Trojaner: 100Euro Windows Fake Security Drohung

OTL logfile created on: 2/3/2012 3:27:37 PM - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Pi\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2.97 Gb Total Physical Memory | 2.54 Gb Available Physical Memory | 85.55% Memory free
5.93 Gb Paging File | 5.54 Gb Available in Paging File | 93.50% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 141.49 Gb Total Space | 101.99 Gb Free Space | 72.08% Space Free | Partition Type: NTFS
Drive D: | 141.50 Gb Total Space | 106.17 Gb Free Space | 75.03% Space Free | Partition Type: NTFS
 
Computer Name: SCHLEPPTOP | User Name: Pi | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Pi\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
PRC - c:\PROGRA~1\mcafee.com\agent\mcagent.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files\WinRAR\rarext.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
SRV - (WAS) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (W3SVC) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\System32\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (mcmscsvc) -- C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
SRV - (CVPND) -- D:\tübingen\ZDV\vpn-client\cvpnd.exe (Cisco Systems, Inc.)
SRV - (McODS) -- C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe (McAfee, Inc.)
SRV - (McShield) -- C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (McAfee, Inc.)
SRV - (McSysmon) -- C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe (McAfee, Inc.)
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (MpfService) -- C:\Program Files\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
SRV - (MSK80Service) -- C:\Program Files\McAfee\MSK\MskSrver.exe (McAfee, Inc.)
SRV - (OberonGameConsoleService) -- C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe ()
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (WMSVC) -- C:\Windows\System32\inetsrv\WMSvc.exe (Microsoft Corporation)
SRV - (IISADMIN) -- C:\Windows\System32\inetsrv\inetinfo.exe (Microsoft Corporation)
SRV - (McProxy) -- c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe (McAfee, Inc.)
SRV - (McNASvc) -- c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe (McAfee, Inc.)
SRV - (BcmSqlStartupSvc) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (sptd) -- C:\windows\System32\Drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (ivusb) -- C:\Windows\System32\drivers\ivusb.sys (Initio Corporation)
DRV - (CVPNDRVA) -- C:\Windows\System32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.)
DRV - (mfehidk) -- C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfesmfk) -- C:\Windows\System32\drivers\mfesmfk.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (mferkdk) -- C:\Windows\System32\drivers\mferkdk.sys (McAfee, Inc.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (MPFP) -- C:\Windows\System32\drivers\Mpfp.sys (McAfee, Inc.)
DRV - (DNE) -- C:\Windows\System32\drivers\dne2000.sys (Deterministic Networks, Inc.)
DRV - (KMDFMEMIO) -- C:\Windows\System32\drivers\KMDFMEMIO.sys (SAMSUNG ELECTRONICS CO., LTD.)
DRV - (CVirtA) -- C:\Windows\System32\drivers\CVirtA.sys (Cisco Systems, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 68.226.206.14:8085
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "chrome://speeddial/content/speeddial.xul"
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.1
FF - prefs.js..extensions.enabledItems: {5e594888-3e8e-47da-b2c6-b0b545112f84}:1.3.1
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:4.0
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.5
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.4
FF - prefs.js..extensions.enabledItems: isreaditlater@ideashower.com:2.1.1
FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19.1
FF - prefs.js..extensions.enabledItems: en-CA@dictionaries.addons.mozilla.org:2.0.0
FF - prefs.js..extensions.enabledItems: en-US@dictionaries.addons.mozilla.org:5.0.1
FF - prefs.js..extensions.enabledItems: de-DE@dictionaries.addons.mozilla.org:2.0.2
FF - prefs.js..extensions.enabledItems: de_DE@dicts.j3e.de:20110321
FF - prefs.js..extensions.enabledItems: fr-classique-reforme1990@dictionaries.addons.mozilla.org:4.0.3
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.1
FF - prefs.js..extensions.enabledItems: multipletab@piro.sakura.ne.jp:0.6.2011020301
FF - prefs.js..extensions.enabledItems: {1cff04ef-0c75-4621-ba2a-2efb77346996}:2.3
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=mcafee&p="
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\java\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2011/11/09 22:56:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: D:\Firefox\4.0\components [2012/01/12 18:36:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: D:\Firefox\4.0\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: D:\Firefox\4.0\components [2012/01/12 18:36:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: D:\Firefox\4.0\plugins
 
[2010/08/26 20:57:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pi\AppData\Roaming\mozilla\Extensions
[2010/08/26 20:57:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pi\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012/01/12 18:36:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pi\AppData\Roaming\mozilla\Firefox\Profiles\5if9yrkr.default\extensions
[2010/12/19 19:21:58 | 000,000,000 | ---D | M] ("ChromaTabs Plus") -- C:\Users\Pi\AppData\Roaming\mozilla\Firefox\Profiles\5if9yrkr.default\extensions\{1cff04ef-0c75-4621-ba2a-2efb77346996}
[2011/06/13 08:25:54 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Pi\AppData\Roaming\mozilla\Firefox\Profiles\5if9yrkr.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/08/07 19:40:37 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Pi\AppData\Roaming\mozilla\Firefox\Profiles\5if9yrkr.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011/12/14 23:26:35 | 000,000,000 | ---D | M] (TabGroups Manager) -- C:\Users\Pi\AppData\Roaming\mozilla\Firefox\Profiles\5if9yrkr.default\extensions\{ca526f8b-9e0a-4756-9077-19d6f3e64ea8}
[2011/10/16 20:36:01 | 000,000,000 | ---D | M] (Wörterbuch Deutsch (de-DE), Hunspell-unterstützt) -- C:\Users\Pi\AppData\Roaming\mozilla\Firefox\Profiles\5if9yrkr.default\extensions\de_DE@dicts.j3e.de
[2011/01/16 10:42:02 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\Pi\AppData\Roaming\mozilla\Firefox\Profiles\5if9yrkr.default\extensions\de-DE@dictionaries.addons.mozilla.org
[2011/10/12 21:53:03 | 000,000,000 | ---D | M] (Canadian English Dictionary) -- C:\Users\Pi\AppData\Roaming\mozilla\Firefox\Profiles\5if9yrkr.default\extensions\en-CA@dictionaries.addons.mozilla.org
[2011/01/16 10:42:01 | 000,000,000 | ---D | M] (British English Dictionary) -- C:\Users\Pi\AppData\Roaming\mozilla\Firefox\Profiles\5if9yrkr.default\extensions\en-GB@dictionaries.addons.mozilla.org
[2010/10/20 19:34:14 | 000,000,000 | ---D | M] (United States English Spellchecker) -- C:\Users\Pi\AppData\Roaming\mozilla\Firefox\Profiles\5if9yrkr.default\extensions\en-US@dictionaries.addons.mozilla.org
[2011/03/24 20:35:15 | 000,000,000 | ---D | M] (Personas) -- C:\Users\Pi\AppData\Roaming\mozilla\Firefox\Profiles\5if9yrkr.default\extensions\personas@christopher.beard
() (No name found) -- C:\USERS\PI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5IF9YRKR.DEFAULT\EXTENSIONS\{1280606B-2510-4FE0-97EF-9B5A22EAFE30}.XPI
() (No name found) -- C:\USERS\PI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5IF9YRKR.DEFAULT\EXTENSIONS\{5E594888-3E8E-47DA-B2C6-B0B545112F84}.XPI
() (No name found) -- C:\USERS\PI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5IF9YRKR.DEFAULT\EXTENSIONS\{64161300-E22B-11DB-8314-0800200C9A66}.XPI
() (No name found) -- C:\USERS\PI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5IF9YRKR.DEFAULT\EXTENSIONS\{DC572301-7619-498C-A57D-39143191B318}.XPI
() (No name found) -- C:\USERS\PI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5IF9YRKR.DEFAULT\EXTENSIONS\{EF4E370E-D9F0-4E00-B93E-A4F274CFDD5A}.XPI
() (No name found) -- C:\USERS\PI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5IF9YRKR.DEFAULT\EXTENSIONS\ISREADITLATER@IDEASHOWER.COM.XPI
() (No name found) -- C:\USERS\PI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5IF9YRKR.DEFAULT\EXTENSIONS\MULTIPLETAB@PIRO.SAKURA.NE.JP.XPI
 
O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\java\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKCU..\Run: [EA Core] "D:\sims3\EADM\Core.exe" -silent File not found
O4 - HKCU..\Run: [vasja] C:\Users\Pi\AppData\Local\Temp\0.3384901974608191.exe (Orb Networks)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\ICQ\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\ICQ\ICQ6.5\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7807905D-1564-4ECF-9D02-37F688BD746E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D24FC75C-5E3A-4CD8-BCAC-AF5D2F431E78}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F6E2A472-FDB3-4FD2-AF68-F9B10AAEF454}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{2a0c47bd-fa22-11df-b8ef-002454245328}\Shell - "" = AutoRun
O33 - MountPoints2\{2a0c47bd-fa22-11df-b8ef-002454245328}\Shell\AutoRun\command - "" = Z:\Autorun.exe
O33 - MountPoints2\{3bf6b2ec-649e-11e0-8a4c-002454245328}\Shell - "" = AutoRun
O33 - MountPoints2\{3bf6b2ec-649e-11e0-8a4c-002454245328}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{3bf6b2fb-649e-11e0-8a4c-002454245328}\Shell - "" = AutoRun
O33 - MountPoints2\{3bf6b2fb-649e-11e0-8a4c-002454245328}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/02/03 15:26:46 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Pi\Desktop\OTL.exe
[2012/01/22 23:13:35 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
[2012/01/14 11:51:57 | 000,000,000 | ---D | C] -- C:\Users\Pi\Documents\Youcam
[2012/01/11 07:42:01 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\packager.dll
[2012/01/11 07:42:00 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\quartz.dll
[2012/01/11 07:42:00 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\qdvd.dll
[2012/01/11 07:41:59 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\webio.dll
[2012/01/11 07:41:59 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sspisrv.dll
[2012/01/09 05:31:58 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MSCOMCT2.OCX
[2012/01/09 05:31:58 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MSMAPI32.OCX
[2012/01/09 05:31:57 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MSCMCDE.DLL
[2012/01/09 05:31:57 | 000,125,712 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\VB6DE.DLL
[2012/01/09 05:31:57 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MSCC2DE.DLL
[2012/01/09 05:31:57 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MSMPIDE.DLL
 
========== Files - Modified Within 30 Days ==========
 
[2012/02/03 15:27:26 | 000,794,904 | ---- | M] () -- C:\windows\System32\perfh007.dat
[2012/02/03 15:27:26 | 000,730,696 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2012/02/03 15:27:26 | 000,182,706 | ---- | M] () -- C:\windows\System32\perfc007.dat
[2012/02/03 15:27:26 | 000,147,616 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2012/02/03 15:25:22 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Pi\Desktop\OTL.exe
[2012/02/03 15:21:58 | 000,025,558 | ---- | M] () -- C:\windows\System32\Config.MPF
[2012/02/03 15:21:15 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/02/03 15:20:48 | 2388,086,784 | -HS- | M] () -- C:\hiberfil.sys
[2012/02/03 14:37:03 | 000,014,512 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/03 14:37:03 | 000,014,512 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/02/01 01:00:00 | 000,000,348 | ---- | M] () -- C:\windows\tasks\McQcTask.job
[2012/01/27 00:28:48 | 002,421,994 | ---- | M] () -- C:\Users\Pi\Desktop\IMG_1189.JPG
[2012/01/27 00:28:48 | 002,421,994 | ---- | M] () -- C:\Users\Pi\Desktop\IMG_1189 - Kopie.JPG
[2012/01/26 23:36:09 | 000,662,501 | ---- | M] () -- C:\Users\Pi\Desktop\roflmao.png
[2012/01/22 23:13:35 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
[2012/01/15 01:00:00 | 000,000,368 | ---- | M] () -- C:\windows\tasks\McDefragTask.job
 
========== Files Created - No Company Name ==========
 
[2012/01/26 23:35:32 | 000,662,501 | ---- | C] () -- C:\Users\Pi\Desktop\roflmao.png
[2012/01/26 23:33:07 | 002,421,994 | ---- | C] () -- C:\Users\Pi\Desktop\IMG_1189 - Kopie.JPG
[2012/01/26 23:33:00 | 002,421,994 | ---- | C] () -- C:\Users\Pi\Desktop\IMG_1189.JPG
[2012/01/22 22:59:25 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2012/01/09 05:31:58 | 000,116,224 | ---- | C] () -- C:\windows\System32\pdfcmnnt.dll
[2010/04/17 07:15:31 | 000,007,597 | ---- | C] () -- C:\Users\Pi\AppData\Local\Resmon.ResmonCfg
[2010/03/23 12:26:48 | 000,201,512 | ---- | C] () -- C:\windows\System32\vpnapi.dll
[2009/12/26 10:52:17 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/11/08 01:44:05 | 000,000,002 | ---- | C] () -- C:\windows\HotFixList.ini
[2009/11/08 01:29:18 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2009/09/22 23:05:23 | 000,794,904 | ---- | C] () -- C:\windows\System32\perfh007.dat
[2009/09/22 23:05:23 | 000,295,922 | ---- | C] () -- C:\windows\System32\perfi007.dat
[2009/09/22 23:05:23 | 000,182,706 | ---- | C] () -- C:\windows\System32\perfc007.dat
[2009/09/22 23:05:23 | 000,038,104 | ---- | C] () -- C:\windows\System32\perfd007.dat
[2009/09/22 06:45:54 | 000,307,200 | ---- | C] () -- C:\windows\SetDisplayResolution.exe
[2009/09/22 06:21:26 | 000,073,728 | ---- | C] () -- C:\windows\System32\RtNicProp32.dll
[2009/07/14 05:57:37 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009/07/14 05:33:53 | 000,503,992 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2009/07/14 03:05:48 | 000,730,696 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2009/07/14 03:05:48 | 000,291,294 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2009/07/14 03:05:48 | 000,147,616 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2009/07/14 03:05:48 | 000,031,548 | ---- | C] () -- C:\windows\System32\perfd009.dat
[2009/07/14 03:05:05 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT
[2009/07/14 03:04:11 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat
[2009/07/14 00:55:01 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll
[2009/07/13 23:09:19 | 000,982,196 | ---- | C] () -- C:\windows\System32\igkrng500.bin
[2009/07/13 23:09:19 | 000,417,344 | ---- | C] () -- C:\windows\System32\igcompkrng500.bin
[2009/07/13 23:09:19 | 000,139,824 | ---- | C] () -- C:\windows\System32\igfcg500.bin
[2009/07/13 23:09:19 | 000,097,448 | ---- | C] () -- C:\windows\System32\igfcg500m.bin
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat
[1996/04/03 20:33:26 | 000,005,248 | ---- | C] () -- C:\windows\System32\giveio.sys
 
========== LOP Check ==========
 
[2011/04/11 23:17:15 | 000,000,000 | ---D | M] -- C:\Users\Pi\AppData\Roaming\.minecraft
[2010/01/02 19:23:45 | 000,000,000 | ---D | M] -- C:\Users\Pi\AppData\Roaming\.purple
[2010/01/02 20:27:04 | 000,000,000 | ---D | M] -- C:\Users\Pi\AppData\Roaming\acccore
[2010/05/22 11:09:06 | 000,000,000 | ---D | M] -- C:\Users\Pi\AppData\Roaming\Canon
[2010/11/27 13:33:42 | 000,000,000 | ---D | M] -- C:\Users\Pi\AppData\Roaming\DAEMON Tools Lite
[2010/11/27 13:01:10 | 000,000,000 | ---D | M] -- C:\Users\Pi\AppData\Roaming\DAEMON Tools Pro
[2010/08/07 19:40:36 | 000,000,000 | ---D | M] -- C:\Users\Pi\AppData\Roaming\DVDVideoSoftIEHelpers
[2009/12/13 19:17:13 | 000,000,000 | ---D | M] -- C:\Users\Pi\AppData\Roaming\Go Go Gourmet
[2010/01/02 14:42:32 | 000,000,000 | ---D | M] -- C:\Users\Pi\AppData\Roaming\gtk-2.0
[2010/09/01 10:04:11 | 000,000,000 | ---D | M] -- C:\Users\Pi\AppData\Roaming\ICQ
[2011/09/16 23:26:51 | 000,000,000 | ---D | M] -- C:\Users\Pi\AppData\Roaming\MSE
[2011/02/19 19:10:15 | 000,000,000 | ---D | M] -- C:\Users\Pi\AppData\Roaming\Nvu
[2011/10/12 22:25:02 | 000,000,000 | ---D | M] -- C:\Users\Pi\AppData\Roaming\Octoshape
[2010/01/02 13:53:24 | 000,000,000 | ---D | M] -- C:\Users\Pi\AppData\Roaming\OpenOffice.org
[2010/05/30 22:15:16 | 000,000,000 | ---D | M] -- C:\Users\Pi\AppData\Roaming\SYSTEMAX Software Development
[2010/08/26 20:57:03 | 000,000,000 | ---D | M] -- C:\Users\Pi\AppData\Roaming\Thunderbird
[2011/04/21 11:06:57 | 000,000,000 | ---D | M] -- C:\Users\Pi\AppData\Roaming\xm1
[2012/01/15 01:00:00 | 000,000,368 | ---- | M] () -- C:\windows\Tasks\McDefragTask.job
[2012/02/01 01:00:00 | 000,000,348 | ---- | M] () -- C:\windows\Tasks\McQcTask.job
[2011/02/08 18:28:04 | 000,032,640 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:A42A9F39
@Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:4CF61E54
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:E1F04E8D

< End of report >
         

OTL Extras logfile created on: 2/3/2012 3:27:37 PM - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Pi\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2.97 Gb Total Physical Memory | 2.54 Gb Available Physical Memory | 85.55% Memory free
5.93 Gb Paging File | 5.54 Gb Available in Paging File | 93.50% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 141.49 Gb Total Space | 101.99 Gb Free Space | 72.08% Space Free | Partition Type: NTFS
Drive D: | 141.50 Gb Total Space | 106.17 Gb Free Space | 75.03% Space Free | Partition Type: NTFS
 
Computer Name: SCHLEPPTOP | User Name: Pi | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Firefox\4.0\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\vlc\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "D:\vlc\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series" = Canon MP550 series MP Drivers
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 4
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}" = EasyBatteryManager
"{1AFA1FEF-8CF9-4A51-AC46-64FAA7F3D9E2}" = AnyPC Client
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 22
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4cb9f93c-9edc-4be9-ae61-af128ddbecfa}" = Business Contact Manager für Outlook 2007 SP2
"{4D2121FE-5CCC-4D47-B3A0-BF56045A5099}" = Samsung Support Center
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{63eafc52-b963-4297-a7eb-d412944e7065}_is1" = Game Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114072167}" = Go-Go Gourmet
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115246907}" = Elf Bowling Hawaiian Vacation
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{853F8A41-A3C9-43FA-87FA-1AE74FC6F3F7}" = BatteryLifeExtender
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller  Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A80F5D5-E45B-4097-8F55-39B5477FA4C9}" = RebirthRO
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A7581D39-EA20-4883-A480-80C21047052B}" = Easy Network Manager
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.0 - Deutsch
"{AC76BA86-7AD7-5760-0000-900000000003}" = Japanese Fonts Support For Adobe Reader 9
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B0BF7057-6869-4E4B-920C-EA2A58DA07F0}" = Cisco Systems VPN Client 5.0.07.0290
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{D1434266-0486-4469-B338-A60082CC04E1}" = Atheros Client Installation Program
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}" = Samsung Update Plus
"{D765F1CE-5AE5-4C47-B134-AE58AC474740}" = OpenOffice.org 3.1
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{EFCEF949-9821-4759-A573-3EB8C857DF46}" = Windows Live Family Safety
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F46E21DF-5BE1-48E2-8390-5EEA8B25E36A}" = Microsoft SQL Server Native Client
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FDE96E86-7780-431C-92F7-679C6A7CEC51}" = Microsoft SQL Server VSS Writer
"{FEEA1915-314F-4406-8BCF-B11412BE936F}" = RagnarokOnline
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Business Contact Manager" = Business Contact Manager für Outlook 2007 SP2
"Canon MP550 series Benutzerregistrierung" = Canon MP550 series Benutzerregistrierung
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"EADM" = EA Download Manager
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 4.0 (x86 en-US)" = Mozilla Firefox 4.0 (x86 en-US)
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"MSC" = McAfee SecurityCenter
"NVIDIA Drivers" = NVIDIA Drivers
"PROHYBRIDR" = 2007 Microsoft Office system
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.0.3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Mozilla Firefox 9.0.1 (x86 en-US)" = Mozilla Firefox 9.0.1 (x86 en-US)
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 11/11/2011 5:25:16 AM | Computer Name = Schlepptop | Source = McLogEvent | ID = 5051
Description = Ein Thread in Vorgang C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe brauchte
 länger als 90000 ms, um eine Anfrage auszuführen.    Der Vorgang wird beendet.  Thread-ID:
 3236 (0xca4)    Thread-Adresse: 0x779870B4    Thread-Nachricht:      Build VSCORE.14.0.0.435
 / 5400.1158   Object being scanned = \Device\HarddiskVolume4\EuRO\InstallRagnarok_EU13.exe

 by C:\windows\system32\rundll32.exe   4(0)(0)   4(0)(0)   7200(0)(0)   7595(0)(0)   7005(0)(0)

 7004(0)(0)   5006(0)(0)   5004(0)(0)  
 
Error - 11/12/2011 2:47:55 PM | Computer Name = Schlepptop | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 7.0.1.4288 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1428    Startzeit:
 01cc9f85ea7d1c34    Endzeit: 745    Anwendungspfad: D:\Firefox\4.0\firefox.exe    Berichts-ID:
 ce193ce1-0d5e-11e1-9d17-002454245328  
 
Error - 11/14/2011 11:46:58 PM | Computer Name = Schlepptop | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Samsung\Samsung
 Support Center\Drv\drv2x64\KStartMem.exe.Manifest".  Die abhängige Assemblierung 
"Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 11/14/2011 11:47:48 PM | Computer Name = Schlepptop | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Samsung\BatteryLifeExtender\Drv\SABI2x64\KStartMem.exe.Manifest".
Die
 abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 11/14/2011 11:53:00 PM | Computer Name = Schlepptop | Source = McLogEvent | ID = 5051
Description = Ein Thread in Vorgang C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe brauchte
 länger als 90000 ms, um eine Anfrage auszuführen.    Der Vorgang wird beendet.  Thread-ID:
 5252 (0x1484)    Thread-Adresse: 0x779870B4    Thread-Nachricht:      Build VSCORE.14.0.0.435
 / 5400.1158   Object being scanned = \Device\HarddiskVolume4\EuRO\InstallRagnarok_EU13.exe

 by C:\windows\system32\rundll32.exe   4(0)(0)   4(0)(0)   7200(0)(0)   7595(0)(0)   7005(0)(0)

 7004(0)(0)   5006(0)(0)   5004(0)(0)  
 
Error - 11/16/2011 7:55:28 PM | Computer Name = Schlepptop | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Samsung\Samsung
 Support Center\Drv\drv2x64\KStartMem.exe.Manifest".  Die abhängige Assemblierung 
"Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 11/16/2011 7:56:22 PM | Computer Name = Schlepptop | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Samsung\BatteryLifeExtender\Drv\SABI2x64\KStartMem.exe.Manifest".
Die
 abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 11/16/2011 8:01:31 PM | Computer Name = Schlepptop | Source = McLogEvent | ID = 5051
Description = Ein Thread in Vorgang C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe brauchte
 länger als 90000 ms, um eine Anfrage auszuführen.    Der Vorgang wird beendet.  Thread-ID:
 4964 (0x1364)    Thread-Adresse: 0x779870B4    Thread-Nachricht:      Build VSCORE.14.0.0.435
 / 5400.1158   Object being scanned = \Device\HarddiskVolume4\EuRO\InstallRagnarok_EU13.exe

 by C:\windows\system32\rundll32.exe   4(0)(0)   4(0)(0)   7200(0)(0)   7595(0)(0)   7005(0)(0)

 7004(0)(0)   5006(0)(0)   5004(0)(0)  
 
Error - 12/15/2011 11:41:48 AM | Computer Name = Schlepptop | Source = VSS | ID = 8194
Description = 
 
Error - 12/15/2011 1:24:34 PM | Computer Name = Schlepptop | Source = McLogEvent | ID = 5051
Description = Ein Thread in Vorgang C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe brauchte
 länger als 90000 ms, um eine Anfrage auszuführen.    Der Vorgang wird beendet.  Thread-ID:
 3164 (0xc5c)    Thread-Adresse: 0x775870B4    Thread-Nachricht:      Build VSCORE.14.0.0.435
 / 5400.1158   Object being scanned = \Device\HarddiskVolume4\EuRO\InstallRagnarok_EU13.exe

 by C:\windows\Explorer.EXE   4(0)(0)   4(0)(0)   7200(0)(0)   7595(0)(0)   7005(0)(0)   7004(0)(0)

 5006(0)(0)   5004(0)(0)  
 
[ OSession Events ]
Error - 7/22/2010 1:33:20 AM | Computer Name = Schlepptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7
 seconds with 0 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 2/3/2012 10:21:42 AM | Computer Name = Schlepptop | Source = DCOM | ID = 10005
Description = 
 
Error - 2/3/2012 10:21:41 AM | Computer Name = Schlepptop | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 2/3/2012 10:21:41 AM | Computer Name = Schlepptop | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 2/3/2012 10:21:41 AM | Computer Name = Schlepptop | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 2/3/2012 10:21:43 AM | Computer Name = Schlepptop | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 2/3/2012 10:22:01 AM | Computer Name = Schlepptop | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 2/3/2012 10:22:01 AM | Computer Name = Schlepptop | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 2/3/2012 10:22:01 AM | Computer Name = Schlepptop | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 2/3/2012 10:24:02 AM | Computer Name = Schlepptop | Source = DCOM | ID = 10005
Description = 
 
Error - 2/3/2012 10:24:02 AM | Computer Name = Schlepptop | Source = DCOM | ID = 10005
Description = 
 
 
< End of report >