| |
| |||||||
Log-Analyse und Auswertung: 50€ Forderung bei Windows-StartWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
19.12.2011, 18:31
| #1 |
 |  50€ Forderung bei Windows-Start Hi, Ich hab quasi das selbe Problem wie in folgendem Thread: http://www.trojaner-board.de/106109-...s-7-start.html War mit Firefox (neuste Version) unterwegs, plötzlich öffnete sich scheinbar ein PopUp, was eine Geldforderung anzeigte. Schließen so ging nicht. Alt+F4 half dann. Ein Internet Explorer und Explorer war auch offen, ebenfalls mit Alt+F4 geschlossen. Mein Desktop-Hintergrund wurde nun angezeigt, machen konnte ich aber nix. Reagierte nicht auf Maus oder Tastatur scheinbar. Task Manager über Tastatur ging -> Neustart Befehl. Währenddessen waren im Hintergrund noch genug Programme offen, so dass ich den Neustart verhindern konnte und wieder auf dem "richtigen" Desktop gelandet bin. Heute morgen starte ich dann den PC wieder und direkt öffnet sich ein weißes Fenster (was wohl diese Geldforderung wieder anzeigen sollte). Mit Alt+F4 liess es sich wieder schließen, IE und Explorer Fenster ebenfalls. Aber zum normalen Einsatz kam ich gar nicht mehr. Durch den abgesichteren Modus konnte ich dann "Rant Lend Heinz" (angeblich von Packard Bell) kicken. Seitdem kann ich normal starten und in der Autostart-Liste wird das ebenfalls nicht mehr angezeigt... Sichergehen will ich trotzdem und daher meinen Log hier posten. Also hier mein OTL Log: Code:
ATTFilter OTL logfile created on: 19.12.2011 18:11:53 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Micha\Desktop 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,05 Gb Available Physical Memory | 51,16% Memory free 8,00 Gb Paging File | 5,93 Gb Available in Paging File | 74,21% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 48,73 Gb Total Space | 1,29 Gb Free Space | 2,65% Space Free | Partition Type: NTFS Drive D: | 785,03 Gb Total Space | 160,37 Gb Free Space | 20,43% Space Free | Partition Type: NTFS Computer Name: M7CHA | User Name: Micha | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Micha\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom) PRC - C:\Windows\SysWOW64\PnkBstrA.exe () PRC - C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe () PRC - C:\Program Files (x86)\DVBViewer\DVBVservice.exe (CM & V) PRC - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe () PRC - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe (AnchorFree Inc.) ========== Modules (No Company Name) ========== MOD - C:\Users\Micha\AppData\Roaming\Mozilla\Firefox\Profiles\lcry2s8f.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\gecko8\WINNT_x86-msvc\SSSLauncher.dll () MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll () ========== Win32 Services (SafeList) ========== SRV:64bit: - (O&O Defrag) -- C:\Program Files\OO Software\Defrag\oodag.exe (O&O Software GmbH) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SRV - (TomTomHOMEService) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom) SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe () SRV - (HssTrayService) -- C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.exe () SRV - (HotspotShieldService) -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe () SRV - (npggsvc) -- C:\Windows\SysWow64\GameMon.des (INCA Internet Co., Ltd.) SRV - (DVBVRecorder) -- C:\Program Files (x86)\DVBViewer\DVBVservice.exe (CM & V) SRV - (HssWd) -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe () SRV - (HssSrv) -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe (AnchorFree Inc.) SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH) DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (RMCAST) -- C:\Windows\SysNative\drivers\rmcast.sys (Microsoft Corporation) DRV:64bit: - (HssDrv) -- C:\Windows\SysNative\drivers\HssDrv.sys (AnchorFree Inc.) DRV:64bit: - (taphss) -- C:\Windows\SysNative\drivers\taphss.sys (AnchorFree Inc) DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys () DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project) DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation) DRV:64bit: - (UDST7000HID) -- C:\Windows\SysNative\drivers\UDST7000HID.sys (TechniSat Digital S.A.) DRV:64bit: - (UDST7000BDA) -- C:\Windows\SysNative\drivers\UDST7000BDA.sys (TechniSat Digital S.A.) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (athrusb) -- C:\Windows\SysNative\drivers\athrxusb.sys (Atheros Communications, Inc.) DRV:64bit: - (adfs) -- C:\Windows\SysNative\drivers\adfs.sys (Adobe Systems, Inc.) DRV:64bit: - (ZY202_VS) -- C:\Windows\SysNative\drivers\WlanGZG.sys (Atheros Communications, Inc.) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.) DRV - (pfc) -- C:\Windows\SysWOW64\drivers\pfc.sys (Padus, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://shop.thefreevpn.com/home.php IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6E 77 1D A8 6C CF CA 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local;*.local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.xrel.to/releases.html" FF - prefs.js..network.proxy.type: 0 FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Micha\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Micha\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2010.12.14 17:21:34 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2010.12.14 17:21:35 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.11.08 17:52:46 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.11.02 20:58:09 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{6914FB52-C4FC-42DD-AA46-43A6D02A776C}: C:\Users\Micha\AppData\Local\{6914FB52-C4FC-42DD-AA46-43A6D02A776C} [2011.01.25 23:47:32 | 000,000,000 | ---D | M] [2011.08.11 19:23:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Micha\AppData\Roaming\mozilla\Extensions [2011.08.11 19:23:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Micha\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2011.12.18 17:42:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Micha\AppData\Roaming\mozilla\Firefox\Profiles\lcry2s8f.default\extensions [2011.12.16 07:21:29 | 000,000,000 | ---D | M] (FireShot) -- C:\Users\Micha\AppData\Roaming\mozilla\Firefox\Profiles\lcry2s8f.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2011.11.26 11:45:26 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Micha\AppData\Roaming\mozilla\Firefox\Profiles\lcry2s8f.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2011.12.08 19:30:32 | 000,000,000 | ---D | M] (WebMail Notifier) -- C:\Users\Micha\AppData\Roaming\mozilla\Firefox\Profiles\lcry2s8f.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66} [2011.09.22 13:16:59 | 000,000,000 | ---D | M] (Cookies Manager+) -- C:\Users\Micha\AppData\Roaming\mozilla\Firefox\Profiles\lcry2s8f.default\extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} [2011.08.31 14:20:01 | 000,000,000 | ---D | M] ("ImageHost Grabber") -- C:\Users\Micha\AppData\Roaming\mozilla\Firefox\Profiles\lcry2s8f.default\extensions\{E4091D66-127C-11DB-903A-DE80D2EFDFE8} [2011.11.08 17:52:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2011.04.08 15:21:01 | 000,000,000 | ---D | M] (afurladvisor) -- C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com [2011.01.25 23:47:32 | 000,000,000 | ---D | M] (XULRunner) -- C:\USERS\MICHA\APPDATA\LOCAL\{6914FB52-C4FC-42DD-AA46-43A6D02A776C} () (No name found) -- C:\USERS\MICHA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LCRY2S8F.DEFAULT\EXTENSIONS\{46551EC9-40F0-4E47-8E18-8E5CF550CFB8}.XPI () (No name found) -- C:\USERS\MICHA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LCRY2S8F.DEFAULT\EXTENSIONS\{C07D1A49-9894-49FF-A594-38960EDE8FB9}.XPI () (No name found) -- C:\USERS\MICHA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LCRY2S8F.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI () (No name found) -- C:\USERS\MICHA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LCRY2S8F.DEFAULT\EXTENSIONS\{EF522540-89F5-46B9-B6FE-1829E2B572C6}.XPI () (No name found) -- C:\USERS\MICHA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LCRY2S8F.DEFAULT\EXTENSIONS\ICH@MALTEGOETZ.DE.XPI () (No name found) -- C:\USERS\MICHA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LCRY2S8F.DEFAULT\EXTENSIONS\SECURELOGIN@BLUEIMP.NET.XPI () (No name found) -- C:\USERS\MICHA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LCRY2S8F.DEFAULT\EXTENSIONS\STATUS4EVAR@CALIGONSTUDIOS.COM.XPI () (No name found) -- C:\USERS\MICHA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LCRY2S8F.DEFAULT\EXTENSIONS\STEALTHYEXTENSION@GMAIL.COM.XPI [2011.11.08 17:52:46 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.02.02 20:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2011.06.21 15:49:37 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.06.21 15:49:37 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2011.06.21 15:49:37 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011.06.21 15:49:37 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2011.06.21 15:49:37 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2011.06.21 15:49:37 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Micha\AppData\Local\Google\Chrome\Application\15.0.874.121\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Micha\AppData\Local\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Micha\AppData\Local\Google\Chrome\Application\15.0.874.121\pdf.dll CHR - plugin: DivX OVS Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Google Update (Enabled) = C:\Users\Micha\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: DivX HiQ = C:\Users\Micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.0.900_1\ CHR - Extension: AdBlock = C:\Users\Micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.4.29_0\ CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.0.900_1\ Hosts file not found O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll (AnchorFree Inc.) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.) O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKCU..\Run: [AdobeBridge] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm () O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm () O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm () O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm () O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4083B7D6-93C1-4546-8E69-A836839524AA}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B03CCBA5-C47B-40C6-BB87-7FE386CD2366}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D7B19686-B466-4226-879D-D95AA3C392CC}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{34412a8f-12a2-11df-8be7-0024215bb3f7}\Shell - "" = AutoRun O33 - MountPoints2\{34412a8f-12a2-11df-8be7-0024215bb3f7}\Shell\AutoRun\command - "" = F:\Setup.exe O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (OODBS) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.12.19 17:35:19 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Micha\Desktop\OTL.exe [2011.12.14 16:18:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011.12.14 16:18:02 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2011.12.14 16:18:02 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2011.12.14 07:35:39 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2011.12.14 07:35:39 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2011.12.14 07:35:37 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2011.12.14 07:35:37 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2011.12.14 07:35:37 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2011.12.14 07:35:36 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2011.12.14 07:35:35 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2011.12.14 07:35:35 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2011.12.14 07:35:35 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2011.12.14 07:35:35 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2011.12.14 07:35:34 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2011.12.14 07:34:02 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll [2011.12.14 07:33:53 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll [2011.12.14 07:33:53 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll [2011.12.11 20:40:43 | 000,000,000 | ---D | C] -- C:\Users\Micha\Documents\FILSHtray [2011.12.11 20:40:43 | 000,000,000 | ---D | C] -- C:\Users\Micha\AppData\Local\FILSH_Media_GmbH [2011.12.11 20:40:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FILSHtray [2011.12.11 20:40:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FILSHtray [2011.12.09 19:25:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader 5.1 [2011.12.08 14:24:11 | 000,000,000 | ---D | C] -- C:\Users\Micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ski Challenge 12 (SRF) [2011.12.08 14:12:53 | 000,000,000 | ---D | C] -- C:\Users\Micha\AppData\Roaming\Nitro PDF [2011.12.08 14:12:36 | 000,028,968 | ---- | C] (Nitro PDF Software) -- C:\Windows\SysNative\nitrolocalmon2.dll [2011.12.08 14:12:36 | 000,017,192 | ---- | C] (Nitro PDF Software) -- C:\Windows\SysNative\nitrolocalui2.dll [2011.12.08 14:12:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Nitro PDF [2011.12.08 14:11:17 | 000,000,000 | ---D | C] -- C:\Users\Micha\AppData\Roaming\Downloaded Installations [2011.11.27 17:05:08 | 000,000,000 | ---D | C] -- C:\Users\Micha\Desktop\éÁéÕé+é±é¦âAâNâVâçâô [2011.11.24 12:43:56 | 000,000,000 | ---D | C] -- C:\Users\Micha\AppData\Local\Sidhe [2011.11.23 22:46:33 | 000,000,000 | ---D | C] -- C:\Users\Micha\AppData\Local\Ubisoft Game Launcher [2011.11.23 22:46:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft [2011.11.23 22:46:31 | 000,000,000 | ---D | C] -- C:\Users\Micha\Documents\Assassin's Creed Revelations [2011.11.22 21:54:20 | 000,000,000 | ---D | C] -- C:\Users\Micha\.android [2011.11.22 21:54:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Android [2011.11.20 18:34:53 | 000,000,000 | ---D | C] -- C:\Users\Micha\AppData\Roaming\2K Sports [6 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.12.19 18:12:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2034920276-3348135786-2086485318-1000UA.job [2011.12.19 17:35:20 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Micha\Desktop\OTL.exe [2011.12.19 17:12:53 | 004,000,705 | ---- | M] () -- C:\Users\Micha\Desktop\Spank.MP3.mp3 [2011.12.19 17:12:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2034920276-3348135786-2086485318-1000Core.job [2011.12.19 16:33:07 | 000,016,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.12.19 16:33:07 | 000,016,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.12.19 16:27:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.12.19 16:27:43 | 3220,578,304 | -HS- | M] () -- C:\hiberfil.sys [2011.12.19 16:27:42 | 002,081,616 | ---- | M] () -- C:\Windows\SysNative\oodbs.lor [2011.12.18 21:09:49 | 001,644,406 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011.12.18 21:09:49 | 000,707,916 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2011.12.18 21:09:49 | 000,661,512 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011.12.18 21:09:49 | 000,153,402 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2011.12.18 21:09:49 | 000,125,598 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011.12.18 20:55:02 | 004,878,836 | ---- | M] () -- C:\Users\Micha\Desktop\CAZZETTE vs Kanye West, Rick Ross, Jay-Z, Bon Iver & Nikki Minaj - I'm A Motherf_king Monster - Cazzette.mp3 [2011.12.18 20:51:04 | 007,010,338 | ---- | M] () -- C:\Users\Micha\Desktop\CAZZETTE vs Kanye West, Rick Ross, Jay-Z, Bon Iver & Nikki Minaj -- I m A Motherf__king Monster.mp3 [2011.12.18 20:12:45 | 125,315,075 | ---- | M] () -- C:\Users\Micha\Desktop\Laidback Luke at Dirty Dutch Blackout (Air, Amsterdam) 17.12.2011.mp3 [2011.12.18 20:12:38 | 113,353,237 | ---- | M] () -- C:\Users\Micha\Desktop\Chuckie at Dirty Dutch Blackout - Amsterdam 17.12.2011 [exQlusiv.com].mp3 [2011.12.17 19:21:54 | 193,479,189 | ---- | M] () -- C:\Users\Micha\Desktop\Tiësto at Mission Impossible Premiere - Rio de Janeiro, Brasil 14.12.2011 [exQlusiv.com].mp3 [2011.12.17 12:41:00 | 095,703,661 | ---- | M] () -- C:\Users\Micha\Desktop\01-fedde_le_grand_-_live_at_pacha_(nyc)-sat-12-09-2011-talion.mp3 [2011.12.17 11:50:32 | 112,608,697 | ---- | M] () -- C:\Users\Micha\Desktop\Swedish House Mafia at Madison Square Garden, New York 16.12.2011 [exQlusiv.com].mp3 [2011.12.17 10:39:06 | 185,287,975 | ---- | M] () -- C:\Users\Micha\Desktop\01-sebastian_ingrosso_-_live_at_glow_washington_(dc)-sat-11-23-2011-talion.mp3 [2011.12.17 06:19:19 | 163,866,484 | ---- | M] () -- C:\Users\Micha\Desktop\01-skrillex_-_mothership_002-sat-12-16-2011-talion.mp3 [2011.12.17 02:22:28 | 097,788,381 | ---- | M] () -- C:\Users\Micha\Desktop\01-david_guetta-fuck_me_i_am_famous_(538)-sat-17-12-2011-1king.mp3 [2011.12.17 01:12:33 | 097,480,766 | ---- | M] () -- C:\Users\Micha\Desktop\01-afrojack_and_bobby_burns-jacked_(538)-sat-17-12-2011-1king.mp3 [2011.12.16 07:37:42 | 173,614,161 | ---- | M] () -- C:\Users\Micha\Desktop\swanky_tunes_-_2011_annual_report.mp3 [2011.12.15 19:55:05 | 009,006,535 | ---- | M] () -- C:\Users\Micha\Desktop\Skrillex - THE DISCO RANGERS BUS (KNOWS HOT TO ROCK N ROLL).mp3 [2011.12.14 11:55:21 | 005,173,448 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011.12.13 19:44:10 | 000,354,760 | ---- | M] () -- C:\Users\Micha\Desktop\chuckie.jpg [2011.12.13 16:56:10 | 000,054,096 | ---- | M] () -- C:\Users\Micha\Desktop\sakamoto_0005.JPG.jpg [2011.12.13 16:56:08 | 000,054,174 | ---- | M] () -- C:\Users\Micha\Desktop\sakamoto_0004.JPG.jpg [2011.12.13 16:56:05 | 000,052,766 | ---- | M] () -- C:\Users\Micha\Desktop\sakamoto_0003.JPG.jpg [2011.12.13 16:56:03 | 000,054,636 | ---- | M] () -- C:\Users\Micha\Desktop\sakamoto_0002.JPG.jpg [2011.12.13 16:56:00 | 000,049,596 | ---- | M] () -- C:\Users\Micha\Desktop\sakamoto_0001.JPG.jpg [2011.12.13 16:55:56 | 000,047,476 | ---- | M] () -- C:\Users\Micha\Desktop\sakamoto_0000.JPG.jpg [2011.12.13 16:52:26 | 000,196,091 | ---- | M] () -- C:\Users\Micha\Desktop\6477995007_0cf53aa3ac_b.jpg [2011.12.13 16:52:20 | 000,319,821 | ---- | M] () -- C:\Users\Micha\Desktop\6477998897_fc5b269567_b.jpg [2011.12.13 16:52:14 | 000,219,459 | ---- | M] () -- C:\Users\Micha\Desktop\6478001463_1fc94bd010_b.jpg [2011.12.13 16:52:08 | 000,223,256 | ---- | M] () -- C:\Users\Micha\Desktop\6478216729_ca9380f946_b.jpg [2011.12.13 16:52:03 | 000,204,846 | ---- | M] () -- C:\Users\Micha\Desktop\6478218115_6304186c0d_b.jpg [2011.12.13 16:51:57 | 000,121,565 | ---- | M] () -- C:\Users\Micha\Desktop\6478219463_2a125e1e7e_b.jpg [2011.12.13 14:15:11 | 000,275,859 | ---- | M] () -- C:\Users\Micha\Desktop\img_8706.jpg [2011.12.13 14:09:06 | 000,055,809 | ---- | M] () -- C:\Users\Micha\Desktop\Maria2.jpg [2011.12.13 14:05:37 | 000,055,427 | ---- | M] () -- C:\Users\Micha\Desktop\Maria1.jpg [2011.12.12 18:33:42 | 000,533,972 | ---- | M] () -- C:\Users\Micha\Desktop\Grammys-Joel-Zimmerman-84695074_10.jpg [2011.12.12 18:33:21 | 000,117,219 | ---- | M] () -- C:\Users\Micha\Desktop\Deadmau5-thumb-966x1024-86514.jpg [2011.12.12 18:30:43 | 000,031,762 | ---- | M] () -- C:\Users\Micha\Desktop\l_208ecab28ce90ddccf712500c240c96f.jpg [2011.12.11 20:41:27 | 013,494,125 | ---- | M] () -- C:\Users\Micha\Desktop\Ian Carey feat. Rosette & Timbaland - Amnesia (Cazzette Remix).mp3 [2011.12.09 18:00:30 | 000,146,828 | ---- | M] () -- C:\Users\Micha\Documents\cc_20111209_180025.reg [2011.12.09 07:34:17 | 000,130,760 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys [2011.12.08 19:17:43 | 088,160,965 | ---- | M] () -- C:\Users\Micha\Desktop\RBUVp7icBx32.mp3 [2011.12.08 14:29:44 | 000,054,913 | ---- | M] () -- C:\Users\Micha\Desktop\FOA_featuringNervo_copy-e1319561255814.jpg [2011.12.08 14:27:01 | 000,816,088 | ---- | M] () -- C:\Users\Micha\Desktop\Nervo-ICanGiveYouHouse.Com_.jpg [2011.12.08 14:24:11 | 000,000,817 | ---- | M] () -- C:\Users\Micha\Desktop\Ski Challenge 12 (SRF) starten.lnk [2011.11.30 15:31:23 | 000,008,479 | ---- | M] () -- C:\Users\Micha\Desktop\Dglucsoe.png [2011.11.29 15:41:30 | 014,182,400 | ---- | M] () -- C:\Users\Micha\Desktop\Avicii & Nicky Romero - ID .www.music4you.hu.mp3 [2011.11.26 14:00:54 | 000,011,986 | ---- | M] () -- C:\Users\Micha\Desktop\361px-DL-Glucose.svg.png [2011.11.26 13:58:29 | 000,028,135 | ---- | M] () -- C:\Users\Micha\Desktop\534px-Amylopektin_Haworth.svg.png [2011.11.22 16:46:27 | 000,175,836 | ---- | M] () -- C:\Users\Micha\Desktop\6378312119_85974c4130_b.jpg [6 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.12.19 17:12:52 | 004,000,705 | ---- | C] () -- C:\Users\Micha\Desktop\Spank.MP3.mp3 [2011.12.18 20:54:23 | 004,878,836 | ---- | C] () -- C:\Users\Micha\Desktop\CAZZETTE vs Kanye West, Rick Ross, Jay-Z, Bon Iver & Nikki Minaj - I'm A Motherf_king Monster - Cazzette.mp3 [2011.12.18 20:50:59 | 007,010,338 | ---- | C] () -- C:\Users\Micha\Desktop\CAZZETTE vs Kanye West, Rick Ross, Jay-Z, Bon Iver & Nikki Minaj -- I m A Motherf__king Monster.mp3 [2011.12.18 20:10:04 | 113,353,237 | ---- | C] () -- C:\Users\Micha\Desktop\Chuckie at Dirty Dutch Blackout - Amsterdam 17.12.2011 [exQlusiv.com].mp3 [2011.12.18 20:10:00 | 125,315,075 | ---- | C] () -- C:\Users\Micha\Desktop\Laidback Luke at Dirty Dutch Blackout (Air, Amsterdam) 17.12.2011.mp3 [2011.12.17 19:19:19 | 193,479,189 | ---- | C] () -- C:\Users\Micha\Desktop\Tiësto at Mission Impossible Premiere - Rio de Janeiro, Brasil 14.12.2011 [exQlusiv.com].mp3 [2011.12.17 15:25:49 | 112,608,697 | ---- | C] () -- C:\Users\Micha\Desktop\Swedish House Mafia at Madison Square Garden, New York 16.12.2011 [exQlusiv.com].mp3 [2011.12.17 15:25:37 | 163,866,484 | ---- | C] () -- C:\Users\Micha\Desktop\01-skrillex_-_mothership_002-sat-12-16-2011-talion.mp3 [2011.12.17 15:25:26 | 185,287,975 | ---- | C] () -- C:\Users\Micha\Desktop\01-sebastian_ingrosso_-_live_at_glow_washington_(dc)-sat-11-23-2011-talion.mp3 [2011.12.17 15:09:23 | 095,703,661 | ---- | C] () -- C:\Users\Micha\Desktop\01-fedde_le_grand_-_live_at_pacha_(nyc)-sat-12-09-2011-talion.mp3 [2011.12.17 15:08:22 | 097,788,381 | ---- | C] () -- C:\Users\Micha\Desktop\01-david_guetta-fuck_me_i_am_famous_(538)-sat-17-12-2011-1king.mp3 [2011.12.17 14:44:56 | 097,480,766 | ---- | C] () -- C:\Users\Micha\Desktop\01-afrojack_and_bobby_burns-jacked_(538)-sat-17-12-2011-1king.mp3 [2011.12.16 07:29:58 | 173,614,161 | ---- | C] () -- C:\Users\Micha\Desktop\swanky_tunes_-_2011_annual_report.mp3 [2011.12.15 19:55:02 | 009,006,535 | ---- | C] () -- C:\Users\Micha\Desktop\Skrillex - THE DISCO RANGERS BUS (KNOWS HOT TO ROCK N ROLL).mp3 [2011.12.13 19:44:09 | 000,354,760 | ---- | C] () -- C:\Users\Micha\Desktop\chuckie.jpg [2011.12.13 16:56:10 | 000,054,096 | ---- | C] () -- C:\Users\Micha\Desktop\sakamoto_0005.JPG.jpg [2011.12.13 16:56:07 | 000,054,174 | ---- | C] () -- C:\Users\Micha\Desktop\sakamoto_0004.JPG.jpg [2011.12.13 16:56:05 | 000,052,766 | ---- | C] () -- C:\Users\Micha\Desktop\sakamoto_0003.JPG.jpg [2011.12.13 16:56:02 | 000,054,636 | ---- | C] () -- C:\Users\Micha\Desktop\sakamoto_0002.JPG.jpg [2011.12.13 16:55:59 | 000,049,596 | ---- | C] () -- C:\Users\Micha\Desktop\sakamoto_0001.JPG.jpg [2011.12.13 16:55:55 | 000,047,476 | ---- | C] () -- C:\Users\Micha\Desktop\sakamoto_0000.JPG.jpg [2011.12.13 16:52:25 | 000,196,091 | ---- | C] () -- C:\Users\Micha\Desktop\6477995007_0cf53aa3ac_b.jpg [2011.12.13 16:52:19 | 000,319,821 | ---- | C] () -- C:\Users\Micha\Desktop\6477998897_fc5b269567_b.jpg [2011.12.13 16:52:14 | 000,219,459 | ---- | C] () -- C:\Users\Micha\Desktop\6478001463_1fc94bd010_b.jpg [2011.12.13 16:52:08 | 000,223,256 | ---- | C] () -- C:\Users\Micha\Desktop\6478216729_ca9380f946_b.jpg [2011.12.13 16:52:02 | 000,204,846 | ---- | C] () -- C:\Users\Micha\Desktop\6478218115_6304186c0d_b.jpg [2011.12.13 16:51:56 | 000,121,565 | ---- | C] () -- C:\Users\Micha\Desktop\6478219463_2a125e1e7e_b.jpg [2011.12.13 14:15:10 | 000,275,859 | ---- | C] () -- C:\Users\Micha\Desktop\img_8706.jpg [2011.12.13 14:09:05 | 000,055,809 | ---- | C] () -- C:\Users\Micha\Desktop\Maria2.jpg [2011.12.13 14:05:36 | 000,055,427 | ---- | C] () -- C:\Users\Micha\Desktop\Maria1.jpg [2011.12.12 18:33:41 | 000,533,972 | ---- | C] () -- C:\Users\Micha\Desktop\Grammys-Joel-Zimmerman-84695074_10.jpg [2011.12.12 18:33:20 | 000,117,219 | ---- | C] () -- C:\Users\Micha\Desktop\Deadmau5-thumb-966x1024-86514.jpg [2011.12.12 18:30:42 | 000,031,762 | ---- | C] () -- C:\Users\Micha\Desktop\l_208ecab28ce90ddccf712500c240c96f.jpg [2011.12.11 20:41:14 | 013,494,125 | ---- | C] () -- C:\Users\Micha\Desktop\Ian Carey feat. Rosette & Timbaland - Amnesia (Cazzette Remix).mp3 [2011.12.09 18:00:26 | 000,146,828 | ---- | C] () -- C:\Users\Micha\Documents\cc_20111209_180025.reg [2011.12.08 19:16:48 | 088,160,965 | ---- | C] () -- C:\Users\Micha\Desktop\RBUVp7icBx32.mp3 [2011.12.08 14:29:43 | 000,054,913 | ---- | C] () -- C:\Users\Micha\Desktop\FOA_featuringNervo_copy-e1319561255814.jpg [2011.12.08 14:27:00 | 000,816,088 | ---- | C] () -- C:\Users\Micha\Desktop\Nervo-ICanGiveYouHouse.Com_.jpg [2011.12.08 14:24:11 | 000,000,817 | ---- | C] () -- C:\Users\Micha\Desktop\Ski Challenge 12 (SRF) starten.lnk [2011.11.30 15:31:22 | 000,008,479 | ---- | C] () -- C:\Users\Micha\Desktop\Dglucsoe.png [2011.11.29 15:41:21 | 014,182,400 | ---- | C] () -- C:\Users\Micha\Desktop\Avicii & Nicky Romero - ID .www.music4you.hu.mp3 [2011.11.26 14:00:53 | 000,011,986 | ---- | C] () -- C:\Users\Micha\Desktop\361px-DL-Glucose.svg.png [2011.11.26 13:58:27 | 000,028,135 | ---- | C] () -- C:\Users\Micha\Desktop\534px-Amylopektin_Haworth.svg.png [2011.11.22 16:46:25 | 000,175,836 | ---- | C] () -- C:\Users\Micha\Desktop\6378312119_85974c4130_b.jpg [2011.10.14 23:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2011.07.21 13:02:29 | 000,165,376 | ---- | C] () -- C:\Windows\UNWISE.EXE [2011.04.22 15:44:36 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat [2011.04.09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2011.03.16 17:06:33 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011.02.16 15:02:36 | 000,000,600 | ---- | C] () -- C:\Users\Micha\AppData\Local\PUTTY.RND [2011.01.25 23:47:34 | 000,000,120 | ---- | C] () -- C:\Users\Micha\AppData\Local\Spewakoroxaziva.dat [2011.01.25 23:47:34 | 000,000,000 | ---- | C] () -- C:\Users\Micha\AppData\Local\Aduxohilo.bin [2011.01.14 00:15:43 | 000,000,000 | ---- | C] () -- C:\Users\Micha\AppData\Roaming\chrtmp [2010.12.10 15:00:37 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll [2010.12.10 15:00:23 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini [2010.12.09 16:11:31 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2010.12.09 16:10:13 | 000,917,504 | ---- | C] () -- C:\Windows\SysWow64\dtsdecoderdll.dll [2010.12.09 16:10:13 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll [2010.12.09 15:58:39 | 001,621,364 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010.11.23 14:01:17 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\cd.dat [2010.10.28 13:54:15 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\GkSui18.EXE [2010.09.27 13:03:32 | 000,000,078 | ---- | C] () -- C:\Windows\wininit.ini [2010.07.15 10:02:13 | 000,005,870 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2010.07.14 14:33:33 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib [2010.05.30 16:52:55 | 000,794,408 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2010.05.28 14:59:13 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll [2010.05.25 16:07:47 | 000,069,632 | R--- | C] () -- C:\Windows\SysWow64\xmltok.dll [2010.05.25 16:07:47 | 000,036,864 | R--- | C] () -- C:\Windows\SysWow64\xmlparse.dll [2010.04.25 13:56:19 | 000,819,200 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2010.04.25 13:56:19 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2010.04.21 15:30:52 | 000,013,030 | ---- | C] () -- C:\Users\Micha\AppData\Local\PDOXUSRS.NET [2010.04.16 18:42:53 | 000,000,600 | ---- | C] () -- C:\Users\Micha\AppData\Roaming\winscp.rnd [2010.02.16 22:09:51 | 000,234,768 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2010.02.16 22:09:50 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe [2010.02.12 20:03:38 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2006.03.18 14:16:04 | 000,540,178 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll [2005.04.08 03:16:43 | 000,040,879 | -H-- | C] () -- C:\Users\Micha\AppData\Roaming\cglogs.dat [2000.08.02 20:47:20 | 000,026,112 | ---- | C] () -- C:\Windows\RunUnDrv.exe ========== LOP Check ========== [2010.12.22 15:25:09 | 000,000,000 | ---D | M] -- C:\Users\Micha\AppData\Roaming\114C6A7697BEF67CA616F57D29F52507 [2011.11.20 18:34:53 | 000,000,000 | ---D | M] -- C:\Users\Micha\AppData\Roaming\2K Sports [2010.07.22 19:06:50 | 000,000,000 | ---D | M] -- C:\Users\Micha\AppData\Roaming\abgx360 [2010.07.15 12:03:32 | 000,000,000 | ---D | M] -- C:\Users\Micha\AppData\Roaming\Ashampoo [2010.05.02 08:10:49 | 000,000,000 | RHSD | M] -- C:\Users\Micha\AppData\Roaming\Boot [2011.12.09 17:52:47 | 000,000,000 | ---D | M] -- C:\Users\Micha\AppData\Roaming\DAEMON Tools Lite [2011.12.08 14:11:17 | 000,000,000 | ---D | M] -- C:\Users\Micha\AppData\Roaming\Downloaded Installations [2011.02.27 17:29:52 | 000,000,000 | ---D | M] -- C:\Users\Micha\AppData\Roaming\Duden [2011.11.01 22:39:33 | 000,000,000 | ---D | M] -- C:\Users\Micha\AppData\Roaming\Feedreader [2011.12.19 17:11:59 | 000,000,000 | ---D | M] -- C:\Users\Micha\AppData\Roaming\FileZilla [2011.10.10 20:48:30 | 000,000,000 | ---D | M] -- C:\Users\Micha\AppData\Roaming\Foxit Software [2010.05.01 14:25:08 | 000,000,000 | ---D | M] -- C:\Users\Micha\AppData\Roaming\FVZilla [2010.03.15 17:20:12 | 000,000,000 | ---D | M] -- C:\Users\Micha\AppData\Roaming\ImgBurn [2011.01.23 17:33:20 | 000,000,000 | ---D | M] -- C:\Users\Micha\AppData\Roaming\IrfanView [2011.11.10 19:14:58 | 000,000,000 | ---D | M] -- C:\Users\Micha\AppData\Roaming\jAlbum [2010.02.11 12:19:52 | 000,000,000 | ---D | M] -- C:\Users\Micha\AppData\Roaming\L4dOgerLauncher [2010.05.13 14:58:15 | 000,000,000 | ---D | M] -- C:\Users\Micha\AppData\Roaming\Leadertech [2010.12.14 17:21:36 | 000,000,000 | ---D | M] -- C:\Users\Micha\AppData\Roaming\Local [2011.03.01 17:26:55 | 000,000,000 | ---D | M] -- C:\Users\Micha\AppData\Roaming\LolClient [2011.10.23 14:15:20 | 000,000,000 | ---D | M] -- C:\Users\Micha\AppData\Roaming\Mp3tag [2011.12.08 14:13:52 | 000,000,000 | ---D | M] -- C:\Users\Micha\AppData\Roaming\Nitro PDF [2010.06.16 18:18:03 | 000,000,000 | ---D | M] -- C:\Users\Micha\AppData\Roaming\Opera [2011.07.17 23:14:07 | 000,000,000 | ---D | M] -- C:\Users\Micha\AppData\Roaming\Orbit [2011.10.19 11:54:55 | 000,000,000 | ---D | M] -- C:\Users\Micha\AppData\Roaming\Origin [2011.07.17 23:12:07 | 000,000,000 | ---D | M] -- C:\Users\Micha\AppData\Roaming\ProgSense [2011.03.16 17:06:32 | 000,000,000 | ---D | M] -- C:\Users\Micha\AppData\Roaming\PunkBuster [2010.08.04 15:03:35 | 000,000,000 | ---D | M] -- C:\Users\Micha\AppData\Roaming\QIP [2010.09.29 19:37:51 | 000,000,000 | ---D | M] -- C:\Users\Micha\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2010.11.06 19:06:51 | 000,000,000 | ---D | M] -- C:\Users\Micha\AppData\Roaming\Stealth Software [2011.01.12 19:28:21 | 000,000,000 | ---D | M] -- C:\Users\Micha\AppData\Roaming\Thinstall [2010.07.08 20:08:41 | 000,000,000 | ---D | M] -- C:\Users\Micha\AppData\Roaming\TomTom [2011.12.09 17:52:45 | 000,000,000 | ---D | M] -- C:\Users\Micha\AppData\Roaming\TS3Client [2011.04.22 19:41:36 | 000,000,000 | ---D | M] -- C:\Users\Micha\AppData\Roaming\Tunngle [2010.03.24 12:35:58 | 000,000,000 | ---D | M] -- C:\Users\Micha\AppData\Roaming\Ubisoft [2011.12.19 18:03:51 | 000,000,000 | ---D | M] -- C:\Users\Micha\AppData\Roaming\X-Chat 2 [2011.01.18 16:59:56 | 000,000,000 | ---D | M] -- C:\Users\Micha\AppData\Roaming\XnView [2010.05.17 13:52:41 | 000,000,000 | ---D | M] -- C:\Users\Micha\AppData\Roaming\Youtube Downloader HD [2011.12.03 18:13:28 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 24 bytes -> C:\Windows:E2047556A8055CD6 < End of report > Code:
ATTFilter OTL Extras logfile created on: 19.12.2011 18:11:53 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Micha\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,05 Gb Available Physical Memory | 51,16% Memory free
8,00 Gb Paging File | 5,93 Gb Available in Paging File | 74,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 48,73 Gb Total Space | 1,29 Gb Free Space | 2,65% Space Free | Partition Type: NTFS
Drive D: | 785,03 Gb Total Space | 160,37 Gb Free Space | 20,43% Space Free | Partition Type: NTFS
Computer Name: M7CHA | User Name: Micha | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashFXP 4\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP 4\FlashFXP.exe:*:Enabled:FlashFXP v3
"C:\Program Files (x86)\FlashFXP 4\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP 4\FlashFXP.exe:*:Enabled:FlashFXP v3
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\xchat\xchat.exe" = C:\Program Files (x86)\xchat\xchat.exe:*:Enabled:XChat IRC Client -- ()
"C:\Program Files (x86)\FlashFXP 4\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP 4\FlashFXP.exe:*:Enabled:FlashFXP v3
"C:\Program Files (x86)\xchat\xchat.exe" = C:\Program Files (x86)\xchat\xchat.exe:*:Enabled:XChat IRC Client -- ()
"C:\Program Files (x86)\FlashFXP 4\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP 4\FlashFXP.exe:*:Enabled:FlashFXP v3
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416023FF}" = Java(TM) 6 Update 23 (64-bit)
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0160230}" = Java(TM) SE Development Kit 6 Update 23 (64-bit)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B1AC8E6A-6C47-4B6D-A853-B4BF5C83421C}_is1" = iNFekt NFO Viewer
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}" = Microsoft Xbox 360 Accessories 1.2
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BC84C1E9-F4D4-4B8E-B35C-C88EEA0A5201}" = O&O Defrag Professional
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D66F0C3C-24F2-4463-9E2F-4381E5C40A26}" = iTunes
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Unlocker" = Unlocker 1.9.1-x64
"WinRAR archiver" = WinRAR 4.00 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{04E9B02B-4F85-4B73-B865-27B9B8B35877}" = NBA 2K12
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{13A5E785-5197-4EAD-8EE3-D660271E49BC}" = Feedback Tool
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 24
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29F05234-DCBB-4FE0-88DC-5160C9250312}" = Adobe Photoshop CS3
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33A22B2D-55BA-4508-B767-BF2E9C21A73F}" = Assassin's Creed Revelations
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 12 DEMO
"{45410935-B52C-468A-A836-0D1000018201}" = BulletStorm
"{47E16407-05D3-4D2A-B2B9-C30700B7C2AD}" = LogMeIn Hamachi
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5928359F-BF46-4646-BF19-B64E55171EB5}_is1" = FILSHtray Version 0.6
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{786C5747-0C40-4930-9AFE-113BCE553101}" = Adobe Stock Photos 1.0
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{793FCE60-DE5E-4977-A942-A7B69A45B17D}" = MainConcept DTV Decoder Pro
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE1746-9EFF-3C9C-8755-81EA8903AC34}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86EF9FC4-F209-4520-B7E1-C7FF0EEBDFFF}" = Adobe Audition 1.5
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8EDBA74D-0686-4C99-BFDD-F894678E5101}" = Adobe Common File Installer
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B74D4E10-6884-0000-0000-000000000101}" = Adobe Bridge 1.0
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BCDB856C-D247-4DEE-9132-89C02F4D6B8C}_is1" = Sothink SWF Decompiler
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C5D78EFC-A9C1-44F3-81CB-D42C5DF8EA09}" = Speedport W 101 Stick WLAN Manager
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CE9F9FBC-5253-46D2-9883-09E55003D794}" = TechniSat DVB-PC TV Star
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.9 Game
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{E9787678-119F-4D52-B551-6739B2B22101}" = Adobe Help Center 1.0
"{EA8ADAA9-6671-4839-A51E-0C6792B78F3E}" = FIFA 12
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F2AF3E5D-9697-485C-A5AC-E2B9468C446A}" = Safari
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1489-3350-5074-6281" = JDownloader 0.9
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3
"ArgoUML" = ArgoUML 0.30.2
"Ashampoo Burning Studio 9_is1" = Ashampoo Burning Studio 9.21
"Avira AntiVir Desktop" = Avira Free Antivirus
"BlueJ_is1" = BlueJ 3.0.4
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"DVBViewer Pro_is1" = DVBViewer Pro
"DVBViewer Recording Service_is1" = DVBViewer Recording Service
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"ffdshow_is1" = ffdshow v1.1.3562 [2010-09-07]
"FileZilla Client" = FileZilla Client 3.5.2
"Foxit Reader_is1" = Foxit Reader 5.1
"Hamachi" = Hamachi 1.0.1.2
"HotspotShield" = Hotspot Shield 1.56
"ImgBurn" = ImgBurn
"LastFM_is1" = Last.fm 1.5.4.27091
"LogMeIn Hamachi" = LogMeIn Hamachi
"Mozilla Firefox 8.0 (x86 de)" = Mozilla Firefox 8.0 (x86 de)
"Mp3tag" = Mp3tag v2.49
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Opera 11.60.1185" = Opera 11.60
"Origin" = Origin
"PSPad editor_is1" = PSPad editor
"Steam App 10" = Counter-Strike
"SystemRequirementsLab" = System Requirements Lab
"TomTom HOME" = TomTom HOME 2.8.2.2264
"VLC media player" = VLC media player 1.1.11
"Wget-1.11.4-1_is1" = GnuWin32: Wget-1.11.4-1
"WinLiveSuite" = Windows Live Essentials
"Wondershare LiveBoot 2012_is1" = Wondershare LiveBoot 2012 (Build 7.0.1)
"xchat" = XChat 2 (remove only)
"Xvid_is1" = Xvid 1.2.2 final uninstall
"Youtube Downloader HD_is1" = Youtube Downloader HD v. 2.6
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"QIP 2005" = QIP 2005 8095
"sc12-CH_SF" = Ski Challenge 12 (SRF)
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 02.03.2011 11:42:34 | Computer Name = M7cha | Source = MsiInstaller | ID = 1023
Description =
Error - 02.03.2011 11:42:52 | Computer Name = M7cha | Source = MsiInstaller | ID = 10005
Description =
Error - 02.03.2011 11:42:53 | Computer Name = M7cha | Source = MsiInstaller | ID = 1023
Description =
Error - 03.03.2011 05:56:21 | Computer Name = M7cha | Source = MsiInstaller | ID = 11316
Description =
Error - 04.03.2011 18:14:41 | Computer Name = M7cha | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 04.03.2011 18:14:41 | Computer Name = M7cha | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 15584
Error - 04.03.2011 18:14:41 | Computer Name = M7cha | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 15584
Error - 07.03.2011 04:30:18 | Computer Name = M7cha | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: xchat.exe, Version: 2.8.7.5, Zeitstempel:
0x00000000 Name des fehlerhaften Moduls: minigtk.dll, Version: 2.8.0.2870, Zeitstempel:
0x483a89a9 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00019944 ID des fehlerhaften Prozesses:
0xd80 Startzeit der fehlerhaften Anwendung: 0x01cbdc9fdf71471e Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\xchat\xchat.exe Pfad des fehlerhaften Moduls:
C:\Program Files (x86)\xchat\minigtk.dll Berichtskennung: 219ec71b-4895-11e0-89e9-0024215bb3f7
Error - 07.03.2011 09:37:15 | Computer Name = M7cha | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Traktor.exe, Version: 0.0.0.0, Zeitstempel:
0x2a425e19 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17514, Zeitstempel:
0x4ce7ba58 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000343b6 ID des fehlerhaften Prozesses:
0x368 Startzeit der fehlerhaften Anwendung: 0x01cbdcccacc751aa Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\Native Instruments\Traktor\Traktor.exe Pfad des
fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: 02dce823-48c0-11e0-89e9-0024215bb3f7
Error - 07.03.2011 09:37:40 | Computer Name = M7cha | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Traktor.exe, Version: 0.0.0.0, Zeitstempel:
0x2a425e19 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17514, Zeitstempel:
0x4ce7ba58 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000343b6 ID des fehlerhaften Prozesses:
0x10f0 Startzeit der fehlerhaften Anwendung: 0x01cbdcccc7c8dc85 Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\Native Instruments\Traktor\Traktor.exe Pfad des
fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: 11ff079d-48c0-11e0-89e9-0024215bb3f7
[ OSession Events ]
Error - 02.03.2011 10:34:39 | Computer Name = M7cha | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.
Error - 09.03.2011 17:30:18 | Computer Name = M7cha | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 6 seconds with 0 seconds of active time. This session ended with a crash.
Error - 09.03.2011 17:30:24 | Computer Name = M7cha | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 5 seconds with 0 seconds of active time. This session ended with a crash.
Error - 17.03.2011 12:00:38 | Computer Name = M7cha | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.
Error - 29.03.2011 12:15:42 | Computer Name = M7cha | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 10
seconds with 0 seconds of active time. This session ended with a crash.
Error - 06.04.2011 16:24:08 | Computer Name = M7cha | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.
Error - 08.12.2011 09:13:57 | Computer Name = M7cha | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.
Error - 08.12.2011 13:22:38 | Computer Name = M7cha | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.
Error - 08.12.2011 13:22:47 | Computer Name = M7cha | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.
Error - 16.12.2011 02:54:07 | Computer Name = M7cha | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 19.12.2011 11:27:29 | Computer Name = M7cha | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\pfc.sys
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 19.12.2011 11:27:38 | Computer Name = M7cha | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\pfc.sys
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 19.12.2011 11:27:49 | Computer Name = M7cha | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 19.12.2011 11:27:51 | Computer Name = M7cha | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 19.12.2011 11:27:56 | Computer Name = M7cha | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 19.12.2011 11:28:20 | Computer Name = M7cha | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 19.12.2011 11:28:21 | Computer Name = M7cha | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 19.12.2011 11:28:35 | Computer Name = M7cha | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 19.12.2011 11:28:40 | Computer Name = M7cha | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 19.12.2011 11:28:40 | Computer Name = M7cha | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
< End of report >
|
| Themen zu 50€ Forderung bei Windows-Start |
| 64-bit, 7-zip, adblock, alternate, antivir, application/pdf, application/pdf:, avira, bho, bonjour, c:\windows\system32\rundll32.exe, downloader, error, excel, feedback, firefox, flash player, google chrome, helper, home, hotspot, hotspot shield, install.exe, jdownloader, langs, locker, logfile, maus, microsoft office word, mozilla, msiinstaller, ntdll.dll, nvidia update, office 2007, packard bell, plug-in, popup, problem, realtek, registry, scan, sched.exe, security, software, starten, stick, tastatur, teamspeak, version=1.0, visual studio, webcheck, weißes fenster, youtube downloader |
Baum-Darstellung