FF7C1}" = MobileMe Control Panel
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{714F1BA5-F95E-4821-AA70-D30BBE04A5FF}" = NextWindow Drivers
"{72BF1DA0-2B00-4794-9173-159722019B74}" = CyberLink YouPaint
"{76E852ED-1B06-4BC8-9D6A-625DB95FB7E5}" = CorelDRAW Essentials 4 - IPM - No VBA
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{79846AA4-622E-5B48-18B2-02F53F423DFE}" = BMWi-Businessplaner Fuehren
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{806422F8-8E0A-494A-A369-0F34F1B89160}" = CorelDRAW Essentials 4 - Extra Content
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{9043B9A0-9505-405B-8202-E7167A38A89C}" = CorelDRAW Essentials 4
"{94F15234-1602-49AA-9D8C-4E0655173725}" = Aeria Ignite
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-00AF-0407-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet-TV für Windows Media Center
"{9D3D8C60-A55F-4fed-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB770FDE-8087-4C98-9A85-BD64262C104C}" = Medion Home Cinema
"{ABD8B955-1C69-4AF3-949B-13CD587C175F}" = CorelDRAW Essentials 4 - Lang BR
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{ACEB2BAF-96DF-48FD-ADD5-43842D4C443D}" = Adobe AIR
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{B9FA9F15-A1F3-4DB1-AD49-0B9351843FAA}" = CorelDRAW Essentials 4 - Draw
"{BA9319FE-BCEF-4C99-8039-F464648D046E}" = CorelDRAW Essentials 4 - Lang FR
"{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}" = CorelDRAW Essentials 4 - ICA
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C682F3F0-00A6-4379-B083-4F3273624D7B}" = CorelDRAW Essentials 4 - Lang ES
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}" = CorelDRAW Essentials 4 - Windows Shell Extension
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E24242E3-A4FF-FC3C-05F2-C83A9C821971}" = BMWi-Businessplaner Gruenden
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F16841F6-5F0F-4DBE-B318-63CEB916F21D}" = CorelDRAW Essentials 4 - Filters
"{F2AF3E5D-9697-485C-A5AC-E2B9468C446A}" = Safari
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FDB5E0F3-86EA-4379-8A2F-1BC2436543E9}" = iCloud
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Aeria Ignite" = Aeria Ignite
"Aeria Ignite 1.7.1238" = Aeria Ignite
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"Avira AntiVir Desktop" = Avira Free Antivirus
"BMWi Updater" = BMWi Updater
"BMWiBusinessplanerFuehren" = BMWi-Businessplaner Fuehren
"BMWiBusinessplanerGruenden" = BMWi-Businessplaner Gruenden
"BMWi-Softwarepaket 10" = BMWi-Softwarepaket 10
"Canon MP560 series Benutzerregistrierung" = Canon MP560 series Benutzerregistrierung
"CanonMyPrinter" = Canon Utilities My Printer
"Free YouTube Download_is1" = Free YouTube Download version 3.0.19.1206
"FreePDF_XP" = FreePDF (Remove only)
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Medion Touch Center
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{5176C4D8-E6C1-422A-8D6F-E13EB996DCEA}" = CyberLink YouMemo
"InstallShield_{72BF1DA0-2B00-4794-9173-159722019B74}" = CyberLink YouPaint
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{AB770FDE-8087-4C98-9A85-BD64262C104C}" = Medion Home Cinema
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"NAVIGON Fresh" = NAVIGON Fresh 3.3.2
"NVIDIA Drivers" = NVIDIA Drivers
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"Vermeer 2_is1" = Vermeer 2
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.11 (32-Bit)
"WolfTeam-DE" = WolfTeam-DE
"X10Hardware" = X10 Hardware(TM)
"YTdetect" = Yahoo! Detect
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{699D0EFA-5AC2-4DAB-846E-E4EFDA00ACAC}" = RemoteKeySrv
"Akamai" = Akamai NetSession Interface
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 25.04.2012 03:33:37 | Computer Name = Aguy-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\NextWindow\NW1950v2171\dpinst64.exe".
Die
 abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 25.04.2012 03:33:53 | Computer Name = Aguy-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\BMWi\BMWi
 Updater\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "C:\Program Files\BMWi\BMWi
 Updater\DelZip179.dll" in Zeile 8.  Der Wert "*" des "language"-Attributs im assemblyIdentity-Element
 ist ungültig.
 
Error - 26.04.2012 10:26:39 | Computer Name = Aguy-PC | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(dc:2b:61:8e:3e:93@fe80::de2b:61ff:fe8e:3e93._apple-mobdev._tcp.local.)
 active for over two minutes. This places considerable burden on the network.
 
Error - 27.04.2012 03:06:16 | Computer Name = Aguy-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\NextWindow\NW1950v2171_Vista\dpinst64.exe".
Die
 abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 27.04.2012 03:07:11 | Computer Name = Aguy-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\NextWindow\NW1950v2171\dpinst64.exe".
Die
 abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 27.04.2012 03:07:27 | Computer Name = Aguy-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\BMWi\BMWi
 Updater\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "C:\Program Files\BMWi\BMWi
 Updater\DelZip179.dll" in Zeile 8.  Der Wert "*" des "language"-Attributs im assemblyIdentity-Element
 ist ungültig.
 
Error - 30.04.2012 07:55:47 | Computer Name = Aguy-PC | Source = Windows Backup | ID = 4103
Description = 
 
Error - 30.04.2012 08:59:24 | Computer Name = Aguy-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\NextWindow\NW1950v2171_Vista\dpinst64.exe".
Die
 abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 30.04.2012 09:00:11 | Computer Name = Aguy-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\NextWindow\NW1950v2171\dpinst64.exe".
Die
 abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 30.04.2012 09:00:26 | Computer Name = Aguy-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\BMWi\BMWi
 Updater\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "C:\Program Files\BMWi\BMWi
 Updater\DelZip179.dll" in Zeile 8.  Der Wert "*" des "language"-Attributs im assemblyIdentity-Element
 ist ungültig.
 
[ Media Center Events ]
Error - 12.02.2011 12:29:49 | Computer Name = Aguy-PC | Source = MCUpdate | ID = 0
Description = 17:29:48 - Fehler beim Herstellen der Internetverbindung.  17:29:48 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 04.08.2011 02:35:33 | Computer Name = Aguy-PC | Source = MCUpdate | ID = 0
Description = 08:35:31 - Fehler beim Herstellen der Internetverbindung.  08:35:31 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 04.08.2011 03:36:07 | Computer Name = Aguy-PC | Source = MCUpdate | ID = 0
Description = 09:36:07 - Fehler beim Herstellen der Internetverbindung.  09:36:07 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 04.08.2011 04:36:41 | Computer Name = Aguy-PC | Source = MCUpdate | ID = 0
Description = 10:36:41 - Fehler beim Herstellen der Internetverbindung.  10:36:41 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 21.09.2011 06:11:21 | Computer Name = Aguy-PC | Source = MCUpdate | ID = 0
Description = 12:11:21 - Fehler beim Herstellen der Internetverbindung.  12:11:21 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 21.09.2011 06:11:30 | Computer Name = Aguy-PC | Source = MCUpdate | ID = 0
Description = 12:11:26 - Fehler beim Herstellen der Internetverbindung.  12:11:26 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 16.11.2011 06:51:22 | Computer Name = Aguy-PC | Source = MCUpdate | ID = 0
Description = 11:51:22 - Fehler beim Herstellen der Internetverbindung.  11:51:22 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 16.11.2011 06:51:56 | Computer Name = Aguy-PC | Source = MCUpdate | ID = 0
Description = 11:51:51 - Fehler beim Herstellen der Internetverbindung.  11:51:51 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 19.11.2011 12:03:54 | Computer Name = Aguy-PC | Source = MCUpdate | ID = 0
Description = 17:03:53 - Fehler beim Herstellen der Internetverbindung.  17:03:54 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 19.11.2011 12:04:27 | Computer Name = Aguy-PC | Source = MCUpdate | ID = 0
Description = 17:04:23 - Fehler beim Herstellen der Internetverbindung.  17:04:23 
-     Serververbindung konnte nicht hergestellt werden..  
 
[ System Events ]
Error - 03.06.2012 04:48:46 | Computer Name = Aguy-PC | Source = NetBT | ID = 4321
Description = Der Name "AGUY-PC        :0" konnte nicht auf der Schnittstelle mit
 IP-Adresse 192.168.2.101  registriert werden. Der Computer mit IP-Adresse 192.168.2.105
 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.
 
Error - 03.06.2012 11:18:11 | Computer Name = Aguy-PC | Source = NetBT | ID = 4321
Description = Der Name "AGUY-PC        :0" konnte nicht auf der Schnittstelle mit
 IP-Adresse 192.168.2.101  registriert werden. Der Computer mit IP-Adresse 192.168.2.105
 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.
 
Error - 08.06.2012 09:22:53 | Computer Name = Aguy-PC | Source = bowser | ID = 8003
Description = 
 
Error - 09.06.2012 08:43:07 | Computer Name = Aguy-PC | Source = bowser | ID = 8003
Description = 
 
Error - 11.06.2012 13:44:58 | Computer Name = Aguy-PC | Source = bowser | ID = 8003
Description = 
 
Error - 19.06.2012 09:57:21 | Computer Name = Aguy-PC | Source = bowser | ID = 8003
Description = 
 
Error - 03.07.2012 11:42:34 | Computer Name = Aguy-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 21.07.2012 14:48:04 | Computer Name = Aguy-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?21.?07.?2012 um 20:43:19 unerwartet heruntergefahren.
 
Error - 22.07.2012 04:31:37 | Computer Name = Aguy-PC | Source = volsnap | ID = 393245
Description = Die Schattenkopien von Volume "C:" wurde während der Ermittlung abgebrochen.
 
Error - 28.07.2012 06:19:05 | Computer Name = Aguy-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?28.?07.?2012 um 12:09:26 unerwartet heruntergefahren.
 
 
< End of report >

[Schumacher76]

Code:

 OTL Extras logfile created on: 30.07.2012 20:38:44 - Run 2
OTL by OldTimer - Version 3.2.55.0     Folder = C:\Users\Naci\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,64 Gb Available Physical Memory | 54,54% Memory free
5,99 Gb Paging File | 4,51 Gb Available in Paging File | 75,29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,56 Gb Total Space | 53,82 Gb Free Space | 55,16% Space Free | Partition Type: NTFS
Drive D: | 833,85 Gb Total Space | 765,76 Gb Free Space | 91,83% Space Free | Partition Type: NTFS
Drive E: | 696,57 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: AGUY-PC | User Name: Naci | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03D2DA3F-7E2B-42FE-AA20-08BD53B99F5A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{3BE35D12-3DB6-4D04-941E-D330E90FEE19}" = rport=445 | protocol=6 | dir=out | app=system | 
"{4530F754-894F-45C1-9F05-C97BCC69B00D}" = rport=139 | protocol=6 | dir=out | app=system | 
"{55C306E9-0F6F-44BA-8B58-D4D123D1D1D8}" = lport=137 | protocol=17 | dir=in | app=system | 
"{6985B4E4-1E76-4CC7-8099-270331111DCE}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{71CAE252-4583-4744-9EC7-397E30C0518E}" = rport=137 | protocol=17 | dir=out | app=system | 
"{71DD90B2-BB0D-4045-A380-4012A8A17CFD}" = rport=138 | protocol=17 | dir=out | app=system | 
"{863B40CF-3841-419C-A9EB-A341A3DDE766}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{944ADA5C-8E7D-49B2-AECB-3DE2AF8B3837}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{95B6679D-0996-411F-A4D0-A8D0D280B9C2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{9BEB9909-88A8-40DE-B553-ED2F7B4A42CE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{A57B43A7-DFF6-4EE4-B0BF-8C55A77E148A}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{C7C810B9-E577-4954-942C-21653870FB40}" = lport=138 | protocol=17 | dir=in | app=system | 
"{D02845B1-8AE1-4385-96BA-B71387AFD482}" = lport=139 | protocol=6 | dir=in | app=system | 
"{DB926BF8-1449-4852-9C40-A0CEF671EF8E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{F51D70C4-01FC-4091-8D73-69A0A30157C3}" = lport=445 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03D8806B-6101-4F86-978A-C205F0D08BBA}" = dir=in | app=c:\program files\cyberlink\powercinema\kernel\dms\clmsservice.exe | 
"{0F4D27E0-B162-474A-941A-B562BEAB4A90}" = dir=in | app=c:\program files\cyberlink\powercinema movie\powercinemamovie.exe | 
"{1B477B0B-5ED6-4123-92CB-D5A852A9074B}" = dir=in | app=c:\program files\cyberlink\youmemo\kernel\dmp\clbrowserengine.exe | 
"{22D017A1-E7DE-45EE-8ED1-6F70F3CB6AF8}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{276DA712-992A-468D-B0AF-FE42AD0D3893}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{2C705FD3-C008-4BB8-B8F2-A67E38D439EB}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{37C33CE5-A3AA-4371-B1B1-48E7AE348766}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd9.exe | 
"{3ADDDA64-7587-4848-BC9C-CDBF9C265BCC}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{3C06FB00-CCFC-46A7-B82F-8D2076ABA02F}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{4E84AFCA-1155-4739-85F4-CCA6F511E1C7}" = dir=in | app=c:\program files\cyberlink\youmemo\kernel\dms\clmsservice.exe | 
"{53A21F9B-2FF9-4DC1-9DA9-7198BF9A97D0}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | 
"{53BED78B-EA14-45A9-9F51-3142025A57D3}" = protocol=17 | dir=in | app=c:\users\naci\downloads\facemoods.exe | 
"{6D80C1A5-DBA5-4D5D-B6B5-327B1F637F70}" = dir=in | app=c:\program files\cyberlink\powercinema\kernel\dmp\clbrowserengine.exe | 
"{85C73DDC-0328-478D-9803-87C5DBEF94B8}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{8E23F225-C4DF-4045-ACD9-59D7C96B1C4B}" = protocol=6 | dir=in | app=c:\users\naci\downloads\facemoods.exe | 
"{98DCD0CE-7409-4809-83C0-C602234436DD}" = dir=in | app=c:\program files\cyberlink\youmemo\youmemo.exe | 
"{996D6D88-051A-4D25-A2D8-F9CE7B021F8A}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | 
"{A365AB8C-B909-4F54-BA01-4312B76B8894}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{AC53BA9E-2F86-43CD-9257-358C5E3E7E29}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe | 
"{BBC3DAEA-A717-4A8C-AA25-BBE01B3384A1}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{E34B3553-21B8-481F-A08F-5031FBA6C550}" = dir=in | app=c:\program files\cyberlink\youmemo\pcmservice.exe | 
"{E50CEC16-7C2C-4A04-8441-EF382F5F25B9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{E82BD61F-DAFB-48A3-9EC6-0E551240F98D}" = dir=in | app=c:\program files\cyberlink\powercinema\pcmservice.exe | 
"{ED1BBB99-56D1-4015-970E-27F1253D909B}" = dir=in | app=c:\program files\cyberlink\powercinema\powercinema.exe | 
"{EF91891C-DA08-4CAC-8637-47BF6EEF6EC1}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"TCP Query User{225241F9-192F-4D4A-A079-57FAF99CCBEF}C:\users\naci\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\naci\appdata\roaming\spotify\spotify.exe | 
"TCP Query User{41AA52E2-21DA-409A-8B19-C36A44B614F2}C:\users\naci\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\naci\appdata\local\akamai\netsession_win.exe | 
"TCP Query User{4ED701D3-DBAE-459F-A998-9D4A5F1F7702}C:\program files\ea games\command & conquer die ersten 10 jahre\command & conquer(tm) generals\game.dat" = protocol=6 | dir=in | app=c:\program files\ea games\command & conquer die ersten 10 jahre\command & conquer(tm) generals\game.dat | 
"TCP Query User{716F2705-C533-48BA-BDAE-61040DC86D12}C:\program files\ea games\command & conquer die ersten 10 jahre\command & conquer(tm) generals\game.dat" = protocol=6 | dir=in | app=c:\program files\ea games\command & conquer die ersten 10 jahre\command & conquer(tm) generals\game.dat | 
"TCP Query User{71A00AA9-4A4D-4FFF-81A6-FC52EE3BF753}C:\program files\ea games\command & conquer die ersten 10 jahre\command & conquer(tm) generals zero hour\generals.exe" = protocol=6 | dir=in | app=c:\program files\ea games\command & conquer die ersten 10 jahre\command & conquer(tm) generals zero hour\generals.exe | 
"TCP Query User{7B929ACC-F48E-4C98-AACE-7E2740C4CAB6}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{8C80AEA5-287E-451E-B0B6-E91E6680DD4D}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"TCP Query User{A5CC93A5-1F5E-4C72-9E52-52149563C2EE}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{CD1C2989-BFB9-4ACF-BEE0-B45554495D22}C:\aeriagames\wolfteam-de\wolfteam.bin" = protocol=6 | dir=in | app=c:\aeriagames\wolfteam-de\wolfteam.bin | 
"TCP Query User{E9913D2C-FCA1-4A47-8911-54604DAEF3E2}C:\program files\ea games\command and conquer generals\game.dat" = protocol=6 | dir=in | app=c:\program files\ea games\command and conquer generals\game.dat | 
"TCP Query User{F3640B11-7301-4432-AF94-C7C93CDE0882}C:\program files\ea games\command and conquer generals\game.dat" = protocol=6 | dir=in | app=c:\program files\ea games\command and conquer generals\game.dat | 
"UDP Query User{15FAC4D5-29DD-46AC-A67D-038015F4F5CF}C:\program files\ea games\command and conquer generals\game.dat" = protocol=17 | dir=in | app=c:\program files\ea games\command and conquer generals\game.dat | 
"UDP Query User{55C93221-B217-40F6-BC24-88E90A4034EF}C:\program files\ea games\command & conquer die ersten 10 jahre\command & conquer(tm) generals\game.dat" = protocol=17 | dir=in | app=c:\program files\ea games\command & conquer die ersten 10 jahre\command & conquer(tm) generals\game.dat | 
"UDP Query User{5BDDE5CF-42D2-484C-9F65-07637F5BF29A}C:\users\naci\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\naci\appdata\roaming\spotify\spotify.exe | 
"UDP Query User{5DE21ACA-E18A-4BA4-A8E5-E7D69497509B}C:\aeriagames\wolfteam-de\wolfteam.bin" = protocol=17 | dir=in | app=c:\aeriagames\wolfteam-de\wolfteam.bin | 
"UDP Query User{984727D1-F893-442F-8F6D-AAAF1CA53163}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"UDP Query User{9FC4FCB8-3554-4596-AE13-4508EFBED066}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"UDP Query User{A5BC4EA9-B96B-4B3C-9BBC-02188BE70D10}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"UDP Query User{AB859050-F9D1-4363-9770-C11304A64D63}C:\program files\ea games\command & conquer die ersten 10 jahre\command & conquer(tm) generals\game.dat" = protocol=17 | dir=in | app=c:\program files\ea games\command & conquer die ersten 10 jahre\command & conquer(tm) generals\game.dat | 
"UDP Query User{C6B0DBA7-4066-46FE-BF4F-8637AA5C1E01}C:\program files\ea games\command & conquer die ersten 10 jahre\command & conquer(tm) generals zero hour\generals.exe" = protocol=17 | dir=in | app=c:\program files\ea games\command & conquer die ersten 10 jahre\command & conquer(tm) generals zero hour\generals.exe | 
"UDP Query User{E808D571-2DDB-4D91-8150-1A6F2C55CB01}C:\program files\ea games\command and conquer generals\game.dat" = protocol=17 | dir=in | app=c:\program files\ea games\command and conquer generals\game.dat | 
"UDP Query User{FB308E21-ACD1-4A8E-9F32-03188BF50156}C:\users\naci\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\naci\appdata\local\akamai\netsession_win.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{806422F8-8E0A-494A-A369-0F34F1B89160}" = CorelDRAW Essentials 4 - Extra Content
"_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}" = CorelDRAW Essentials 4
"_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}" = CorelDRAW Essentials 4 - Windows Shell Extension
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"{07B62101-7EBD-434A-94B1-B38063BE5516}" = CorelDRAW Essentials 4 - PHOTO-PAINT
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0ED4216F-3540-4D6B-8199-1C8DDEA3924B}" = CorelDRAW Essentials 4 - Lang DE
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series" = Canon MP560 series MP Drivers
"{19AC095C-3520-4999-AA15-93B6D0248A50}" = CorelDRAW Essentials 4 - Content
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Medion Touch Center
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 33
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{34A9406E-1994-4C20-AC72-04CFA2B24545}" = CorelDRAW Essentials 4 - Lang EN
"{3576C335-958D-4D60-A812-F68F9A2796AF}" = CorelDRAW Essentials 4 - Lang IT
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CD4C30E-BD82-4592-B64A-8AD9784ECA9F}" = BMWi-Softwarepaket 10
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5176C4D8-E6C1-422A-8D6F-E13EB996DCEA}" = CyberLink YouMemo
"{525BA381-389C-4975-BDD3-C36DCF66D5BD}" = BMWi Updater
"{5500BB35-1C21-4328-9F16-F894B860FADE}" = CorelDRAW Essentials 4 - Lang NL
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{70CC0095-AA68-45BE-AE98-D8170182E9EB}" = PowerCinema Movie
"{710BF966-43C8-4216-A8EC-BC4E169FF7C1}" = MobileMe Control Panel
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{714F1BA5-F95E-4821-AA70-D30BBE04A5FF}" = NextWindow Drivers
"{72BF1DA0-2B00-4794-9173-159722019B74}" = CyberLink YouPaint
"{76E852ED-1B06-4BC8-9D6A-625DB95FB7E5}" = CorelDRAW Essentials 4 - IPM - No VBA
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{79846AA4-622E-5B48-18B2-02F53F423DFE}" = BMWi-Businessplaner Fuehren
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{806422F8-8E0A-494A-A369-0F34F1B89160}" = CorelDRAW Essentials 4 - Extra Content
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{9043B9A0-9505-405B-8202-E7167A38A89C}" = CorelDRAW Essentials 4
"{94F15234-1602-49AA-9D8C-4E0655173725}" = Aeria Ignite
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-00AF-0407-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet-TV für Windows Media Center
"{9D3D8C60-A55F-4fed-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB770FDE-8087-4C98-9A85-BD64262C104C}" = Medion Home Cinema
"{ABD8B955-1C69-4AF3-949B-13CD587C175F}" = CorelDRAW Essentials 4 - Lang BR
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{ACEB2BAF-96DF-48FD-ADD5-43842D4C443D}" = Adobe AIR
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{B9FA9F15-A1F3-4DB1-AD49-0B9351843FAA}" = CorelDRAW Essentials 4 - Draw
"{BA9319FE-BCEF-4C99-8039-F464648D046E}" = CorelDRAW Essentials 4 - Lang FR
"{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}" = CorelDRAW Essentials 4 - ICA
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C682F3F0-00A6-4379-B083-4F3273624D7B}" = CorelDRAW Essentials 4 - Lang ES
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}" = CorelDRAW Essentials 4 - Windows Shell Extension
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E24242E3-A4FF-FC3C-05F2-C83A9C821971}" = BMWi-Businessplaner Gruenden
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F16841F6-5F0F-4DBE-B318-63CEB916F21D}" = CorelDRAW Essentials 4 - Filters
"{F2AF3E5D-9697-485C-A5AC-E2B9468C446A}" = Safari
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FDB5E0F3-86EA-4379-8A2F-1BC2436543E9}" = iCloud
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Aeria Ignite" = Aeria Ignite
"Aeria Ignite 1.7.1238" = Aeria Ignite
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"Avira AntiVir Desktop" = Avira Free Antivirus
"BMWi Updater" = BMWi Updater
"BMWiBusinessplanerFuehren" = BMWi-Businessplaner Fuehren
"BMWiBusinessplanerGruenden" = BMWi-Businessplaner Gruenden
"BMWi-Softwarepaket 10" = BMWi-Softwarepaket 10
"Canon MP560 series Benutzerregistrierung" = Canon MP560 series Benutzerregistrierung
"CanonMyPrinter" = Canon Utilities My Printer
"Free YouTube Download_is1" = Free YouTube Download version 3.0.19.1206
"FreePDF_XP" = FreePDF (Remove only)
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Medion Touch Center
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{5176C4D8-E6C1-422A-8D6F-E13EB996DCEA}" = CyberLink YouMemo
"InstallShield_{72BF1DA0-2B00-4794-9173-159722019B74}" = CyberLink YouPaint
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{AB770FDE-8087-4C98-9A85-BD64262C104C}" = Medion Home Cinema
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"NAVIGON Fresh" = NAVIGON Fresh 3.3.2
"NVIDIA Drivers" = NVIDIA Drivers
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"Vermeer 2_is1" = Vermeer 2
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.11 (32-Bit)
"WolfTeam-DE" = WolfTeam-DE
"X10Hardware" = X10 Hardware(TM)
"YTdetect" = Yahoo! Detect
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{699D0EFA-5AC2-4DAB-846E-E4EFDA00ACAC}" = RemoteKeySrv
"Akamai" = Akamai NetSession Interface
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 25.04.2012 03:33:37 | Computer Name = Aguy-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\NextWindow\NW1950v2171\dpinst64.exe".
Die
 abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 25.04.2012 03:33:53 | Computer Name = Aguy-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\BMWi\BMWi
 Updater\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "C:\Program Files\BMWi\BMWi
 Updater\DelZip179.dll" in Zeile 8.  Der Wert "*" des "language"-Attributs im assemblyIdentity-Element
 ist ungültig.
 
Error - 26.04.2012 10:26:39 | Computer Name = Aguy-PC | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(dc:2b:61:8e:3e:93@fe80::de2b:61ff:fe8e:3e93._apple-mobdev._tcp.local.)
 active for over two minutes. This places considerable burden on the network.
 
Error - 27.04.2012 03:06:16 | Computer Name = Aguy-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\NextWindow\NW1950v2171_Vista\dpinst64.exe".
Die
 abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 27.04.2012 03:07:11 | Computer Name = Aguy-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\NextWindow\NW1950v2171\dpinst64.exe".
Die
 abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 27.04.2012 03:07:27 | Computer Name = Aguy-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\BMWi\BMWi
 Updater\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "C:\Program Files\BMWi\BMWi
 Updater\DelZip179.dll" in Zeile 8.  Der Wert "*" des "language"-Attributs im assemblyIdentity-Element
 ist ungültig.
 
Error - 30.04.2012 07:55:47 | Computer Name = Aguy-PC | Source = Windows Backup | ID = 4103
Description = 
 
Error - 30.04.2012 08:59:24 | Computer Name = Aguy-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\NextWindow\NW1950v2171_Vista\dpinst64.exe".
Die
 abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 30.04.2012 09:00:11 | Computer Name = Aguy-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\NextWindow\NW1950v2171\dpinst64.exe".
Die
 abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 30.04.2012 09:00:26 | Computer Name = Aguy-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\BMWi\BMWi
 Updater\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "C:\Program Files\BMWi\BMWi
 Updater\DelZip179.dll" in Zeile 8.  Der Wert "*" des "language"-Attributs im assemblyIdentity-Element
 ist ungültig.
 
[ Media Center Events ]
Error - 12.02.2011 12:29:49 | Computer Name = Aguy-PC | Source = MCUpdate | ID = 0
Description = 17:29:48 - Fehler beim Herstellen der Internetverbindung.  17:29:48 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 04.08.2011 02:35:33 | Computer Name = Aguy-PC | Source = MCUpdate | ID = 0
Description = 08:35:31 - Fehler beim Herstellen der Internetverbindung.  08:35:31 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 04.08.2011 03:36:07 | Computer Name = Aguy-PC | Source = MCUpdate | ID = 0
Description = 09:36:07 - Fehler beim Herstellen der Internetverbindung.  09:36:07 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 04.08.2011 04:36:41 | Computer Name = Aguy-PC | Source = MCUpdate | ID = 0
Description = 10:36:41 - Fehler beim Herstellen der Internetverbindung.  10:36:41 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 21.09.2011 06:11:21 | Computer Name = Aguy-PC | Source = MCUpdate | ID = 0
Description = 12:11:21 - Fehler beim Herstellen der Internetverbindung.  12:11:21 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 21.09.2011 06:11:30 | Computer Name = Aguy-PC | Source = MCUpdate | ID = 0
Description = 12:11:26 - Fehler beim Herstellen der Internetverbindung.  12:11:26 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 16.11.2011 06:51:22 | Computer Name = Aguy-PC | Source = MCUpdate | ID = 0
Description = 11:51:22 - Fehler beim Herstellen der Internetverbindung.  11:51:22 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 16.11.2011 06:51:56 | Computer Name = Aguy-PC | Source = MCUpdate | ID = 0
Description = 11:51:51 - Fehler beim Herstellen der Internetverbindung.  11:51:51 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 19.11.2011 12:03:54 | Computer Name = Aguy-PC | Source = MCUpdate | ID = 0
Description = 17:03:53 - Fehler beim Herstellen der Internetverbindung.  17:03:54 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 19.11.2011 12:04:27 | Computer Name = Aguy-PC | Source = MCUpdate | ID = 0
Description = 17:04:23 - Fehler beim Herstellen der Internetverbindung.  17:04:23 
-     Serververbindung konnte nicht hergestellt werden..  
 
[ System Events ]
Error - 03.06.2012 04:48:46 | Computer Name = Aguy-PC | Source = NetBT | ID = 4321
Description = Der Name "AGUY-PC        :0" konnte nicht auf der Schnittstelle mit
 IP-Adresse 192.168.2.101  registriert werden. Der Computer mit IP-Adresse 192.168.2.105
 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.
 
Error - 03.06.2012 11:18:11 | Computer Name = Aguy-PC | Source = NetBT | ID = 4321
Description = Der Name "AGUY-PC        :0" konnte nicht auf der Schnittstelle mit
 IP-Adresse 192.168.2.101  registriert werden. Der Computer mit IP-Adresse 192.168.2.105
 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.
 
Error - 08.06.2012 09:22:53 | Computer Name = Aguy-PC | Source = bowser | ID = 8003
Description = 
 
Error - 09.06.2012 08:43:07 | Computer Name = Aguy-PC | Source = bowser | ID = 8003
Description = 
 
Error - 11.06.2012 13:44:58 | Computer Name = Aguy-PC | Source = bowser | ID = 8003
Description = 
 
Error - 19.06.2012 09:57:21 | Computer Name = Aguy-PC | Source = bowser | ID = 8003
Description = 
 
Error - 03.07.2012 11:42:34 | Computer Name = Aguy-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 21.07.2012 14:48:04 | Computer Name = Aguy-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?21.?07.?2012 um 20:43:19 unerwartet heruntergefahren.
 
Error - 22.07.2012 04:31:37 | Computer Name = Aguy-PC | Source = volsnap | ID = 393245
Description = Die Schattenkopien von Volume "C:" wurde während der Ermittlung abgebrochen.
 
Error - 28.07.2012 06:19:05 | Computer Name = Aguy-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?28.?07.?2012 um 12:09:26 unerwartet heruntergefahren.
 
 
< End of report >

[Schumacher76]

Code:

 OTL logfile created on: 30.07.2012 20:38:44 - Run 2
OTL by OldTimer - Version 3.2.55.0     Folder = C:\Users\Naci\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,64 Gb Available Physical Memory | 54,54% Memory free
5,99 Gb Paging File | 4,51 Gb Available in Paging File | 75,29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,56 Gb Total Space | 53,82 Gb Free Space | 55,16% Space Free | Partition Type: NTFS
Drive D: | 833,85 Gb Total Space | 765,76 Gb Free Space | 91,83% Space Free | Partition Type: NTFS
Drive E: | 696,57 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: AGUY-PC | User Name: Naci | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Naci\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Users\Naci\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Realtek\Audio\HDA\RtHDVBg.exe (Realtek Semiconductor)
PRC - C:\Programme\RemoteKeySrv\RemoteKeySrv.exe (Wistron Corporation)
PRC - C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Programme\Common Files\X10\Common\X10nets.exe (X10)
PRC - C:\Programme\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Programme\Canon\MyPrinter\BJMYPRT.EXE (CANON INC.)
PRC - C:\Programme\Common Files\microsoft shared\ink\TabTip.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\ink\InputPersonalization.exe (Microsoft Corporation)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
PRC - c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
MOD - C:\Programme\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Programme\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Programme\CyberLink\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Programme\WIDCOMM\Bluetooth Software\BTKeyInd.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (RemoteKeySrv) -- C:\Programme\RemoteKeySrv\RemoteKeySrv.exe (Wistron Corporation)
SRV - (IAStorDataMgrSvc) -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (x10nets) -- C:\Programme\Common Files\X10\Common\X10nets.exe (X10)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (PSI_SVC_2) -- c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (hwdatacard) -- system32\DRIVERS\ewusbmdm.sys File not found
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (hwpsgt) -- C:\Windows\System32\drivers\hwpsgt.sys ()
DRV - (lemsgt) -- C:\Windows\System32\drivers\lemsgt.sys ()
DRV - (Netaapl) -- C:\Windows\System32\drivers\netaapl.sys (Apple Inc.)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (rtl8192se) -- C:\Windows\System32\drivers\rtl8192se.sys (Realtek Semiconductor Corporation                           )
DRV - (RSUSBSTOR) -- C:\Windows\System32\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV - (NxpCap) -- C:\Windows\System32\drivers\NxpCap.sys (NXP Semiconductors Germany GmbH)
DRV - (btusbflt) -- C:\Windows\System32\drivers\btusbflt.sys (Broadcom Corporation.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (hidkmdf) -- C:\Windows\System32\drivers\hidkmdf.sys (Windows (R) Win 7 DDK provider)
DRV - (NW1950) -- C:\Windows\System32\drivers\NW1950.sys ()
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (XUIF) -- C:\Windows\System32\drivers\x10ufx2.sys (X10 Wireless Technology, Inc.)
DRV - (X10Hid) -- C:\Windows\System32\drivers\x10hid.sys (X10 Wireless Technology, Inc.)
DRV - (genport) -- C:\Programme\RemoteKeySrv\GENPORT.sys (Wistron)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B8 A1 EC 22 32 A8 CB 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.28 19:25:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.07.22 10:53:12 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.28 19:25:25 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.07.22 10:53:12 | 000,000,000 | ---D | M]
 
[2010.12.30 17:25:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Naci\AppData\Roaming\mozilla\Extensions
[2012.07.30 19:03:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Naci\AppData\Roaming\mozilla\Firefox\Profiles\y5fqs1ia.default\extensions
[2012.07.22 10:53:15 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.07.22 10:53:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.07.28 19:25:25 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.06.22 16:01:31 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.22 16:01:31 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.06.22 16:01:31 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.22 16:01:31 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.22 16:01:31 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.22 16:01:31 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O4 - HKLM..\Run: [Aeria Ignite] C:\Program Files\Aeria Games\Ignite\aeriaignite.exe (Aeria Games & Entertainment)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [IAStorIcon] C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PDVD9LanguageShortcut] C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [YouCam Mirror Tray icon] C:\Program Files\CyberLink\YouCam\YouCamTray.exe (CyberLink Corp.)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Naci\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [Spotify] "C:\Users\Naci\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart File not found
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Naci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Naci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RemoteKeySrv.lnk = C:\Programme\RemoteKeySrv\RemoteKeySrv.exe (Wistron Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Naci\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4C561652-E7FB-4DCA-BC8D-7260E2673116}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7DDFFE6B-ECEF-4BB5-8EFE-D18EB0FE02B0}: DhcpNameServer = 139.7.30.126 139.7.30.125
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{89c9c78d-61fc-11e1-9534-1c4bd6033c03}\Shell - "" = AutoRun
O33 - MountPoints2\{89c9c78d-61fc-11e1-9534-1c4bd6033c03}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{f572d32e-3087-11e0-9d26-1c4bd6033c03}\Shell - "" = AutoRun
O33 - MountPoints2\{f572d32e-3087-11e0-9d26-1c4bd6033c03}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{f572d332-3087-11e0-9d26-1c4bd6033c03}\Shell - "" = AutoRun
O33 - MountPoints2\{f572d332-3087-11e0-9d26-1c4bd6033c03}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{f572d371-3087-11e0-9d26-1c4bd6033c03}\Shell - "" = AutoRun
O33 - MountPoints2\{f572d371-3087-11e0-9d26-1c4bd6033c03}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{f572d374-3087-11e0-9d26-1c4bd6033c03}\Shell - "" = AutoRun
O33 - MountPoints2\{f572d374-3087-11e0-9d26-1c4bd6033c03}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.07.30 19:22:23 | 000,000,000 | ---D | C] -- C:\Users\Naci\AppData\Roaming\Malwarebytes
[2012.07.30 19:21:58 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.07.30 19:21:58 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.07.30 19:21:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.07.30 19:07:47 | 000,597,504 | ---- | C] (OldTimer Tools) -- C:\Users\Naci\Desktop\OTL.exe
[2012.07.22 14:21:19 | 000,000,000 | ---D | C] -- C:\Users\Naci\Desktop\Istanbul 2012
[2012.07.22 10:53:12 | 000,476,976 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\npdeployJava1.dll
[2012.07.14 12:12:14 | 000,000,000 | ---D | C] -- C:\Users\Naci\AppData\Local\Macromedia
[2012.07.14 12:01:29 | 000,000,000 | ---D | C] -- C:\Users\Naci\Desktop\Musik-Videos
[2012.07.11 22:56:59 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.07.11 08:12:33 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2012.07.11 08:12:31 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll
[2012.07.11 08:12:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2012.07.07 15:21:39 | 000,000,000 | ---D | C] -- C:\Users\Naci\AppData\Local\{56009EB3-8CB8-4FA8-BF1D-7C032452D605}
 
========== Files - Modified Within 30 Days ==========
 
[2012.07.30 19:21:59 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.30 19:07:54 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Naci\Desktop\OTL.exe
[2012.07.30 18:37:03 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.30 18:37:03 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.30 18:34:15 | 000,653,928 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.07.30 18:34:15 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.07.30 18:34:15 | 000,129,800 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.07.30 18:34:15 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.07.30 18:29:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.30 18:29:30 | 2414,432,256 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.22 10:53:06 | 000,476,976 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\npdeployJava1.dll
[2012.07.22 10:53:06 | 000,472,880 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2012.07.22 10:53:06 | 000,157,488 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012.07.22 10:53:06 | 000,149,296 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012.07.22 10:53:06 | 000,149,296 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012.07.14 11:55:06 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.07.14 11:55:06 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.07.12 09:16:53 | 000,366,528 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.07.03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
 
========== Files Created - No Company Name ==========
 
[2012.07.30 19:21:59 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.04.12 17:10:15 | 000,001,082 | ---- | C] () -- C:\Users\Naci\OpenOffice.org 3.3.lnk
[2012.04.12 16:11:45 | 000,116,224 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2012.04.12 16:11:45 | 000,045,056 | ---- | C] () -- C:\Windows\System32\unredmon.exe
[2012.02.07 20:33:58 | 000,016,384 | ---- | C] () -- C:\Users\Naci\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.11.21 17:43:12 | 000,137,344 | ---- | C] () -- C:\Windows\System32\drivers\hwpsgt.sys
[2011.11.21 17:42:53 | 000,009,472 | ---- | C] () -- C:\Windows\System32\drivers\lemsgt.sys
[2011.11.21 17:42:47 | 000,001,198 | ---- | C] () -- C:\Users\Naci\Vermeer 2.lnk
[2011.10.20 10:24:25 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2011.08.23 14:08:05 | 000,003,446 | ---- | C] () -- C:\Users\Naci\AppData\Roaming\wklnhst.dat
[2011.05.21 09:51:48 | 000,341,504 | ---- | C] () -- C:\Windows\System32\msdrm.dll
[2011.05.21 09:51:10 | 000,227,328 | ---- | C] () -- C:\Windows\System32\taskmgr.exe
[2011.05.21 09:51:09 | 001,188,864 | ---- | C] () -- C:\Windows\System32\DiagCpl.dll
[2011.05.21 09:50:49 | 000,270,336 | ---- | C] () -- C:\Windows\System32\sethc.exe
[2011.05.21 09:50:17 | 001,164,800 | ---- | C] () -- C:\Windows\System32\UIRibbonRes.dll
[2011.04.29 22:31:53 | 000,000,618 | ---- | C] () -- C:\Windows\eReg.dat
[2010.12.30 16:08:46 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
[2010.12.30 15:53:31 | 000,149,504 | ---- | C] () -- C:\Windows\unwise32_setup.exe
[2010.12.30 15:53:31 | 000,127,184 | ---- | C] () -- C:\Windows\Unwise.exe
[2010.12.30 15:52:45 | 000,007,648 | ---- | C] () -- C:\Windows\System32\716xCoInstaller.dll
[2010.12.30 15:52:45 | 000,000,480 | ---- | C] () -- C:\Windows\11317231_001416BE_ca.bin
[2010.12.30 15:52:45 | 000,000,480 | ---- | C] () -- C:\Windows\11317231_001316BE_ca.bin
[2010.12.30 15:52:45 | 000,000,480 | ---- | C] () -- C:\Windows\11317231_001216BE_ca.bin
[2010.12.30 15:43:41 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2010.12.30 15:40:51 | 000,013,224 | R--- | C] () -- C:\Windows\System32\drivers\RtPCEE3.DAT
 
========== LOP Check ==========
 
[2012.06.17 01:07:26 | 000,000,000 | ---D | M] -- C:\Users\Naci\AppData\Roaming\Aeria Games & Entertainment
[2011.01.13 15:34:16 | 000,000,000 | ---D | M] -- C:\Users\Naci\AppData\Roaming\Amazon
[2011.11.21 17:44:52 | 000,000,000 | ---D | M] -- C:\Users\Naci\AppData\Roaming\Ascaron Entertainment
[2012.06.24 13:44:44 | 000,000,000 | ---D | M] -- C:\Users\Naci\AppData\Roaming\Canon
[2011.12.28 14:27:01 | 000,000,000 | ---D | M] -- C:\Users\Naci\AppData\Roaming\DVDVideoSoft
[2011.12.28 14:26:52 | 000,000,000 | ---D | M] -- C:\Users\Naci\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.04.12 16:11:44 | 000,000,000 | ---D | M] -- C:\Users\Naci\AppData\Roaming\FreePDF
[2012.04.12 17:12:35 | 000,000,000 | ---D | M] -- C:\Users\Naci\AppData\Roaming\OpenOffice.org
[2011.03.25 00:06:34 | 000,000,000 | ---D | M] -- C:\Users\Naci\AppData\Roaming\PowerCinema
[2011.08.19 23:19:07 | 000,000,000 | ---D | M] -- C:\Users\Naci\AppData\Roaming\TeamViewer
[2011.08.28 13:54:58 | 000,000,000 | ---D | M] -- C:\Users\Naci\AppData\Roaming\Template
[2011.08.06 21:08:15 | 000,000,000 | ---D | M] -- C:\Users\Naci\AppData\Roaming\Windows Live Writer
[2012.06.12 19:53:34 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >

[kira]

Punkt 3. fehlt noch

Hast du in der letzten Zeit:

• Irgendwas an deinem System geändert?
• Programme/Treiber/Spiele installiert,Update gezogen..etc - und waren die Quellen sicher?

[Schumacher76]

Hallo Kira,

am System habe ich soviel ich weiß nichts geändert. Java und Adobe hatte mir eine Update Benachrichtigung geschickt, die ich akzeptiert bzw. aktualisiert habe! Ansonsten fällt mir nichts ein im Moment!

Hier noch Punkt 3 :

Code:

 Adobe AIR	Adobe Systems Incorporated	17.10.2011		3.0.0.4080
Adobe Flash Player 11 ActiveX	Adobe Systems Incorporated	12.10.2011	6,00MB	11.0.1.152
Adobe Flash Player 11 Plugin	Adobe Systems Incorporated	14.07.2012	6,00MB	11.3.300.265
Adobe Reader X (10.1.3) - Deutsch	Adobe Systems Incorporated	12.04.2012	168MB	10.1.3
Aeria Ignite	Aeria Games & Entertainment	17.06.2012		1.7.1238
Akamai NetSession Interface	Akamai Technologies, Inc	22.06.2012		
Amazon MP3-Downloader 1.0.9		13.01.2011		
Apple Application Support	Apple Inc.	21.12.2011	61,1MB	2.1.6
Apple Mobile Device Support	Apple Inc.	18.11.2011	24,0MB	4.0.0.97
Apple Software Update	Apple Inc.	26.07.2011	2,38MB	2.1.3.127
Avira Free Antivirus	Avira	28.05.2012	124MB	12.0.0.1125
BMWi Updater	A2C Software AG, Aachen	17.10.2011		1.0
BMWi-Businessplaner Fuehren	UNKNOWN	17.10.2011		1.0
BMWi-Businessplaner Gruenden	UNKNOWN	17.10.2011		1.0
BMWi-Softwarepaket 10	A2C Software AG	17.10.2011		10.0
Bonjour	Apple Inc.	18.11.2011	1,02MB	3.0.0.10
Canon MP Navigator EX 3.0		13.01.2011		
Canon MP560 series Benutzerregistrierung		13.01.2011		
Canon MP560 series MP Drivers		13.01.2011		
Canon Utilities My Printer		13.01.2011		
CCleaner	Piriform	24.07.2012		3.21
Command & Conquer Generals	Electronic Arts	05.11.2011	1,51GB	0.50.0000
Compatibility Pack für 2007 Office System	Microsoft Corporation	10.05.2012	178MB	12.0.6612.1000
CorelDRAW Essentials 4	Corel Corporation	30.12.2010		
CorelDRAW Essentials 4 - Extra Content	Corel Corporation	30.12.2010		
CorelDRAW Essentials 4 - Windows Shell Extension	Corel Corporation	30.12.2010	2,93MB	
CyberLink LabelPrint	CyberLink Corp.	30.12.2010	143MB	2.5.2411
CyberLink MediaShow	CyberLink Corp.	30.12.2010	186MB	4.1.3415
CyberLink PhotoNow	CyberLink Corp.	30.12.2010	21,8MB	1.1.6904
CyberLink Power2Go	CyberLink Corp.	30.12.2010	104MB	6.1.3602c
CyberLink PowerDirector	CyberLink Corp.	30.12.2010	310MB	8.0.2326
CyberLink PowerDVD 9	CyberLink Corp.	30.12.2010	151MB	9.0.2010
CyberLink PowerDVD Copy	CyberLink Corp.	30.12.2010		1.0.6720
CyberLink PowerProducer	CyberLink Corp.	30.12.2010	155MB	5.0.2.2326
CyberLink YouCam	CyberLink Corp.	30.12.2010	131MB	3.0.2423
CyberLink YouMemo	CyberLink Corp.	30.12.2010	75,9MB	1.0.3706
CyberLink YouPaint	CyberLink Corp.	30.12.2010	65,4MB	1.2.1223a
Free YouTube Download version 3.0.19.1206	DVDVideoSoft Ltd.	28.12.2011	68,7MB	
FreePDF (Remove only)		12.04.2012		
iCloud	Apple Inc.	21.12.2011	22,3MB	1.0.2.17
Intel(R) Rapid Storage Technology	Intel Corporation	30.12.2010		9.5.5.1003
Internet-TV für Windows Media Center	Microsoft Corporation	02.01.2012	13,6MB	4.2.2.0
iTunes	Apple Inc.	01.02.2012	170MB	10.5.3.3
Java(TM) 6 Update 22	Oracle	12.04.2012	97,0MB	6.0.220
Java(TM) 6 Update 33	Oracle	22.07.2012	95,6MB	6.0.330
Malwarebytes Anti-Malware Version 1.62.0.1300	Malwarebytes Corporation	30.07.2012	18,7MB	1.62.0.1300
Medion Home Cinema	CyberLink Corp.	30.12.2010	964KB	6.0.0000
Medion Touch Center	CyberLink Corp.	30.12.2010	98,1MB	7.0.3707
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	08.02.2011	38,8MB	4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack	Microsoft Corporation	08.02.2011	2,93MB	4.0.30319
Microsoft PowerPoint Viewer	Microsoft Corporation	17.02.2012	195MB	14.0.6029.1000
Microsoft Silverlight	Microsoft Corporation	24.05.2012	44,7MB	5.1.10411.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053	Microsoft Corporation	24.01.2012	252KB	8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	25.07.2011	300KB	8.0.61001
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570	Microsoft Corporation	13.04.2011	598KB	9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17	Microsoft Corporation	30.12.2010	596KB	9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148	Microsoft Corporation	30.12.2010	596KB	9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161	Microsoft Corporation	25.07.2011	600KB	9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219	Microsoft Corporation	29.05.2012	12,2MB	10.0.40219
Microsoft Works	Microsoft Corporation	12.04.2012	711MB	9.7.0621
MobileMe Control Panel	Apple Inc.	21.12.2011	12,9MB	3.1.8.0
Mozilla Firefox 14.0.1 (x86 de)	Mozilla	28.07.2012	37,9MB	14.0.1
Mozilla Maintenance Service	Mozilla	28.07.2012	309KB	14.0.1
NAVIGON Fresh 3.3.2	NAVIGON	27.09.2011		3.3.2
NextWindow Drivers	NextWindow	30.12.2010	27,8MB	1.4.114
NVIDIA Drivers	NVIDIA Corporation	30.12.2010		1.10
OpenOffice.org 3.3	OpenOffice.org	12.04.2012	412MB	3.3.9567
QuickTime	Apple Inc.	18.11.2011	73,2MB	7.71.80.42
Realtek Ethernet Controller Driver For Windows Vista and Later	Realtek	30.12.2010		1.00.0011
Realtek High Definition Audio Driver	Realtek Semiconductor Corp.	30.12.2010		6.0.1.6015
Realtek USB 2.0 Card Reader	Realtek Semiconductor Corp.	30.12.2010		6.1.7600.30111
REALTEK Wireless LAN Driver	REALTEK Semiconductor Corp.	30.12.2010		1.00.0130
RedMon - Redirection Port Monitor		12.04.2012		
RemoteKeySrv	Wistron Corporation.	30.12.2010		1.0.2.109
Safari	Apple Inc.	21.12.2011	43,2MB	5.34.52.7
Skype™ 5.9	Skype Technologies S.A.	03.05.2012	19,3MB	5.9.114
Vermeer 2	Ascaron Entertainment GmbH	21.11.2011		
WIDCOMM Bluetooth Software	Broadcom Corporation	30.12.2010	88,3MB	6.2.0.9600
Windows Live Essentials	Microsoft Corporation	19.08.2011		15.4.3538.0513
Windows Media Player Firefox Plugin	Microsoft Corp	26.01.2011	296KB	1.0.0.8
WinRAR 4.11 (32-Bit)	win.rar GmbH	27.02.2012		4.11.0
WolfTeam-DE		16.04.2012		
X10 Hardware(TM)		30.12.2010