Problem mit Mediashifting

Marzipan

Hallo! Ich habe auch das "Mediashifting" -Problem. Ich habe bereits über das Thema hier im Forum gelesen, jedoch kann ich in diesen Themen nicht "antworten".
So wie ich das bis jetzt verstanden habe, muss ich den Text, der mir nach einem Scan angezeigt wird hier posten. Was habe ich dann zu tun? Ich bitte um eure Hilfe!

Das ist der Text, der mir angezeigt wird, nachdem ich einen Scan mit dem Programm "OTL" durchgeführt habe:

1. Extra.Txt

OTL Extras logfile created on: 11.01.2012 22:28:12 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\The Killer Flower\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2,99 Gb Total Physical Memory | 1,40 Gb Available Physical Memory | 46,61% Memory free
6,21 Gb Paging File | 4,69 Gb Available in Paging File | 75,52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 138,91 Gb Total Space | 71,47 Gb Free Space | 51,45% Space Free | Partition Type: NTFS

Computer Name: LUISAS-PC | User Name: The Killer Flower | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"AntiVirusDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{004840FA-F3ED-482C-B2B4-D56B52889A0E}" = lport=139 | protocol=6 | dir=in | app=system |
"{033BEA0D-8058-4141-84B5-1E6178D33901}" = lport=138 | protocol=17 | dir=in | app=system |
"{05D773DA-6EC1-41A3-B48B-9D40C56FF2E7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{0AA6F1EE-0845-4F75-B15D-F854EF7B1D56}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{195CAE6C-581F-4E8E-932A-57A6F5743C2E}" = rport=138 | protocol=17 | dir=out | app=system |
"{3DB9B721-25C8-44B5-AA0E-FED5B1A859C1}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4FC91C24-A1C7-4281-BC75-3643F392B9EC}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5353F40F-ECC5-4234-96E5-F5679051BDDA}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{539435D7-583F-42D2-8F07-C70AB9433074}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5E901BB4-CD70-4628-875B-F8F3E2D60B45}" = lport=10243 | protocol=6 | dir=in | app=system |
"{677465DB-5D1F-4D5B-9538-3A57B78089DE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7E673F70-1508-4DB7-B892-747DA99B19F2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{96B30827-09F7-456D-8B8D-B1506A535BF9}" = rport=445 | protocol=6 | dir=out | app=system |
"{A0D1A508-6B22-4BF7-91FA-4F9F20C97EA8}" = rport=137 | protocol=17 | dir=out | app=system |
"{B2901C74-7BA7-42BC-9B71-0AD5A570D83A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C47E733F-94E4-4599-81A9-C5F6533395D6}" = lport=137 | protocol=17 | dir=in | app=system |
"{C73249EF-0FF6-4E42-8AB4-44E24D769D8F}" = lport=445 | protocol=6 | dir=in | app=system |
"{CB2466CB-4F33-4834-8D82-479E8AD95DE2}" = rport=139 | protocol=6 | dir=out | app=system |
"{E9D42B87-6638-40C1-90BA-3A27F55C95DB}" = rport=10243 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{16B5D002-C457-4B91-B605-D1D04DE788D4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{173AA285-9D6D-49A1-8CD5-D060D752BC75}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{239BDB82-FA0B-4AEC-97B7-CB5D67488FB3}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{40942E56-AB64-4D98-A3B6-BFD9A5473A3D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{443F9757-E0BB-4A7D-93E0-6E9EDE453460}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4482F132-D8AE-437D-BF83-227E877997BA}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{47DFB931-ADD3-44E9-B922-AFA7C13C2FE3}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{58159901-CEFE-4090-AD4F-EBC2F7F1C9DA}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{715BEC0E-65FA-40D5-8C5E-667E7AC6716F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7566EAC5-71B1-4173-ACE6-E06E6B137C6F}" = protocol=6 | dir=in | app=c:\program files\dell video chat\dellvideochat.exe |
"{765415F5-56A0-43CA-8473-C411C93329F3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{769DA9BE-E2D2-49ED-9CB2-9DED21BDE8AE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7E73C5D1-F12E-490B-97B5-920EEA0A8C50}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{8E9B8802-C293-4FF3-9BF1-1AF7E54671DE}" = protocol=17 | dir=in | app=c:\program files\dell video chat\dellvideochat.exe |
"{92888759-1C39-44DF-AC38-0C9634EDEB61}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9A87DD0A-F231-469E-B05C-940104C19565}" = protocol=6 | dir=in | app=c:\program files\microsoft games\zoo tycoon 2\zt.exe |
"{A8551170-6798-4287-8063-085B079E1EEB}" = protocol=17 | dir=in | app=c:\program files\microsoft games\zoo tycoon 2\zt.exe |
"{ACC5FA27-0147-457C-8971-9660E72423AF}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{BCC9C73E-B1A3-42A8-86EA-70225C796E24}" = protocol=6 | dir=out | app=system |
"{C0BF935A-11B3-4856-916A-5FF1FD4D0E95}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C303376B-F082-4A99-87E5-D7E1C6BCF2FB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{CF205E37-6897-48DC-92DF-8E165C1B7AE0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D6408DEE-FB3E-40D9-A51C-2CA0FB40D9AE}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{DD500732-C6C4-4D6B-9CBD-E4EB45FEA835}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{ECA6682A-3C80-4C79-96C7-608900DC7504}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F17ECFC0-A10B-4D2F-A971-37CED4AA750E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FC00B548-A9FC-443E-82AA-A7867E74B34A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{A129BF5A-1B29-4008-B41F-AB756938D8DA}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{AAFF38A5-C90B-4FC7-A8A4-53A48A323924}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{4F1CB385-BDCB-44AF-AAD1-96C1E30D0555}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{D82F42BF-1F1F-43C5-93D7-991C6C32475A}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00BA866C-F2A2-4BB9-A308-3DFA695B6F7C}" = Java DB 10.5.3.0
"{01521746-02A6-4A72-00BD-A285DF6B80C6}" = Die Sims 2: Wilde Campus-Jahre
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0709B06B-82BC-6073-0E43-DE107DF1389C}" = Catalyst Control Center Localization Spanish
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{11D03BF4-A66F-325E-7762-4F64586C673F}" = Catalyst Control Center Graphics Full New
"{15EB6A85-A28D-2ED8-C344-DEBC592F2E12}" = Catalyst Control Center Localization German
"{192A107E-C6B9-41B9-BDBF-38E3AA226054}" = OpenOffice.org 3.2
"{1E05CF2E-BF5F-4A43-9147-2CCBBE57BC3C}_is1" = Mein Gutscheincode Finder 1.0.0.0
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B0E143-2B0B-435B-9F56-136A3D16065F}" = No23 Recorder
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 24
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{28C3CD30-2DF4-FEFA-3F4E-D6C1C3257FCE}" = ccc-core-static
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3138EAD3-700B-4A10-B617-B3F8096EE30D}" = Dell Edoc Viewer
"{31bc7344-eae3-4f1a-828a-080ef2dcf4ba}" = Nero 9 Essentials
"{32A3A4F4-B792-11D6-A78A-00B0D0160200}" = Java(TM) SE Development Kit 6 Update 20
"{32C2CBBB-4540-E526-206D-B7BC7932D82F}" = CCC Help Danish
"{36EC81EE-8A31-C08E-5C9D-904DFD8CB91F}" = myphotobook.de
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{425819E1-D68E-8CE1-85D5-CDBA64E82DDE}" = CCC Help Japanese
"{4392E2AF-1643-29DA-E873-C94D547467D7}" = Catalyst Control Center Localization Swedish
"{44FDDB51-0E97-DD4A-9FB2-8D394DBEE47F}" = CCC Help Dutch
"{459F8ABE-28DB-4F9E-9F96-3149C332FA83}" = Lernwerkstatt 7
"{4817189D-1785-4627-A33C-39FD90919300}" = Die Sims™ 2 Haustiere
"{48C86A94-A6C0-D2D0-1649-ECB00D2DF4DE}" = Catalyst Control Center Localization Norwegian
"{48CC1AD8-2013-82B3-284F-E0253195664F}" = Catalyst Control Center Localization French
"{496C34BF-9DE5-9628-48CC-052DD6A8453E}" = Catalyst Control Center Core Implementation
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A4D109A-D9C4-E460-4F9A-0252F581D600}" = CCC Help Swedish
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4CA09BF7-1CFC-44B8-80EA-7B4D15D12DC5}" = Catalyst Control Center - Branding
"{53C6D09E-EAB6-49E5-BA4C-BA7FF13830FB}" = Sound Blaster Audigy ADVANCED MB
"{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57847CB0-95DA-D785-B170-1F00FC79B860}" = Catalyst Control Center Localization Chinese Traditional
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5A72A2C4-9D4A-0718-DA28-95B73C2270DA}" = Catalyst Control Center Localization Danish
"{5BF5F9C5-E95B-4AFA-94BE-F2A9CA73B61D}" = Apple Mobile Device Support
"{5C6F884D-680C-448B-B4C9-22296EE1B206}" = Logitech Harmony Remote Software 7
"{6522C636-B04C-4333-9BEB-9E0C0B6350D6}" = Die Sims™ 2 Küchen- und Bad-Einrichtungs-Accessoires
"{65FBA21B-7F80-4E4E-B275-0958D2648F94}_is1" = Java-Editor 10.4f, 2010.09.18
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{682FED0E-738E-0048-F448-B3EE427978CC}" = Catalyst Control Center Localization Japanese
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B00208E-2844-7480-5F50-6515A5907F0B}" = CCC Help Norwegian
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{6E17F9751-F056-4335-B718-8AF1B1092AFB}" = Die Sims™ 2 IKEA® Home-Accessoires
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = Die Sims 2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{76E12A66-1AEC-3816-E75A-330998F2D40C}" = CCC Help Korean
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79FBDD2E-DD2B-141A-DCF0-B8C125B5A008}" = Catalyst Control Center Graphics Previews Vista
"{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}" = Die Sims 2: Open For Business
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C63DFEB-6176-C3F1-AA83-F997E32B44EA}" = Catalyst Control Center Localization Portuguese
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{84557D91-D8C7-D7A4-1393-3AB3A16106C7}" = CCC Help Chinese Traditional
"{8471021C-F529-43DE-84DF-3612E10F58C4}" = Remote Control USB Driver
"{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}" = Die Sims™ 2 H&M®-Fashion-Accessoires
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}" = Die Sims™ 2 Freizeit-Spaß
"{885F5AC6-4413-4D30-99A9-F4494BFA4923}" = Logitech Harmony Remote Software 7
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{9266D931-C05C-86F5-B74A-B1A382249916}" = Catalyst Control Center Localization Italian
"{94333A1C-DC4A-E70F-FA92-16AB6F2443D6}" = Catalyst Control Center Graphics Full Existing
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{974BBAF1-048D-4230-2254-62FEA00B18E9}" = Skins
"{998D91BE-65FE-8B9D-5C6E-1D52401EAAA1}" = CCC Help English
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AB377EE-454D-374C-C309-D2DFA9AB535B}" = CCC Help Italian
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}" = Die Sims™ 2: Glamour-Accessoires
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A4874CD2-6942-E7A7-3690-277B9CB56DF5}" = Catalyst Control Center Graphics Light
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch
"{ACEB2BAF-96DF-48FD-ADD5-43842D4C443D}" = Adobe AIR
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B578DD15-CB17-CBB8-611E-D1AE7D5568AC}" = Catalyst Control Center Graphics Previews Common
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B935C985-A17F-484B-8470-09E4FC27DC26}" = Dell-eBay
"{BC5C42B3-CE50-8D5E-A495-6C48C0FF6336}" = CCC Help Portuguese
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BEFFB92B-8238-E6B7-E9D4-494BA407E593}" = Catalyst Control Center Localization Korean
"{BFC19AEE-8C4D-65BF-3BAE-729D1252E86C}" = Catalyst Control Center InstallProxy
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die*Sims™*3
"{C177F7FD-C061-003B-47F6-41483424517B}" = Catalyst Control Center Localization Chinese Standard
"{C20CE592-B0F8-4D20-BF31-0151CA6331A6}" = Samsung Media Studio 5
"{C4972073-2BFE-475D-8441-564EA97DA161}" = QuickSet
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D3171626-2269-7CF9-82AC-7BFC534A0E6A}" = ccc-utility
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{D86C72D4-57DB-D59E-1FE3-9ED8819B28C4}" = Catalyst Control Center Localization Russian
"{DAD207CE-44D2-0C73-198B-8DD3B4F27426}" = CCC Help Spanish
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = Die Sims™ 2 Vier Jahreszeiten
"{E1ED3247-902C-9B94-31AB-81572A6D77AA}" = Catalyst Control Center Localization Dutch
"{E374F278-E64E-D574-332F-AE9241580749}" = CCC Help Chinese Standard
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E60E58A1-6093-3DFC-C382-3702EFB40F0E}" = CCC Help French
"{E87A027B-8051-4323-1B8D-34CB90A9EEBE}" = CCC Help German
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{EAD1C99F-6325-E477-C94C-58B2DB656959}" = Catalyst Control Center Localization Finnish
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F248ADFA-64E0-4b03-8A83-059078BED6A0}" = Die Sims™ 2 Gute Reise
"{F688B66F-AC95-809B-0056-154AF871D5EF}" = CCC Help Finnish
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F6CB42B9-F033-4152-8813-FF11DA8E6A78}" = Dell Dock
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F7529650-B9DB-481B-0089-A2AC3C2821C1}" = Die Sims 2: Nightlife
"{FC41BB0E-F005-F0B8-9040-18E935D752E7}" = CCC Help Russian
"{FCED9B62-34FF-4C15-8A23-F65221F7874D}" = ITECIR Driver
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BlueJ_is1" = BlueJ 2.5.3
"Broadcom 802.11 Application" = Dell Wireless WLAN Card Utility
"conduitEngine" = Conduit Engine
"Creative OA001" = Integrated Webcam Driver (1.06.03.0309)
"de.myphotobook.creator.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1" = myphotobook.de
"Dell Video Chat" = Dell Video Chat
"Dell Webcam Central" = Dell Webcam Central
"ElsterFormular 12.4.1.7699p" = ElsterFormular
"ElsterFormular 2008 - 2009 2008-2009" = ElsterFormular 2008 - 2009
"GoldWave v5.25" = GoldWave v5.25
"ICQToolbar" = ICQ Toolbar
"InstallShield_{459F8ABE-28DB-4F9E-9F96-3149C332FA83}" = Lernwerkstatt 7
"LastFM Motorokr Screensaver" = LastFM Motorokr Screensaver
"LastFM_is1" = Last.fm 1.5.4.27091
"lgx4.lgx.server" = G DATA Logox4 Speechengine
"LuPO_is1" = LuPO 1.0.2.43
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"MinuteMan" = MinuteMan
"Mozilla Firefox 9.0.1 (x86 de)" = Mozilla Firefox 9.0.1 (x86 de)
"MyFreeCodec" = MyFreeCodec
"PDF Editor 3" = PDF Editor 3
"PDF Reader 3" = PDF Reader 3
"RollerCoaster Tycoon Setup" = Roll
"Songbird-release-1959" = Songbird 1.9.3 (Build 1959)
"TIMELEFT3_is1" = TimeLeft
"VLC media player" = VLC media player 1.1.7
"WinGimp-2.0_is1" = GIMP 2.6.5
"WinLiveSuite_Wave3" = Windows Live Essentials
"Winload Toolbar" = Winload Toolbar
"WinRAR archiver" = WinRAR 4.01 (32-Bit)
"Zoo Tycoon 2" = Zoo Tycoon 2

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 30.12.2011 09:10:58 | Computer Name = Luisas-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3276

Error - 30.12.2011 09:10:59 | Computer Name = Luisas-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 30.12.2011 09:10:59 | Computer Name = Luisas-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4680

Error - 30.12.2011 09:10:59 | Computer Name = Luisas-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4680

Error - 30.12.2011 10:50:01 | Computer Name = Luisas-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 30.12.2011 10:50:01 | Computer Name = Luisas-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5945994

Error - 30.12.2011 10:50:01 | Computer Name = Luisas-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5945994

Error - 30.12.2011 10:50:02 | Computer Name = Luisas-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 30.12.2011 10:50:02 | Computer Name = Luisas-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5947195

Error - 30.12.2011 10:50:02 | Computer Name = Luisas-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5947195

[ Broadcom Wireless LAN Events ]
Error - 25.07.2011 05:54:35 | Computer Name = Luisas-PC | Source = WLAN-Tray | ID = 0
Description = 11:54:34, Mon, Jul 25, 11 Error - Unable to gain access to user store


Error - 30.12.2011 13:31:28 | Computer Name = Luisas-PC | Source = WLAN-Tray | ID = 0
Description = 18:31:27, Fri, Dec 30, 11 Error - Unable to gain access to user store


[ System Events ]
Error - 31.12.2011 11:17:10 | Computer Name = Luisas-PC | Source = ACPI | ID = 327693
Description = : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen
Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware
hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie
den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen
Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error - 02.01.2012 09:25:03 | Computer Name = Luisas-PC | Source = Service Control Manager | ID = 7011
Description =

Error - 04.01.2012 07:02:47 | Computer Name = Luisas-PC | Source = bowser | ID = 8003
Description =

Error - 05.01.2012 13:35:48 | Computer Name = Luisas-PC | Source = Print | ID = 6161
Description = Das Dokument PDF Editor im Besitz von The Killer Flower konnte nicht
auf dem Drucker HP LaserJet 1200 Series PCL 5 gedruckt werden. Versuchen Sie erneut,
das Dokument zu drucken, oder starten Sie den Druckspooler erneut. Datentyp: NT
EMF 1.008. Größe der Spooldatei in Bytes: 6356992. Anzahl der gedruckten Bytes:
0. Gesamtanzahl der Seiten des Dokuments: 1. Anzahl der gedruckten Seiten: 0. Clientcomputer:
\\LUISAS-PC. Vom Druckprozessor zurückgegebener Win32-Fehlercode: 259. Es sind
keine Daten mehr verfügbar.

Error - 07.01.2012 08:48:32 | Computer Name = Luisas-PC | Source = DCOM | ID = 10005
Description =

Error - 07.01.2012 08:48:32 | Computer Name = Luisas-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 07.01.2012 08:48:32 | Computer Name = Luisas-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 11.01.2012 10:20:12 | Computer Name = Luisas-PC | Source = ACPI | ID = 327693
Description = : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen
Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware
hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie
den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen
Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error - 11.01.2012 15:11:52 | Computer Name = Luisas-PC | Source = Service Control Manager | ID = 7023
Description =

Error - 11.01.2012 15:13:25 | Computer Name = Luisas-PC | Source = WMPNetworkSvc | ID = 866293
Description =

[ TuneUp Events ]
Error - 31.12.2009 08:29:06 | Computer Name = Luisas-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-12-31 13:29:06', '\device\harddiskvolume3\users\marzipanschweinchen\desktop\luisa\mystery
case files - dire grove collector's edition v1.0.514 (by big fish games)\mcf6.exe','1188',0)

Error - 04.01.2010 15:40:03 | Computer Name = Luisas-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-01-04 20:40:03', '\device\harddiskvolume3\users\marzipanschweinchen\desktop\luisa\mystery
case files - dire grove collector's edition v1.0.514 (by big fish games)\mcf6.exe','1808',0)

Error - 04.01.2010 15:40:29 | Computer Name = Luisas-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-01-04 20:40:29', '\device\harddiskvolume3\users\marzipanschweinchen\desktop\luisa\mystery
case files - dire grove collector's edition v1.0.514 (by big fish games)\mcf6.exe','3796',0)

Error - 04.01.2010 16:09:31 | Computer Name = Luisas-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-01-04 21:09:31', '\device\harddiskvolume3\users\marzipanschweinchen\desktop\luisa\mystery
case files - dire grove collector's edition v1.0.514 (by big fish games)\mcf6.exe','472',0)

Error - 12.01.2010 12:37:22 | Computer Name = Luisas-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-01-12 17:37:22', '\device\harddiskvolume3\users\marzipanschweinchen\desktop\luisa\mystery
case files - dire grove collector's edition v1.0.514 (by big fish games)\mcf6.exe','4488',0)

Error - 12.01.2010 12:42:58 | Computer Name = Luisas-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-01-12 17:42:58', '\device\harddiskvolume3\users\marzipanschweinchen\desktop\luisa\mystery
case files - dire grove collector's edition v1.0.514 (by big fish games)\mcf6.exe','5332',0)

Error - 12.01.2010 14:16:28 | Computer Name = Luisas-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-01-12 19:16:28', '\device\harddiskvolume3\users\marzipanschweinchen\desktop\luisa\mystery
case files - dire grove collector's edition v1.0.514 (by big fish games)\mcf6.exe','5560',0)

Error - 13.01.2010 10:10:13 | Computer Name = Luisas-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-01-13 15:10:13', '\device\harddiskvolume3\users\marzipanschweinchen\desktop\luisa\mystery
case files - dire grove collector's edition v1.0.514 (by big fish games)\mcf6.exe','5472',0)

Error - 13.01.2010 10:43:01 | Computer Name = Luisas-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-01-13 15:43:01', '\device\harddiskvolume3\users\marzipanschweinchen\desktop\luisa\mystery
case files - dire grove collector's edition v1.0.514 (by big fish games)\mcf6.exe','5544',0)

Error - 13.01.2010 11:08:38 | Computer Name = Luisas-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-01-13 16:08:38', '\device\harddiskvolume3\users\marzipanschweinchen\desktop\luisa\mystery
case files - dire grove collector's edition v1.0.514 (by big fish games)\mcf6.exe','804',0)


< End of report >






2. OTL.Txt

OTL logfile created on: 11.01.2012 22:28:12 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\The Killer Flower\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2,99 Gb Total Physical Memory | 1,40 Gb Available Physical Memory | 46,61% Memory free
6,21 Gb Paging File | 4,69 Gb Available in Paging File | 75,52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 138,91 Gb Total Space | 71,47 Gb Free Space | 51,45% Space Free | Partition Type: NTFS

Computer Name: LUISAS-PC | User Name: The Killer Flower | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\The Killer Flower\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\The Killer Flower\Desktop\FSS.exe ()
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avscan.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\WinRAR\WinRAR.exe ()
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Last.fm\LastFM.exe (Last.fm)
PRC - C:\Programme\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Windows\System32\TUProgSt.exe (TuneUp Software)
PRC - C:\Programme\TuneUp Utilities 2009\DiskDoctor.exe (TuneUp Software GmbH)
PRC - C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe (Creative Labs)
PRC - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\stacsv.exe (IDT, Inc.)
PRC - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\AEstSrv.exe (Andrea Electronics Corporation)
PRC - C:\Programme\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - C:\Programme\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
PRC - C:\Programme\Dell\DellDock\DockLogin.exe (Stardock Corporation)
PRC - C:\Programme\DellTPad\hidfind.exe (Alps Electric Co., Ltd.)
PRC - C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
PRC - C:\Programme\DellTPad\ApntEx.exe (Alps Electric Co., Ltd.)
PRC - C:\Programme\DellTPad\ApMsgFwd.exe (Alps Electric Co., Ltd.)


========== Modules (No Company Name) ==========

MOD - C:\Users\The Killer Flower\Desktop\FSS.exe ()
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1c06a392871267db27f7cbc40e1c4fb\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - C:\Programme\WinRAR\WinRAR.exe ()
MOD - C:\Programme\Last.fm\srv_rtaudioplayback.dll ()
MOD - C:\Programme\Last.fm\ext_messengernotify.dll ()
MOD - C:\Programme\Last.fm\ext_skypenotify.dll ()
MOD - C:\Programme\Last.fm\srv_madtranscode.dll ()
MOD - C:\Programme\Last.fm\srv_httpinput.dll ()
MOD - C:\Programme\Last.fm\LastFmFingerprint1.dll ()
MOD - C:\Programme\Last.fm\breakpad.dll ()
MOD - C:\Programme\Last.fm\Moose1.dll ()
MOD - C:\Programme\Last.fm\LastFmTools1.dll ()
MOD - C:\Programme\Last.fm\libfftw3f-3.dll ()
MOD - C:\Programme\Last.fm\zlibwapi.dll ()
MOD - \\?\globalroot\systemroot\system32\mswsock.dll ()
MOD - C:\Windows\System32\atitmmxx.dll ()
MOD - C:\Programme\Last.fm\QtNetwork4.dll ()
MOD - C:\Programme\Last.fm\QtSql4.dll ()
MOD - C:\Programme\Last.fm\QtGui4.dll ()
MOD - C:\Programme\Last.fm\QtXml4.dll ()
MOD - C:\Programme\Last.fm\QtCore4.dll ()
MOD - C:\Programme\Last.fm\imageformats\qmng4.dll ()
MOD - C:\Programme\Last.fm\imageformats\qgif4.dll ()
MOD - C:\Programme\Last.fm\imageformats\qjpeg4.dll ()


========== Win32 Services (SafeList) ==========

SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (BBSvc) -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (BBUpdate) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (TuneUp.Defrag) -- C:\Windows\System32\TuneUpDefragService.exe (TuneUp Software)
SRV - (TuneUp.ProgramStatisticsSvc) -- C:\Windows\System32\TUProgSt.exe (TuneUp Software)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (Creative Labs Licensing Service) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe (Creative Labs)
SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\stacsv.exe (IDT, Inc.)
SRV - (AESTFilters) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\AEstSrv.exe (Andrea Electronics Corporation)
SRV - (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (DockLoginService) -- C:\Programme\Dell\DellDock\DockLogin.exe (Stardock Corporation)
SRV - (se27nd5) -- C:\Windows\System32\USBDeviceService.dll (Iomega)


========== Driver Services (SafeList) ==========

DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (motmodem) -- C:\Windows\System32\drivers\motmodem.sys (Motorola)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (OA001Vid) -- C:\Windows\System32\drivers\OA001Vid.sys (Creative Technology Ltd.)
DRV - (OA001Ufd) -- C:\Windows\System32\drivers\OA001Ufd.sys (Creative Technology Ltd.)
DRV - (BCM42RLY) -- C:\Windows\System32\drivers\bcm42rly.sys (Broadcom Corporation)
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.)
DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (itecir) -- C:\Windows\System32\drivers\itecir.sys (ITE Tech. Inc. )
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (k57nd60x) Broadcom NetLink (TM) -- C:\Windows\System32\drivers\k57nd60x.sys (Broadcom Corporation)
DRV - (irsir) -- C:\Windows\System32\drivers\irsir.sys (Microsoft Corporation)
DRV - (VSTHWBS2) -- C:\Windows\System32\drivers\VSTBS23.SYS (Conexant Systems, Inc.)
DRV - (e1express) Intel(R) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\prxtbWinl.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/
IE - HKCU\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\prxtbWinl.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.lastfm.de/user/TheKillerFlower?setlang=de"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.7: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.12.25 10:01:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.01.11 15:46:00 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\finder@meingutscheincode.de: C:\Program Files\Mein Gutscheincode Finder\Firefox [2011.06.15 20:32:16 | 000,000,000 | ---D | M]

[2011.07.23 14:14:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\The Killer Flower\AppData\Roaming\mozilla\Extensions
[2011.07.23 14:14:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\The Killer Flower\AppData\Roaming\mozilla\Extensions\songbird@songbirdnest.com
[2012.01.06 12:00:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\The Killer Flower\AppData\Roaming\mozilla\Firefox\Profiles\wz0c8lqa.default\extensions
[2011.12.23 17:13:41 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.12.23 17:13:41 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\distribution\extensions
[2011.12.23 17:13:41 | 000,000,000 | ---D | M] (GMX Toolbar) -- C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net
() (No name found) -- C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011.12.25 10:01:11 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.02.02 20:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.12.17 02:32:55 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.04.12 13:46:36 | 000,002,191 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011.12.17 02:25:53 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.12.17 02:32:55 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.12.17 02:32:55 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.12.17 02:32:55 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.12.17 02:32:55 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Mein Gutscheincode Finder zeigt automatisch Shopping-Gutscheine an mit denen Sie beim Online-Einkauf sparen können.) - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - C:\Programme\Mein Gutscheincode Finder\Internet Explorer\x86\ConversionOneIE.dll (Conversion One GmbH)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\prxtbWinl.dll (Conduit Ltd.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\prxtbWinl.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{34A21CB5-6520-43CF-B31D-CF01BFCBB3E0}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4649D5DD-676D-441E-B909-BDD5D590162D}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\The Killer Flower\Pictures\favorites2 (2).jpg
O24 - Desktop BackupWallPaper: C:\Users\The Killer Flower\Pictures\favorites2 (2).jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{a5f80a43-2e1b-11e1-92a3-002219e3a2aa}\Shell - "" = AutoRun
O33 - MountPoints2\{a5f80a43-2e1b-11e1-92a3-002219e3a2aa}\Shell\AutoRun\command - "" = F:\launcher.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012.01.11 22:25:25 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\The Killer Flower\Desktop\OTL.exe
[2012.01.11 20:19:22 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2012.01.11 19:55:39 | 000,000,000 | -HSD | C] -- C:\Users\The Killer Flower\AppData\Local\d2684af2
[2012.01.11 15:45:45 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.01.10 21:00:46 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciseq.dll
[2012.01.10 21:00:44 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012.01.10 21:00:43 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012.01.10 21:00:16 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012.01.10 21:00:16 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2012.01.05 11:49:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012.01.02 14:33:46 | 000,000,000 | ---D | C] -- C:\Users\The Killer Flower\ElsterFormular
[2012.01.02 14:31:26 | 048,115,352 | ---- | C] (Landesfinanzdirektion Thüringen) -- C:\Users\The Killer Flower\Desktop\ElsterFormular-10.4.0.0.exe
[2012.01.02 14:29:40 | 000,000,000 | ---D | C] -- C:\Users\The Killer Flower\AppData\Roaming\elsterformular
[2012.01.02 14:28:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
[2012.01.02 14:28:47 | 000,000,000 | ---D | C] -- C:\ProgramData\elsterformular
[2012.01.02 14:28:40 | 000,000,000 | ---D | C] -- C:\Program Files\ElsterFormular
[2011.12.14 22:02:20 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.12.14 22:02:19 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.12.14 22:02:19 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.12.14 22:02:18 | 001,798,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011.12.14 22:02:17 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.12.14 22:02:14 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.12.14 10:11:51 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011.12.14 10:11:51 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011.12.14 10:11:49 | 002,043,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011.12.14 10:11:47 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011.12.14 10:11:45 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2011.12.14 10:11:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll

========== Files - Modified Within 30 Days ==========

[2012.01.11 22:25:28 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\The Killer Flower\Desktop\OTL.exe
[2012.01.11 22:20:18 | 001,953,091 | ---- | M] () -- C:\Users\The Killer Flower\Desktop\tdsskiller.zip
[2012.01.11 22:18:45 | 000,334,125 | ---- | M] () -- C:\Users\The Killer Flower\Desktop\FSS.exe
[2012.01.11 22:11:20 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.11 22:11:20 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.11 22:00:00 | 000,000,522 | ---- | M] () -- C:\Windows\tasks\1-Klick-Wartung.job
[2012.01.11 20:10:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.01.11 19:58:22 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.01.10 22:44:54 | 000,644,136 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.01.10 22:44:54 | 000,600,512 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.01.10 22:44:54 | 000,131,388 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.01.10 22:44:54 | 000,108,394 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.01.09 23:15:06 | 000,055,040 | ---- | M] () -- C:\Users\The Killer Flower\Desktop\Best Of Music.wpl
[2012.01.08 18:21:35 | 000,027,930 | ---- | M] () -- C:\Users\The Killer Flower\Documents\Papa Unterhalt Karolina.odt
[2012.01.08 17:57:26 | 000,003,441 | ---- | M] () -- C:\Users\The Killer Flower\.recently-used.xbel
[2012.01.03 12:07:24 | 000,199,876 | ---- | M] () -- C:\Users\The Killer Flower\Desktop\schaefer.pdf
[2012.01.02 14:33:35 | 000,001,131 | ---- | M] () -- C:\Users\Public\Desktop\ElsterFormular 2008-2009.lnk
[2012.01.02 14:32:42 | 048,115,352 | ---- | M] (Landesfinanzdirektion Thüringen) -- C:\Users\The Killer Flower\Desktop\ElsterFormular-10.4.0.0.exe
[2012.01.02 14:28:48 | 000,001,024 | ---- | M] () -- C:\Users\Public\Desktop\ElsterFormular.lnk
[2012.01.01 17:31:55 | 000,022,407 | ---- | M] () -- C:\Users\The Killer Flower\Documents\Morrissey Lieder (nicht in meinem Besitz).odt
[2012.01.01 16:46:40 | 000,017,878 | ---- | M] () -- C:\Users\The Killer Flower\Documents\Farbvarianten Viva Pinata.odt
[2011.12.23 19:51:42 | 000,011,720 | ---- | M] () -- C:\Users\The Killer Flower\Desktop\Morrissey, VAST, Saintface, Die Autos.wpl
[2011.12.20 22:39:39 | 000,009,901 | ---- | M] () -- C:\Users\The Killer Flower\Documents\phone songs.odt
[2011.12.18 22:53:43 | 000,022,235 | ---- | M] () -- C:\Windows\System32\TUProgSt_20111218-215341.dmp
[2011.12.15 09:54:37 | 000,305,576 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2012.01.11 22:20:16 | 001,953,091 | ---- | C] () -- C:\Users\The Killer Flower\Desktop\tdsskiller.zip
[2012.01.11 22:18:37 | 000,334,125 | ---- | C] () -- C:\Users\The Killer Flower\Desktop\FSS.exe
[2012.01.08 18:21:34 | 000,027,930 | ---- | C] () -- C:\Users\The Killer Flower\Documents\Papa Unterhalt Karolina.odt
[2012.01.08 17:57:26 | 000,003,441 | ---- | C] () -- C:\Users\The Killer Flower\.recently-used.xbel
[2012.01.05 11:50:00 | 000,002,425 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012.01.03 12:07:23 | 000,199,876 | ---- | C] () -- C:\Users\The Killer Flower\Desktop\schaefer.pdf
[2012.01.02 14:33:35 | 000,001,131 | ---- | C] () -- C:\Users\Public\Desktop\ElsterFormular 2008-2009.lnk
[2012.01.02 14:28:48 | 000,001,024 | ---- | C] () -- C:\Users\Public\Desktop\ElsterFormular.lnk
[2011.12.20 22:39:38 | 000,009,901 | ---- | C] () -- C:\Users\The Killer Flower\Documents\phone songs.odt
[2011.12.18 22:53:41 | 000,022,235 | ---- | C] () -- C:\Windows\System32\TUProgSt_20111218-215341.dmp
[2011.07.09 12:28:10 | 000,045,568 | ---- | C] () -- C:\Windows\UniFish3.exe
[2011.05.05 23:00:44 | 000,013,573 | ---- | C] () -- C:\Windows\hplj1010.ini
[2011.03.19 14:10:53 | 000,002,092 | ---- | C] () -- C:\Users\The Killer Flower\AppData\Roaming\wklnhst.dat
[2011.03.03 15:51:46 | 000,049,664 | ---- | C] () -- C:\Users\The Killer Flower\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.11 17:39:12 | 000,080,896 | ---- | C] () -- C:\Windows\cadkasdeinst01.exe
[2010.09.25 16:05:43 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2010.09.22 14:44:56 | 000,087,040 | ---- | C] () -- C:\Windows\UnGins.exe
[2010.01.27 19:05:35 | 000,006,367 | ---- | C] () -- C:\Windows\Gwpreset.ini
[2009.08.09 14:55:55 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.08.03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.08.03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009.06.20 12:59:12 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.06.20 12:59:12 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.03.31 13:33:25 | 000,921,600 | ---- | C] () -- C:\Windows\System32\vorbisenc.dll
[2009.03.31 13:33:25 | 000,237,568 | ---- | C] () -- C:\Windows\System32\OggDS.dll
[2009.03.31 13:33:25 | 000,188,416 | ---- | C] () -- C:\Windows\System32\vorbis.dll
[2009.03.31 13:33:25 | 000,045,056 | ---- | C] () -- C:\Windows\System32\Ogg.dll
[2009.03.25 22:38:47 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2009.03.25 22:38:47 | 000,174,819 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2009.03.25 22:38:47 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2009.03.25 22:38:47 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2009.03.25 22:34:22 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.03.25 14:47:13 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.03.25 14:10:50 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll
[2009.03.25 14:10:48 | 000,054,784 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2009.03.25 14:10:47 | 000,026,112 | ---- | C] () -- C:\Windows\System32\WLTRYSVC.EXE
[2009.03.25 14:06:03 | 000,000,628 | ---- | C] () -- C:\Windows\System32\PCI_VEN_1102&DEV_FF05&SUBSYS_00001102.ini
[2009.03.25 14:06:02 | 000,101,376 | ---- | C] () -- C:\Windows\System32\APOMngr.dll
[2009.03.25 14:06:02 | 000,066,560 | ---- | C] () -- C:\Windows\System32\CmdRtr.dll
[2008.01.21 08:15:58 | 000,644,136 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.01.21 08:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.01.21 08:15:58 | 000,131,388 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.01.21 08:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 000,305,576 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,600,512 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,108,394 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2003.08.29 10:22:35 | 000,094,274 | ---- | C] () -- C:\Windows\System32\HPBHEALR.DLL

========== Alternate Data Streams ==========

@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:BC0B8090

< End of report >


VIELEN DANK schonmal für Eure Hilfe!