| |
| |||||||
Log-Analyse und Auswertung: CLayoutEngine-Tooltip: YahooMessenger.exe - Abbild fehlerhaftWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
21.07.2012, 18:55
| #1 |
| |  CLayoutEngine-Tooltip: YahooMessenger.exe - Abbild fehlerhaft Hallo! Vor einer Weile hab ich mir den Bundespolizei-Trojaner eingefangen. Ganz wegbekommen habe ich ihn anscheinend nicht, da ich bei Start von Messenger-Programmen stets eine Fehlermeldung erhalte. Beim Yahoo-Messenger ist dies zum Beispiel: CLayoutEngine-Tooltip: YahooMessenger.exe - Abbild fehlerhaft Die Anwendung oder DLL C:\WINDOWS\system32\wmp.dll ist keine gültige Windows-Datei. Überprüfen Sie dies mit der Installationsdiskette. Die Logs von Defogger (weiß nicht, ob ich den richtig benutzt habe, das Log ist nur so kurz), Gmer und OTL sind hier im Anhang. Die von GMER musste ich separat für jedes Laufwerk machen, da sonst folgende Fehlermeldung kam: Windows - Datenverlust beim Schreiben Es konnten nicht alle Daten für die Datei \$Directory gespeichert werden. Die Daten gingen verloren. Mögliche Ursache könnten Computerhardware oder Netzwerkverbindungen sein. Versuchen Sie, die Dateien woanders zu speichern. Hoffe, jemand kann mit den Logs etwas anfangen und mir vielleicht sagen, was der Grund für die Fehlermeldung oben ist, danke! Geändert von Namireon (21.07.2012 um 18:57 Uhr) Grund: Extras-Datei als Anhang hinzugefügt |
|
23.07.2012, 07:42
| #2 | ||
| /// Helfer-Team    | CLayoutEngine-Tooltip: YahooMessenger.exe - Abbild fehlerhaft Hallo und Herzlich Willkommen!
__________________ Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]: Zitat:
Für Vista und Win7: Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen! 1. OTL zu OTL.txt fehlt noch, bitte nachreichen! 3. Um festzustellen, ob veraltete oder schädliche Software unter Programme installiert sind, ich würde gerne noch all deine installierten Programme sehen:
Zitat:
** Möglichst nicht ins internet gehen, kein Online-Banking, File-sharing, Chatprogramme usw grußkira
__________________ |
|
24.07.2012, 15:52
| #3 |
| | CLayoutEngine-Tooltip: YahooMessenger.exe - Abbild fehlerhaft Danke schonmal für deine ausführliche Antwort. Hier jetzt die OTL.txt und die install.txt
__________________PS: Wie kann ich so einen Spoiler-Klapptext erstellen? Mit [spoiler] gehts nicht... Geändert von Namireon (24.07.2012 um 15:53 Uhr) Grund: spoiler |
|
25.07.2012, 07:27
| #4 | |||
| /// Helfer-Team | CLayoutEngine-Tooltip: YahooMessenger.exe - Abbild fehlerhaft Systemreinigung und Prüfung: 1. BSPlayer <- Softwareart-> Adware Zitat:
gehört nicht auf ein sauberes System !: unter Systemsteuerung -> Software/Programme Code:
ATTFilter DAEMON Tools Toolbar
 3. Deinstalliere unter Systemsteuerung/Programme: Die hier aufgelisteten Programme/Erweiterungen gelten als unnötig, meistens aus Unwissenheit oder Ignoranz wird mitinstalliert und manche davon gehört sogar zur gefährlichsten Art der Adware , oder auch zum eine "Foistware-Gruppe". Bestandteile der Standardinstallation vieler Freeware-Programme und teilweise sogar von kostenpflichtigen Programmen, die Palette reicht von Toolbars und anderen Browser-Addons bis hin zu System-Utilities und oft die Checkbox bereits angeklickt ist, so dass man keine Möglichkeit hat, solche Zusätzprogramme abwählen. Code:
ATTFilter pdfforge Toolbar <- Adware Während der Installation die Lizenzbestimmungen immer lesen, und nicht sofort überall den Haken setzen bzw gesetzten Haken belassen, weil damit stimmt man nämlich zu, dass andere "Fremdprogramm", oder sogar Adware (Werbe-Pop-ups) durch Partnerprogrammen, Sponsoren etc - mitinstalliert wird, weil sich Freeware damit finanziert. Zitat:
Zitat:
Code:
ATTFilter :OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.mini20.com
IE - HKCU\..\URLSearchHook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll (DeviceVM Inc.)
IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {FD63BF63-BFFF-4B8F-9D26-4267DF7F17DD}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{FAFCFE78-8B55-47A2-BBD9-17D4F6C71AEC}: "URL" = http://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
IE - HKCU\..\SearchScopes\{FD63BF63-BFFF-4B8F-9D26-4267DF7F17DD}: "URL" = http://www.google.com/custom?q={searchTerms}&sa.x=0&sa.y=0&safe=active&client=pub-3794288947762788&forid=1&channel=1975384696&ie=UTF-8&oe=UTF-8&hl=de&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..browser.search.defaulturl: "http://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com:1.1.2
FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3
FF - prefs.js..keyword.URL: "http://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "chrome://browser-region/locale/region.properties"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
[2012.02.29 20:40:49 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.02.29 20:40:49 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.02.29 20:40:49 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.29 20:40:49 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.29 20:40:49 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Reg Error: Value error.) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll (Spigot, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2b4a2566-e8e7-11de-bc32-00241dd0ec8b}\Shell - "" = AutoRun
O33 - MountPoints2\{2b4a2566-e8e7-11de-bc32-00241dd0ec8b}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{2b4a2566-e8e7-11de-bc32-00241dd0ec8b}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{a2fca0d0-4fbe-11df-bca6-00241dd0ec8b}\Shell\AutoRun\command - "" = H:\starter.exe
O33 - MountPoints2\{b0d099e6-e0e6-11de-bc30-00241dd0ec8b}\Shell\AutoRun\command - "" = H:\Menu.exe
[2012.07.20 16:10:16 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.20 15:23:04 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
:Files
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
5. Deine Javaversion ist nicht aktuell! Da aufgrund alter Sicherheitslücken ist Java sehr anfällig, deinstalliere zunächst alle vorhandenen Java-Versionen: → Systemsteuerung → Software → deinstallieren... → Rechner neu aufstarten → Downloade nun die Offline-Version von Java "Empfohlen Version Java(TM) 7 Update 5 - von Oracle herunter Achte darauf, eventuell angebotene Toolbars abwählen (den Haken bei der Toolbar entfernen)! 6. Adobe Reader aktualisieren : - Während der Installation aufpassen/mitlesen!: Wenn irgendeine Software, Toolbar etc angeboten wird, bitte abwählen! - (z.B "McAfee Security Scan Plus") Adobe Reader Oder: Adobe starten-> gehe auf "Hilfe"-> "Nach Update suchen..." 7. Aktualisieren: -> Mozilla Firefox[/COLOR][/B] Hilfe -> über Menü Hilfe -> "Über Fitefox" 8. Tipps (unabhängig davon ob man den Internet Explorer benutzt oder nicht!) - zeitweise kontrollieren: -> Tipps zu Internet Explorer -> Standard Suchmaschine des Explorers ändern -> Ändern oder Auswählen eines Suchanbieters in Internet Explorer 7/8 -> Wie kann ich den Cache im Internet Explorer leeren? 9. reinige dein System mit CCleaner:
10.
11. Auch auf USB-Sticks, selbstgebrannten Datenträgern, externen Festplatten und anderen Datenträgern können Viren transportiert werden. Man muss daher durch regelmäßige Prüfungen auf Schäden, die durch Malware ("Worm.Win32.Autorun") verursacht worden sein können, überwacht werden. Hierfür sind ser gut geegnet und empfohlen, die auf dem Speichermedium gesicherten Daten, mit Hilfe des kostenlosen Online Scanners zu prüfen. Schließe jetzt alle externe Datenträgeran (USB Sticks etc) Deinen Rechner an, dabei die Hochstell-Taste [Shift-Taste] gedrückt halten, damit die Autorun-Funktion nicht ausgeführt wird. (So verhindest Du die Ausführung der AUTORUN-Funktion) - Man kann die AUTORUN-Funktion aber auch generell abschalten.►Anleitung 12. -> Führe dann einen Komplett-Systemcheck mit Eset Online Scanner (NOD32)Kostenlose Online Scanner durch Achtung!: >>Du sollst nicht die Antivirus-Sicherheitssoftware installieren, sondern dein System nur online scannen<< 13. erneut einen Scan mit OTL:
► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
|
26.07.2012, 21:37
| #5 |
| | CLayoutEngine-Tooltip: YahooMessenger.exe - Abbild fehlerhaft Habe deine Schritte mal befolgt. Install.txt Code:
ATTFilter 2027 version 1.2 29.09.2011 1.2 7-Zip 4.65 06.09.2009 Adobe Creative Suite 5 Master Collection Adobe Systems Incorporated 5.0 Adobe Flash Player 10 ActiveX Adobe Systems Incorporated 19.07.2012 10.1.102.64 Adobe Flash Player 11 Plugin Adobe Systems Incorporated 19.07.2012 11.3.300.262 Adobe Reader 9.1 - Deutsch Adobe Systems Incorporated 03.09.2009 235,00MB 9.1.0 Advanced Combat Radio Environment International Development & Integration Systems, LLC 27.03.2011 61,17MB 1.2.6 AMD Catalyst Install Manager Advanced Micro Devices, Inc. 20.04.2012 20,25MB 3.0.868.0 AMD Processor Driver AMD 29.08.2009 1.3.2.0053 Apple Application Support Apple Inc. 30.04.2010 41,36MB 1.2.1 Apple Mobile Device Support Apple Inc. 30.04.2010 21,44MB 3.0.1.3 Apple Software Update Apple Inc. 03.11.2009 2,16MB 2.1.1.116 ARMA 2 Operation Arrowhead Uninstall 22.07.2012 ArmA 2 Uninstall 22.07.2012 ATI AVIVO Codecs ATI Technologies Inc. 29.08.2009 2,20MB 10.5.0.40515 Audacity 1.2.6 05.11.2009 AVS Audio Converter version 6.1 Online Media Technologies Ltd. 13.02.2010 AVS Update Manager 1.0 Online Media Technologies Ltd. 13.02.2010 AVS4YOU Software Navigator 1.3 Online Media Technologies Ltd. 13.02.2010 BattlEye for OA Uninstall BattlEye Uninstall Browser Configuration Utility DeviceVM Inc. 29.08.2009 1.0.4.9 BS.Player FREE Webteh, d.o.o. 25.09.2009 2.34.980 CCleaner Piriform 22.06.2012 3.20 CL-Eye Driver Code Laboratories, Inc. 01.06.2012 5.0.1.0528 Command & Conquer The First Decade Electronic Arts 14.06.2012 1.00.0000 Comodo Dragon COMODO 20.07.2012 20.1.1.0 COMODO Internet Security COMODO Security Solutions Inc. 06.04.2012 135,00MB 5.10.31649.2253 Compatibility Pack for the 2007 Office system Microsoft Corporation 23.07.2012 191,00MB 12.0.6612.1000 Cool Edit Pro 2.0 13.12.2009 Counter-Strike: Source Valve 11.10.2009 3.843,00MB 1.0.0.0 DAEMON Tools Toolbar DT Soft Ltd 29.08.2009 1.0.8.0552 Deus Ex 30.09.2011 Diablo III Blizzard Entertainment 24.07.2012 1.0.3.10485 DivX Plus Web Player DivX,Inc. 30.01.2010 2.0.0 Dragon Age: Origins Electronic Arts, Inc. 04.04.2012 1.00 Duty Calls Duty Calls 08.02.2011 542,00MB 1.00.0000 EA Network Play System 18.12.2011 EASEUS Partition Master 4.0 Home Edition EASEUS 29.08.2009 Flashpoint uninstall 04.04.2010 FoxTab Video Converter Free Audio CD Burner version 1.5.3.920 DVDVideoSoft Ltd. 16.12.2011 Free CD to MP3 Converter 23.11.2010 Free Studio version 5.0.2 DVDVideoSoft Limited. 25.12.2010 Free YouTube Download version 3.0.20.1228 DVDVideoSoft Ltd. 21.01.2012 Free YouTube to MP3 Converter version 3.10.15.1228 DVDVideoSoft Ltd. 23.01.2012 GameRanger GameRanger Technologies 21.10.2010 Google Chrome Google Inc. 30.01.2010 20.0.1132.57 Google Earth Plug-in Google 14.11.2011 40,92MB 6.1.0.5001 Grand Theft Auto IV Rockstar Games 16.07.2012 1.00.0000 Grand Theft Auto: Episodes From Liberty City Rockstar Games 18.04.2010 1.1.0.0 Haali Media Splitter 24.07.2012 Hama Black Force Pad 2007.01.01 HD View Microsoft Research 17.03.2010 2,58MB 3.3.0 High Definition Audio - KB888111 Microsoft Corporation 20040219.000000 HP Customer Participation Program 14.0 HP 19.05.2012 14.0 HP Document Viewer 7.0 HP 18.10.2009 7.0 HP Imaging Device Functions 14.0 HP 19.05.2012 14.0 HP Photosmart Premier Software 6.5 HP 18.10.2009 6.5 HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 HP 19.05.2012 14.0 HP Photosmart, Officejet and Deskjet 7.0.A HP 18.10.2009 HP Product Detection HP 05.06.2012 1,87MB 11.14.0001 HP Smart Web Printing 4.60 HP 19.05.2012 4.60 HP Solution Center 14.0 HP 19.05.2012 14.0 HP Update Hewlett-Packard 05.06.2012 3,98MB 5.003.001.001 HydraVision ATI Technologies Inc. 29.08.2009 5,14MB 4.0.2.0 ICQ Update Patch 1.9 murb.com 06.04.2011 ICQ6.5 ICQ 05.09.2009 6.5 iTunes Apple Inc. 30.04.2010 159,00MB 9.1.1.12 J2SE Runtime Environment 5.0 Update 6 Sun Microsystems, Inc. 29.08.2009 152,00MB 1.5.0.60 Java(TM) 6 Update 27 Sun Microsystems, Inc. 08.10.2009 94,97MB 6.0.270 Jumblo Finarea S.A. Switzerland 01.12.2010 4.07 build 617 K-Lite Codec Pack 5.2.0 (Basic) 25.10.2009 5.2.0 League of Legends Riot Games 13.06.2012 1.3 Logitech Gaming Software 8.12 Logitech Inc. 20.11.2011 21,92MB 8.12.030 Malwarebytes Anti-Malware Version 1.62.0.1300 Malwarebytes Corporation 20.07.2012 1.62.0.1300 Mercury Microsoft .NET Framework 2.0 Language Pack - DEU Microsoft Corporation 29.08.2009 Microsoft .NET Framework 2.0 Service Pack 2 Microsoft Corporation 23.07.2012 185,00MB 2.2.30729 Microsoft .NET Framework 3.0 German Language Pack Microsoft Corporation 29.08.2009 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft Corporation 23.07.2012 239,00MB 3.2.30729 Microsoft .NET Framework 3.5 SP1 Microsoft Corporation 23.07.2012 Microsoft .NET Framework 4 Client Profile Microsoft Corporation 23.07.2012 4.0.30319 Microsoft .NET Framework 4 Extended Microsoft Corporation 09.04.2012 4.0.30319 Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Corporation 29.02.2012 1 Microsoft Games for Windows - LIVE Microsoft Corporation 28.01.2011 6,01MB 3.4.54.0 Microsoft Games for Windows - LIVE Redistributable Microsoft Corporation 15.05.2011 32,72MB 3.5.88.0 Microsoft Office Professional Edition 2003 Microsoft Corporation 23.07.2012 621,00MB 11.0.8173.0 Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Corporation 29.08.2009 Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 05.12.2011 4,64MB 8.0.59193 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 05.12.2011 4,44MB 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 Microsoft Corporation 24.07.2012 11,10MB 9.0.30411 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 18.10.2010 10,29MB 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 11.10.2009 10,28MB 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 07.11.2010 10,19MB 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 03.07.2011 10,20MB 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 09.04.2012 14,97MB 10.0.40219 Microsoft Visual J# .NET Redistributable Package 1.1 Microsoft 06.11.2010 11,41MB 1.1.4322 Microsoft WinUsb 2.0 Microsoft Corporation 01.06.2012 Microsoft WSE 3.0 Runtime Microsoft Corp. 27.12.2009 0,92MB 3.0.5305.0 Mozilla Firefox 12.0 (x86 de) Mozilla 23.07.2012 12.0 Mozilla Maintenance Service Mozilla 04.05.2012 12.0 Mp3tag v2.48 Florian Heidenreich 11.02.2011 v2.48 MSXML 4.0 SP2 (KB954430) Microsoft Corporation 11.10.2010 1,42MB 4.20.9870.0 MSXML 4.0 SP2 (KB973688) Microsoft Corporation 11.10.2010 2,77MB 4.20.9876.0 MSXML 6.0 Parser (KB925673) Microsoft Corporation 29.08.2009 1,31MB 6.00.3888.0 MSXML4 Parser Microsoft Game Studios 26.12.2009 1,25MB 1.0.0 Need for Speed 05.05.2011 Need For Speed III 15.05.2011 Need for Speed(TM) Hot Pursuit Electronic Arts 05.05.2011 7.922,00MB 1.0.0.0 Nero 9 Lite Nero AG 16.03.2010 NVIDIA PhysX NVIDIA Corporation 08.10.2009 121,00MB 9.09.0203 OCR Software by I.R.I.S 7.0 HP 18.10.2009 7.0 OpenAL 26.09.2011 OpenOffice.org 3.4 OpenOffice.org 24.07.2012 310,00MB 3.4.9590 OpenRA IJW Software (New Zealand) 16.10.2011 OpenVPN 2.1_rc20 11.01.2010 2.1_rc20 Paint.NET v3.5.6 dotPDN LLC 04.12.2010 14,29MB 3.56.0 Pando Media Booster Pando Networks Inc. 13.06.2012 2.6.0.7 PDFCreator Frank Heindörfer, Philip Chinery 26.02.2010 0.9.9 pdfforge Toolbar v1.1.2 Spigot, Inc. 26.02.2010 6,41MB 1.1.2 Power Tab Editor 1.7 Power Tab Software 31.03.2011 3,59MB 1.7.0 Project64 1.6 Project64 30.12.2010 3,47MB 1.6 PunkBuster Services Even Balance, Inc. 06.09.2009 0.986 QuickTime Apple Inc. 30.04.2010 73,79MB 7.66.71.0 RealPlayer RealNetworks 29.02.2012 REALTEK GbE & FE Ethernet PCI-E NIC Driver Realtek 29.08.2009 1.20.0000 Realtek High Definition Audio Driver Realtek Semiconductor Corp. 17.10.2010 5.10.0.6215 Red Alert Windows 95 24.07.2012 RMVB Player 1.0.1 vsevensoft.com 29.02.2012 Seagate Dashboard Memeo Inc. 28.12.2011 1.0.0.809 Shop for HP Supplies HP 19.05.2012 14.0 Six Updater Six Projects 21.07.2012 38,75MB 2.09.7014 Six Updater Suite Sickboy 0.24.4 Skype Click to Call Skype Technologies S.A. 06.12.2011 14,39MB 5.6.8442 Skype™ 5.9 Skype Technologies S.A. 10.06.2012 19,32MB 5.9.123 Steam(TM) Valve 11.10.2009 16,58MB 1.0.0.0 System Requirements Lab Husdawg, LLC 26.10.2009 0,40MB 4.1.14.0 TeamSpeak 3 Client TeamSpeak Systems GmbH 22.07.2012 The Core Media Player 4.0 29.02.2012 The Rosetta Stone 20.10.2010 Total War: SHOGUN 2 The Creative Assembly 07.12.2011 Tunngle beta Tunngle.net GmbH 02.01.2011 Uninstall 1.0.0.1 10.05.2011 VLC media player 1.1.4 VideoLAN 24.10.2010 1.1.4 Warcraft II BNE 01.11.2009 Warcraft III 24.07.2012 Winamp Nullsoft, Inc 23.07.2011 5.621 Winamp Erkennungs-Plug-in Nullsoft, Inc 23.07.2011 1.0.0.1 Windows Internet Explorer 8 Microsoft Corporation 09.04.2012 20090308.140743 Windows Live Essentials Microsoft Corporation 29.01.2011 14.0.8117.0416 Windows Live ID Sign-in Assistant Microsoft Corporation 04.01.2011 4,69MB 6.500.3165.0 Windows Live-Uploadtool Microsoft Corporation 03.09.2009 0,22MB 14.0.8014.1029 Windows Media Format 11 runtime 29.02.2012 Windows Media Player 11 29.02.2012 Windows XP Service Pack 3 Microsoft Corporation 29.08.2009 20080414.031514 XCC Utilities 1.46 21.12.2010 Yahoo! Messenger Yahoo! Inc. 22.07.2012 µTorrent 11.05.2012 3.1.3 Code:
ATTFilter SUPERAntiSpyware Scann-Protokoll
hxxp://www.superantispyware.com
Generiert 07/26/2012 bei 02:20 AM
Version der Applikation : 5.5.1012
Version der Kern-Datenbank : 8960
Version der Spur-Datenbank : 6772
Scan Art : kompletter Scann
Totale Scann-Zeit : 01:43:42
Operating System Information
Windows XP Home Edition 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator
Gescannte Speicherelemente : 762
Erfasste Speicher-Bedrohungen : 0
Gescannte Register-Elemente : 35359
Erfasste Register-Bedrohungen : 0
Gescannte Datei-Elemente : 77041
Erfasste Datei-Elemente : 0
OTL Logfile: Code:
ATTFilter OTL logfile created on: 26.07.2012 21:16:36 - Run 2 OTL by OldTimer - Version 3.2.54.0 Folder = C:\Dokumente und Einstellungen\*****\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,25 Gb Total Physical Memory | 1,86 Gb Available Physical Memory | 57,40% Memory free 5,09 Gb Paging File | 3,51 Gb Available in Paging File | 68,91% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 19,53 Gb Total Space | 1,89 Gb Free Space | 9,68% Space Free | Partition Type: NTFS Drive F: | 149,04 Gb Total Space | 0,21 Gb Free Space | 0,14% Space Free | Partition Type: NTFS Drive I: | 1397,26 Gb Total Space | 937,28 Gb Free Space | 67,08% Space Free | Partition Type: NTFS Drive M: | 278,55 Gb Total Space | 2,49 Gb Free Space | 0,89% Space Free | Partition Type: NTFS Computer Name: MIX-COMPUTER | User Name: ***** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.07.26 00:21:27 | 000,161,776 | ---- | M] (Oracle Corporation) -- C:\Programme\Java\jre7\bin\jqs.exe PRC - [2012.07.20 14:06:32 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\*****\Desktop\OTL.exe PRC - [2012.07.17 14:57:12 | 001,754,768 | ---- | M] (Comodo) -- C:\Programme\Comodo\Dragon\dragon.exe PRC - [2012.07.17 14:57:12 | 000,469,136 | ---- | M] () -- C:\Programme\Comodo\Dragon\dragon_updater.exe PRC - [2012.03.11 21:13:22 | 001,983,232 | ---- | M] (COMODO) -- M:\Programme\COMODO\COMODO Internet Security\cmdagent.exe PRC - [2012.01.17 11:07:54 | 000,252,296 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe PRC - [2011.09.29 12:16:26 | 000,101,144 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech Gaming Software\LCore.exe PRC - [2011.08.12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Programme\SUPERAntiSpyware\SASCore.exe PRC - [2010.11.22 23:52:46 | 000,718,072 | ---- | M] (Tunngle.net GmbH) -- M:\Programme\Tunngle\TnglCtrl.exe PRC - [2010.04.30 16:47:00 | 000,014,088 | ---- | M] (Memeo) -- C:\Programme\Seagate\Seagate Dashboard\SeagateDashboardService.exe PRC - [2010.04.16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2009.08.18 12:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE PRC - [2009.08.18 12:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVCM.EXE PRC - [2008.04.14 07:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe ========== Modules (No Company Name) ========== MOD - [2012.07.23 03:10:45 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll MOD - [2012.07.23 03:10:16 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll MOD - [2012.07.23 02:57:59 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll MOD - [2012.07.23 02:57:38 | 001,592,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll MOD - [2012.07.23 02:53:06 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\92d58f840f549f9bd880783d43db7e3c\System.Runtime.Remoting.ni.dll MOD - [2012.07.23 02:52:38 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\016444dfc5f7e3d11c776f2fbc7a4594\Accessibility.ni.dll MOD - [2012.07.23 02:49:46 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll MOD - [2012.07.23 02:49:41 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll MOD - [2012.07.23 02:49:36 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll MOD - [2012.07.23 02:49:24 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll MOD - [2012.07.17 14:57:12 | 001,133,216 | ---- | M] () -- C:\Programme\Comodo\Dragon\avcodec-54.dll MOD - [2012.07.17 14:57:12 | 000,654,992 | ---- | M] () -- C:\Programme\Comodo\Dragon\libGLESv2.dll MOD - [2012.07.17 14:57:12 | 000,469,136 | ---- | M] () -- C:\Programme\Comodo\Dragon\dragon_updater.exe MOD - [2012.07.17 14:57:12 | 000,219,808 | ---- | M] () -- C:\Programme\Comodo\Dragon\avformat-54.dll MOD - [2012.07.17 14:57:12 | 000,140,960 | ---- | M] () -- C:\Programme\Comodo\Dragon\avutil-51.dll MOD - [2012.07.17 14:57:12 | 000,129,168 | ---- | M] () -- C:\Programme\Comodo\Dragon\libEGL.dll MOD - [2012.07.10 14:45:26 | 009,459,912 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll MOD - [2012.04.04 07:53:56 | 000,301,056 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU MOD - [2012.03.09 00:32:04 | 000,270,336 | ---- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll MOD - [2011.12.19 18:59:44 | 000,068,424 | ---- | M] () -- M:\Programme\COMODO\COMODO Internet Security\scanners\smart.cav MOD - [2011.11.20 16:19:31 | 000,026,112 | ---- | M] () -- C:\Programme\Logitech Gaming Software\plugins\PnpGamePanelDevices-8.12.049\PnpGamePanelDevices.dll MOD - [2011.11.20 16:19:30 | 000,070,656 | ---- | M] () -- C:\Programme\Logitech Gaming Software\plugins\SimInput-8.12.068\SimInput.dll MOD - [2011.11.20 16:19:28 | 000,467,456 | ---- | M] () -- C:\Programme\Logitech Gaming Software\plugins\MainUI-8.12.179\MainUI.dll MOD - [2011.11.20 16:19:24 | 000,206,336 | ---- | M] () -- C:\Programme\Logitech Gaming Software\plugins\G19Device-8.12.147\G19Device.dll MOD - [2011.11.20 16:19:23 | 000,189,952 | ---- | M] () -- C:\Programme\Logitech Gaming Software\plugins\G13Device-8.12.155\G13Device.dll MOD - [2011.11.20 16:19:23 | 000,086,016 | ---- | M] () -- C:\Programme\Logitech Gaming Software\plugins\DevMgr-8.12.077\DevMgr.dll MOD - [2011.11.20 16:19:22 | 000,090,112 | ---- | M] () -- C:\Programme\Logitech Gaming Software\plugins\DevBusHid-8.12.078\DevBusHid.dll MOD - [2011.11.20 16:19:22 | 000,088,064 | ---- | M] () -- C:\Programme\Logitech Gaming Software\plugins\DevBusBulk-8.12.076\DevBusBulk.dll MOD - [2010.07.06 16:32:40 | 001,572,855 | ---- | M] () -- M:\Programme\Tunngle\libeay32.dll MOD - [2010.03.16 12:22:12 | 000,014,848 | ---- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Core-Static\AxInterop.WBOCXLib.dll MOD - [2009.08.29 17:57:48 | 000,311,296 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2009.08.29 17:57:48 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll MOD - [2009.08.29 17:57:47 | 000,430,080 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll MOD - [2009.08.29 17:57:47 | 000,208,896 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll MOD - [2009.08.29 17:57:46 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll MOD - [2001.10.28 17:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll ========== Win32 Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- M:\Dragon Age -- (DAUpdaterSvc) SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt) SRV - [2012.07.26 00:21:27 | 000,161,776 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2012.07.26 00:09:59 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.07.17 14:57:12 | 000,469,136 | ---- | M] () [Auto | Running] -- C:\Programme\Comodo\Dragon\dragon_updater.exe -- (DragonUpdater) SRV - [2012.06.05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.03.11 21:13:22 | 001,983,232 | ---- | M] (COMODO) [Auto | Running] -- M:\Programme\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent) SRV - [2011.08.12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Programme\SUPERAntiSpyware\SASCore.exe -- (!SASCORE) SRV - [2010.11.22 23:52:46 | 000,718,072 | ---- | M] (Tunngle.net GmbH) [Auto | Running] -- M:\Programme\Tunngle\TnglCtrl.exe -- (TunngleService) SRV - [2010.04.30 16:47:00 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Programme\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService) SRV - [2010.04.16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2009.10.02 00:18:30 | 000,036,352 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService) SRV - [2009.08.18 12:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2005.04.04 01:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [File_System | Auto | Stopped] -- -- (StarOpen) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2012.04.06 04:47:17 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv) DRV - [2012.03.11 21:13:48 | 000,097,760 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\inspect.sys -- (Inspect) DRV - [2012.03.11 21:13:46 | 000,494,968 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard) DRV - [2012.03.11 21:13:46 | 000,031,704 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp) DRV - [2012.03.11 21:13:44 | 000,018,056 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmderd.sys -- (cmderd) DRV - [2012.03.09 08:22:00 | 007,586,304 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2011.12.20 09:39:28 | 000,100,368 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtihdXP3.sys -- (AtiHDAudioService) DRV - [2011.11.20 16:19:30 | 000,019,720 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LGBusEnum.sys -- (LGBusEnum) DRV - [2011.11.20 16:19:30 | 000,014,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LGVirHid.sys -- (LGVirHid) DRV - [2011.11.20 16:19:22 | 000,041,880 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LGSHidFilt.Sys -- (LGSHidFilt) DRV - [2011.07.22 18:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV) DRV - [2011.07.12 23:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL) DRV - [2010.10.05 18:11:24 | 006,164,584 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2009.11.18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) DRV - [2009.11.18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2009.10.22 13:54:18 | 000,037,392 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\37346712.sys -- (37346712) DRV - [2009.10.09 23:31:10 | 000,315,408 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\3734671.sys -- (setup_9.0.0.722_05.04.2012_06-27drv) DRV - [2009.10.08 16:44:29 | 000,281,504 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2009.10.08 16:44:29 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2009.10.02 00:18:44 | 000,025,984 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tap0901.sys -- (tap0901) DRV - [2009.09.25 17:59:42 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\37346711.sys -- (37346711) DRV - [2009.09.16 08:02:40 | 000,027,136 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tap0901t.sys -- (tap0901t) TAP-Win32 Adapter V9 (Tunngle) DRV - [2009.08.29 17:40:18 | 000,721,904 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2009.07.13 16:51:12 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB) DRV - [2009.04.22 14:28:08 | 000,008,704 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\epmntdrv.sys -- (epmntdrv) DRV - [2009.04.22 14:28:06 | 000,003,072 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\EuGdiDrv.sys -- (EuGdiDrv) DRV - [2009.04.01 13:28:32 | 000,093,184 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV - [2008.12.25 11:32:32 | 003,721,664 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtKHDMI.sys -- (RTHDMIAzAudService) DRV - [2008.10.30 15:14:20 | 000,117,888 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2008.07.03 11:59:54 | 000,193,696 | ---- | M] (Jungo) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\windrvr6.sys -- (WinDriver6) DRV - [2008.04.14 00:26:08 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx) DRV - [2008.04.14 00:23:10 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm) DRV - [2007.04.16 16:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM) DRV - [2005.08.24 15:55:48 | 000,066,560 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x) DRV - [2005.08.10 16:06:28 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x) DRV - [2005.08.10 14:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x) DRV - [2005.05.16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x) DRV - [2004.08.04 14:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb) DRV - [2004.08.04 14:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKLM\..\SearchScopes,DefaultScope = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKCU\..\SearchScopes,DefaultScope = IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.param.yahoo-fr: "" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: M:\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: M:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Programme\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Programme\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@research.microsoft.com/HDView: C:\Programme\Microsoft Research\HD View\nphdview.dll (Microsoft Research) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Programme\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Programme\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.05.19 17:52:47 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.07.26 00:10:01 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.07.26 00:21:42 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Programme\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.05.19 17:52:47 | 000,000,000 | ---D | M] [2009.08.29 17:09:55 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\Mozilla\Extensions [2012.05.02 16:47:15 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\Mozilla\Firefox\Profiles\cyt36d9u.default\extensions [2010.07.20 01:07:53 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\Mozilla\Firefox\Profiles\cyt36d9u.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012.07.25 23:55:48 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2011.12.06 21:11:40 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012.07.26 00:10:00 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll [2011.07.11 23:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Programme\mozilla firefox\plugins\npwachk.dll [2012.02.29 20:40:49 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml ========== Chrome ========== CHR - homepage: CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Programme\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Programme\Google\Chrome\Application\20.0.1132.47\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Programme\Google\Chrome\Application\20.0.1132.47\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Dokumente und Einstellungen\*****\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Skype Toolbars (Enabled) = C:\Dokumente und Einstellungen\*****\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.270.7 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U27 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Programme\Mozilla Firefox\plugins\NPOFFICE.DLL CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Programme\Mozilla Firefox\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\nprpjplug.dll CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\nprjplug.dll CHR - plugin: Winamp Application Detector (Enabled) = C:\Programme\Mozilla Firefox\plugins\npwachk.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Programme\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: HD View (Enabled) = C:\Programme\Microsoft Research\HD View\nphdview.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: DivX Web Player (Enabled) = M:\Programme\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: iTunes Application Detector (Enabled) = M:\iTunes\Mozilla Plugins\npitunes.dll CHR - Extension: Skype Click to Call = C:\Dokumente und Einstellungen\*****\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\ O1 HOSTS File: ([2012.01.14 19:32:36 | 000,000,850 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 192.168.0.189 HP001871526960 O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Programme\Gemeinsame Dateien\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [COMODO Internet Security] M:\Programme\COMODO\COMODO Internet Security\cfp.exe (COMODO) O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation) O4 - HKLM..\Run: [Launch LCore] C:\Programme\Logitech Gaming Software\LCore.exe (Logitech Inc.) O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Free YouTube Download - C:\Dokumente und Einstellungen\*****\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Dokumente und Einstellungen\*****\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{94812E4A-6500-43D0-9469-EFCC88866307}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{94812E4A-6500-43D0-9469-EFCC88866307}: NameServer = 8.26.56.26,156.154.70.22 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Programme\SUPERAntiSpyware\SASWINLO.DLL) - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\*****\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\*****\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programme\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.08.29 15:25:38 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2011.12.28 16:55:28 | 000,000,000 | -H-- | M] () - I:\Autorun.inf -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012.07.26 14:08:46 | 000,000,000 | ---D | C] -- C:\Programme\ESET [2012.07.26 00:34:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\SUPERAntiSpyware.com [2012.07.26 00:33:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SUPERAntiSpyware.com [2012.07.26 00:33:26 | 000,000,000 | ---D | C] -- C:\Programme\SUPERAntiSpyware [2012.07.26 00:26:57 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\*****\Recent [2012.07.26 00:21:51 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java [2012.07.26 00:21:42 | 000,772,592 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll [2012.07.26 00:21:42 | 000,227,824 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2012.07.26 00:21:42 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2012.07.26 00:21:35 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2012.07.26 00:21:35 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2012.07.26 00:11:41 | 000,000,000 | ---D | C] -- C:\_OTL [2012.07.24 16:30:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\CCleaner [2012.07.24 16:30:57 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner [2012.07.24 16:13:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\OpenOffice.org [2012.07.24 16:11:24 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\OpenOffice.org 3.4 [2012.07.24 16:10:16 | 000,000,000 | ---D | C] -- C:\Programme\OpenOffice.org 3 [2012.07.23 02:27:11 | 000,018,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll [2012.07.22 17:03:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\*****\Startmenü\Programme\Bohemia Interactive [2012.07.21 03:06:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\*****\Lokale Einstellungen\Anwendungsdaten\Downloaded Installations [2012.07.20 14:35:37 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\*****\Desktop\OTL.exe [2012.07.18 02:51:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Comodo [2012.07.15 14:21:56 | 000,000,000 | ---D | C] -- M:\Dokumente und Einstellungen\*****\Eigene Dateien\Command and Conquer Generals Data [2012.07.10 14:45:26 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe ========== Files - Modified Within 30 Days ========== [2012.07.26 21:21:20 | 001,474,832 | ---- | M] () -- C:\WINDOWS\System32\drivers\sfi.dat [2012.07.26 13:51:35 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1229272821-1935655697-839522115-1004.job [2012.07.26 13:51:28 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012.07.26 08:45:37 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\Access.dat [2012.07.26 00:33:49 | 000,001,642 | ---- | M] () -- C:\Dokumente und Einstellungen\*****\Desktop\SUPERAntiSpyware Free Edition.lnk [2012.07.26 00:21:26 | 000,772,592 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll [2012.07.26 00:21:26 | 000,687,600 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll [2012.07.26 00:21:26 | 000,227,824 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2012.07.26 00:21:26 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2012.07.26 00:21:26 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2012.07.26 00:21:26 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2012.07.26 00:19:39 | 000,001,714 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader X.lnk [2012.07.26 00:13:38 | 000,249,496 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012.07.25 21:20:39 | 000,000,522 | ---- | M] () -- C:\Dokumente und Einstellungen\*****\Desktop\Kopie von Operation Pandora Trigger OA.lnk [2012.07.25 03:30:00 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1229272821-1935655697-839522115-1004.job [2012.07.25 01:33:29 | 000,001,852 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Six Updater.lnk [2012.07.25 01:33:29 | 000,001,852 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Six Launcher.lnk [2012.07.24 21:30:45 | 000,000,594 | ---- | M] () -- C:\Dokumente und Einstellungen\*****\Desktop\Operation Pandora Trigger OA.lnk [2012.07.24 16:30:58 | 000,000,654 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk [2012.07.24 16:11:25 | 000,000,909 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\OpenOffice.org 3.4.lnk [2012.07.23 02:56:53 | 000,517,628 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2012.07.23 02:56:53 | 000,494,322 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012.07.23 02:56:53 | 000,101,194 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2012.07.23 02:56:53 | 000,084,484 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012.07.21 19:54:30 | 000,009,541 | ---- | M] () -- C:\Dokumente und Einstellungen\*****\Desktop\Logs Laufwerke C F M.7z [2012.07.20 16:10:10 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012.07.20 16:05:45 | 000,000,020 | ---- | M] () -- C:\Dokumente und Einstellungen\*****\defogger_reenable [2012.07.20 15:40:04 | 000,491,287 | ---- | M] () -- C:\Dokumente und Einstellungen\*****\Desktop\Pokerblaetter.jpg [2012.07.20 14:37:23 | 000,050,477 | ---- | M] () -- C:\Dokumente und Einstellungen\*****\Desktop\Defogger.exe [2012.07.20 14:34:40 | 000,302,592 | ---- | M] () -- C:\Dokumente und Einstellungen\*****\Desktop\orx57tug.exe [2012.07.20 14:06:32 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\*****\Desktop\OTL.exe [2012.07.20 02:42:41 | 000,000,635 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk [2012.07.18 12:05:43 | 000,000,741 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Comodo Dragon.lnk [2012.07.16 12:40:02 | 000,000,746 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Grand Theft Auto IV.lnk [2012.07.13 01:20:27 | 000,001,777 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk [2012.07.10 14:45:26 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2012.07.10 14:45:26 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2012.07.03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2012.06.30 11:25:59 | 000,053,248 | ---- | M] () -- C:\Dokumente und Einstellungen\*****\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.06.30 02:13:02 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat ========== Files Created - No Company Name ========== [2012.07.26 00:33:49 | 000,001,642 | ---- | C] () -- C:\Dokumente und Einstellungen\*****\Desktop\SUPERAntiSpyware Free Edition.lnk [2012.07.26 00:19:39 | 000,002,299 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Reader X.lnk [2012.07.26 00:19:39 | 000,001,714 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader X.lnk [2012.07.24 16:30:58 | 000,000,654 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk [2012.07.24 16:11:25 | 000,000,909 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\OpenOffice.org 3.4.lnk [2012.07.21 19:54:30 | 000,009,541 | ---- | C] () -- C:\Dokumente und Einstellungen\*****\Desktop\Logs Laufwerke C F M.7z [2012.07.21 03:06:55 | 000,001,852 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Six Updater.lnk [2012.07.21 03:06:54 | 000,001,852 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Six Launcher.lnk [2012.07.20 16:05:31 | 000,000,020 | ---- | C] () -- C:\Dokumente und Einstellungen\*****\defogger_reenable [2012.07.20 15:40:11 | 000,491,287 | ---- | C] () -- C:\Dokumente und Einstellungen\*****\Desktop\Pokerblaetter.jpg [2012.07.20 14:37:30 | 000,050,477 | ---- | C] () -- C:\Dokumente und Einstellungen\*****\Desktop\Defogger.exe [2012.07.20 14:35:37 | 000,302,592 | ---- | C] () -- C:\Dokumente und Einstellungen\*****\Desktop\orx57tug.exe [2012.07.18 12:05:43 | 000,000,741 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Comodo Dragon.lnk [2012.05.29 07:36:40 | 000,067,464 | ---- | C] () -- C:\WINDOWS\System32\CLEyeDevices.dll [2012.05.19 17:27:06 | 000,231,379 | ---- | C] () -- C:\WINDOWS\hpoins47.dat [2012.05.19 17:27:06 | 000,000,601 | ---- | C] () -- C:\WINDOWS\hpomdl47.dat [2012.04.06 04:58:03 | 001,474,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfi.dat [2012.02.15 18:45:18 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2011.05.24 23:44:26 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll [2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2011.04.05 00:43:39 | 003,664,174 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-1229272821-1935655697-839522115-1004-0.dat [2011.04.05 00:43:38 | 000,254,102 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat [2011.01.02 22:26:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Access.dat [2010.11.18 22:39:26 | 000,002,644 | ---- | C] () -- C:\Dokumente und Einstellungen\*****\.recently-used.xbel [2009.10.18 16:48:15 | 000,000,034 | ---- | C] () -- C:\Dokumente und Einstellungen\*****\.gtk-bookmarks [2009.10.08 22:27:18 | 000,027,963 | ---- | C] () -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\OFMissionEditorConfig.xml [2009.09.08 00:08:47 | 000,053,248 | ---- | C] () -- C:\Dokumente und Einstellungen\*****\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.09.06 22:56:52 | 000,022,328 | ---- | C] () -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\PnkBstrK.sys [2009.08.29 15:35:13 | 000,000,140 | ---- | C] () -- C:\Dokumente und Einstellungen\*****\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat ========== LOP Check ========== [2009.12.26 14:52:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Age of Empires 3 [2012.06.01 01:01:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Battle.net [2010.01.06 15:02:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BioWare [2011.12.16 15:15:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Canneverbe Limited [2012.04.06 03:16:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CheckPoint [2012.04.06 04:48:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CPA_VA [2009.08.29 17:43:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite [2011.05.05 22:49:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EA Core [2011.05.05 22:49:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Electronic Arts [2012.06.15 12:48:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PMB Files [2011.05.05 22:21:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Solidshield [2011.01.02 22:24:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Tunngle [2010.04.30 10:45:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2009.11.04 00:31:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{755AC846-7372-4AC8-8550-C52491DAA8BD} [2012.07.24 21:33:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\ArmA II Launcher [2009.08.29 16:56:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\Bump Technologies, Inc [2011.12.16 15:15:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\Canneverbe Limited [2012.04.06 03:19:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\CheckPoint [2012.02.29 03:42:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\CoreCodec [2012.07.24 16:34:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\DAEMON Tools Lite [2012.01.23 17:04:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\DVDVideoSoft [2010.12.25 23:18:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\DVDVideoSoftIEHelpers [2010.10.21 16:17:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\GameRanger [2009.10.18 16:48:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\gtk-2.0 [2012.06.20 21:51:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\ICQ [2011.01.04 22:40:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\Jumblo [2010.10.20 21:32:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\Leadertech [2012.06.13 19:24:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\LolClient2 [2011.02.08 22:20:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\LucasArts [2011.02.11 17:55:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\Mp3tag [2011.04.06 16:32:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\OCS [2012.07.24 16:13:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\OpenOffice.org [2011.04.06 16:32:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\Opera [2009.09.20 19:52:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\Red Alert 3 Demo [2011.12.28 16:58:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\Seagate [2010.11.18 17:36:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\six-rsync [2012.07.21 03:08:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\six-updater [2011.08.06 19:23:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\six-zsync [2011.12.05 18:16:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\The Creative Assembly [2011.09.18 22:59:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\Tunngle [2012.07.24 16:34:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\uTorrent ========== Purity Check ========== < End of report > Extras.txt OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 26.07.2012 21:16:36 - Run 2
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Dokumente und Einstellungen\*****\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,25 Gb Total Physical Memory | 1,86 Gb Available Physical Memory | 57,40% Memory free
5,09 Gb Paging File | 3,51 Gb Available in Paging File | 68,91% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 19,53 Gb Total Space | 1,89 Gb Free Space | 9,68% Space Free | Partition Type: NTFS
Drive F: | 149,04 Gb Total Space | 0,21 Gb Free Space | 0,14% Space Free | Partition Type: NTFS
Drive I: | 1397,26 Gb Total Space | 937,28 Gb Free Space | 67,08% Space Free | Partition Type: NTFS
Drive M: | 278,55 Gb Total Space | 2,49 Gb Free Space | 0,89% Space Free | Partition Type: NTFS
Computer Name: MIX-COMPUTER | User Name: ***** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Programme\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"57355:TCP" = 57355:TCP:*:Enabled:Pando Media Booster
"57355:UDP" = 57355:UDP:*:Enabled:Pando Media Booster
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"57355:TCP" = 57355:TCP:*:Enabled:Pando Media Booster
"57355:UDP" = 57355:UDP:*:Enabled:Pando Media Booster
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hposfx08.exe" = C:\Programme\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hposid01.exe" = C:\Programme\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Programme\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hpoews01.exe" = C:\Programme\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Programme\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpofxs08.exe" = C:\Programme\HP\Digital Imaging\bin\hpofxs08.exe:*:Enabled:hpofxs08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Programme\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Programme\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Programme\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\HP Software Update\hpwucli.exe" = C:\Programme\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Programme\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Programme\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
"C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\ICQ6.5\ICQ.exe" = C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"M:\Operation Flashpoint\FlashpointResistance.exe" = M:\Operation Flashpoint\FlashpointResistance.exe:*:Enabled:Operation Flashpoint -- ()
"C:\Programme\Java\jre6\bin\java.exe" = C:\Programme\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary
"M:\Star Wars JK II Jedi Outcast\GameData\jk2mp.exe" = M:\Star Wars JK II Jedi Outcast\GameData\jk2mp.exe:*:Enabled:jk2mp
"C:\Dokumente und Einstellungen\*****\Lokale Einstellungen\Temp\hp_webrelease\setup\HPZnet01.exe" = C:\Dokumente und Einstellungen\*****\Lokale Einstellungen\Temp\hp_webrelease\setup\HPZnet01.exe:*:Enabled:hpznet01.exe
"C:\Dokumente und Einstellungen\*****\Lokale Einstellungen\Temp\hp_webrelease\setup\hponicifs01.exe" = C:\Dokumente und Einstellungen\*****\Lokale Einstellungen\Temp\hp_webrelease\setup\hponicifs01.exe:*:Enabled:hponicifs01.exe
"C:\Programme\HP\Digital Imaging\bin\hpqscnvw.exe" = C:\Programme\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe
"C:\Programme\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Programme\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Programme\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- (Hewlett-Packard)
"C:\Programme\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Programme\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"M:\Dragon Age - Origins\bin_ship\daorigins.exe" = M:\Dragon Age - Origins\bin_ship\daorigins.exe:*:Enabled:Dragon Age Origins Game -- (BioWare)
"M:\Dragon Age - Origins\DAOriginsLauncher.exe" = M:\Dragon Age - Origins\DAOriginsLauncher.exe:*:Enabled:Dragon Age Origins Launcher -- (BioWare)
"M:\Dragon Age - Origins\bin_ship\daupdatersvc.service.exe" = M:\Dragon Age - Origins\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Origins Updater -- (BioWare)
"M:\StarCraft II\Versions\Base15405\SC2.exe" = M:\StarCraft II\Versions\Base15405\SC2.exe:*:Enabled:StarCraft II
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Programme\Skype\Plugin Manager\skypePM.exe" = C:\Programme\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"M:\FIFA 11\Game\fifa.exe" = M:\FIFA 11\Game\fifa.exe:*:Enabled:FIFA 11
"M:\Programme\Jumblo\Jumblo.exe" = M:\Programme\Jumblo\Jumblo.exe:*:Enabled:Jumblo -- (Jumblo)
"M:\Programme\Tunngle\TnglCtrl.exe" = M:\Programme\Tunngle\TnglCtrl.exe:*:Enabled:Tunngle Service -- (Tunngle.net GmbH)
"M:\Programme\Tunngle\Tunngle.exe" = M:\Programme\Tunngle\Tunngle.exe:*:Enabled:Tunngle Client -- (Tunngle.net GmbH)
"M:\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe" = M:\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV -- (Sony DADC Austria AG)
"C:\Programme\Yahoo!\Messenger\YahooMessenger.exe" = C:\Programme\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"M:\Need for Speed - Hot Pursuit\Launcher.exe" = M:\Need for Speed - Hot Pursuit\Launcher.exe:*:Enabled:Need for Speed(TM) Hot Pursuit -- (Electronic Arts)
"M:\OpenRA\OpenRA.Game.exe" = M:\OpenRA\OpenRA.Game.exe:*:Enabled:OpenRA -- ( )
"C:\Programme\SIX Projects\Six Updater\tools\bin\rsync.exe" = C:\Programme\SIX Projects\Six Updater\tools\bin\rsync.exe:*:Enabled:rsync -- ()
"M:\Steam\steam.exe" = M:\Steam\steam.exe:*:Enabled:Steam -- (Valve Corporation)
"M:\Steam\SteamApps\common\empire total war\Empire.exe" = M:\Steam\SteamApps\common\empire total war\Empire.exe:*:Enabled:Empire: Total War -- (The Creative Assembly Ltd)
"M:\Resident Evil 5\RE5DX9.EXE" = M:\Resident Evil 5\RE5DX9.EXE:*:Enabled:RESIDENT EVIL 5
"M:\Need for Speed IV - Brennender Asphalt\nfshs.exe" = M:\Need for Speed IV - Brennender Asphalt\nfshs.exe:*:Enabled:Need For Speed - High Stakes -- (Electronic Arts, Inc.)
"M:\eMule\emule.exe" = M:\eMule\emule.exe:*:Enabled:eMule
"M:\Downloads\Batman.Arkham.City.PC.English.2011\Binaries\Win32\BatmanAC.exe" = M:\Downloads\Batman.Arkham.City.PC.English.2011\Binaries\Win32\BatmanAC.exe:*:Enabled:Batman: Arkham City
"M:\Batman.Arkham.City.PC.English.2011\Binaries\Win32\BatmanAC.exe" = M:\Batman.Arkham.City.PC.English.2011\Binaries\Win32\BatmanAC.exe:*:Enabled:Batman: Arkham City -- (Rocksteady Studios Ltd.)
"M:\Die Siedler II - Die nächste Generation\bin\S2DNG.exe" = M:\Die Siedler II - Die nächste Generation\bin\S2DNG.exe:*:Enabled:S2DNG
"M:\Dawn of War\W40k.exe" = M:\Dawn of War\W40k.exe:*:Enabled:W40K
"M:\Steam\SteamApps\the_tacitus\counter-strike source\hl2.exe" = M:\Steam\SteamApps\the_tacitus\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source
"M:\ArmA 2\Expansion\beta\arma2oa.exe" = M:\ArmA 2\Expansion\beta\arma2oa.exe:*:Enabled:ArmA 2 OA -- (Bohemia Interactive)
"M:\Programme\uTorrent\uTorrent.exe" = M:\Programme\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hposfx08.exe" = C:\Programme\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hposid01.exe" = C:\Programme\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Programme\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hpoews01.exe" = C:\Programme\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Programme\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpofxs08.exe" = C:\Programme\HP\Digital Imaging\bin\hpofxs08.exe:*:Enabled:hpofxs08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Programme\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Programme\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Programme\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\HP Software Update\hpwucli.exe" = C:\Programme\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Programme\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Programme\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
"C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"M:\Steam\SteamApps\common\total war shogun 2\Shogun2.exe" = M:\Steam\SteamApps\common\total war shogun 2\Shogun2.exe:*:Enabled:Total War: SHOGUN 2 -- (The Creative Assembly Ltd)
"M:\Steam\SteamApps\common\total war shogun 2\data\encyclopedia\how_to_play.html" = M:\Steam\SteamApps\common\total war shogun 2\data\encyclopedia\how_to_play.html:*:Enabled:Total War: SHOGUN 2 -- ()
"M:\Steam\SteamApps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat" = M:\Steam\SteamApps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat:*:Enabled:Total War: SHOGUN 2 -- ()
"M:\Steam\SteamApps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat" = M:\Steam\SteamApps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat:*:Enabled:Total War: SHOGUN 2 -- ()
"M:\ArmA 2\arma2.exe" = M:\ArmA 2\arma2.exe:*:Enabled:ArmA 2 -- (Bohemia Interactive)
"M:\ArmA 2\arma2OA.exe" = M:\ArmA 2\arma2OA.exe:*:Enabled:ArmA 2 Operation Arrowhead -- (Bohemia Interactive)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{014E482A-0C27-47E3-BA82-307E9DCA2F47}" = HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{036138A4-CE69-54B3-EC3A-22EC160303E0}" = CCC Help Czech
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{05D08C4D-58A2-438B-A419-EE994E64E15D}" = B110
"{069730C2-755A-485B-A205-27A1AAFA836A}" = InstantShareAlert
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0A65A3BD-54B5-4d0d-B084-7688507813F5}" = SlideShow
"{0A68C819-3333-E57F-5881-D3FE31C1F2D5}" = CCC Help Turkish
"{0AEB967F-1D12-43C8-A59C-D93DA8EE4A4E}" = Duty Calls
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{15C0AF59-4877-49B6-B8C6-A61CE54515F5}" = cp_OnlineProjectsConfig
"{1A655D51-1423-48A3-B748-8F5A0BE294C8}" = Microsoft Visual J# .NET Redistributable Package 1.1
"{1A9DEF19-760C-4e01-958F-D9B8E6C61B90}" = c5100_Help
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23481C75-AA13-858C-C707-51D7744F2309}" = CCC Help English
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{288DB08D-0708-4A94-B055-55B99E39EB62}" = Adobe Creative Suite 5 Master Collection
"{289338AE-2213-4509-AED2-450414C1260C}_is1" = ICQ Update Patch 1.9
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2D8CED57-CCDB-4D86-9087-3BBCAE8F8F22}" = Six Updater
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2F58D60D-2BFD-4467-9B4D-64E7355C329D}" = Sonic_PrimoSDK
"{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3179E96B-2CCF-A00A-5738-4C14DBA0DACA}" = CCC Help Chinese Traditional
"{32477761-57AE-4D26-A493-9AA1658B6615}" = ATI AVIVO Codecs
"{33BF0960-DBA3-4187-B6CC-C969FCFA2D25}" = SkinsHP1
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone
"{3BDCECE1-F7F8-81E3-EE26-AF8FD5172A56}" = CCC Help German
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{41B4F085-82E5-C9C2-9AB3-65D67EF60883}" = CCC Help Italian
"{41E776A5-9B12-416D-9A12-B4F7B044EBED}" = CP_Package_Basic1
"{498A4E3D-562E-4129-8722-6DCAB12384AE}" = Windows Communication Foundation Language Pack - DEU
"{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}" = Hama Black Force Pad
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}" = OpenOffice.org 3.4
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{5454083B-1308-4485-BF17-111000028701}" = Grand Theft Auto: Episodes from Liberty City
"{5454083B-1308-4485-BF17-111000038701}" = Grand Theft Auto: Episodes from Liberty City
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{565E7B0E-B76B-4EAD-9753-F1E72A5CF12E}" = HPAppStudio
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{59A86970-E9AB-0D1D-A269-2381A89F0CF2}" = Catalyst Control Center InstallProxy
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5DCB68D8-686F-0550-6DD3-957A366F8F99}" = CCC Help Norwegian
"{5ECB3A3C-980B-4D12-9724-25DCB07A1F47}" = iTunes
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}" = Grand Theft Auto: Episodes From Liberty City
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{639673E9-D53F-44F4-A046-485C8A6ADA15}" = Paint.NET v3.5.6
"{653B7F6E-F594-4B55-61BA-78F8FE6E500A}" = CCC Help Finnish
"{6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C}" = RandMap
"{66D6F3BD-CA23-41A4-9FA3-96B26B32528C}" = Command & Conquer The First Decade
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{69101ED4-FAEB-44EE-1A0E-0602CD6458F3}" = Catalyst Control Center
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69ebe133-29a9-4c62-ae28-1509b988d81e}.sdb" = Mercury
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7228FD8C-3B9E-4204-AE36-8A466107685B}" = Windows Workflow Foundation DE Language Pack
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{7596C248-4816-4C6F-8AAC-D8C81F2B4B49}" = HD View
"{76B0FAA5-C23B-58E8-EB51-1195A4D6BEB7}" = Catalyst Control Center Localization All
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7C03270C-4FAB-4F5C-B10D-52FEDA190790}" = DocumentViewerQFolder
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{821CF756-EDC0-5A8C-6ECA-3F4682DEAFD1}" = CCC Help French
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed(TM) Hot Pursuit
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}" = DocProc
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{8E4B1BE8-DCF3-4B90-A726-B28107442623}" = SolutionCenter
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FB7E2C1-13A7-F9A0-277F-8CFB5B198E7E}" = CCC Help Polish
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92DF2F1B-F63C-4D9A-B3E1-B2D11AE29790}" = Windows Presentation Foundation Language Pack (DEU)
"{93FF055C-7E0B-4E26-AAFB-2C4333E2D7D0}" = Logitech Gaming Software 8.12
"{950A97A5-F8AF-26C7-8F8B-47F7C1F03363}" = CCC Help Portuguese
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9580813D-94B1-4C28-9426-A441E2BB29A5}" = Counter-Strike: Source
"{96A092BE-173D-6824-14FD-1C8C0477C1D1}" = CCC Help Greek
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy
"{999EDFF6-2F0E-41EE-8445-DB81404366B3}_is1" = 2027 version 1.2
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BA4C082-183A-4869-06DB-4F563355D33F}" = CCC Help Spanish
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}" = Apple Mobile Device Support
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A29800BA-0BF1-4E63-9F31-DF05A87F4104}" = InstantShareDevices
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A997829F-090A-06FC-ADDA-B907E0D2562E}" = AMD Catalyst Install Manager
"{AB4FE709-7AC5-A7FF-A947-A110CEFCB074}" = CCC Help Hungarian
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC08BBA0-96B9-431A-A7D0-D8598E493775}" = RESIDENT EVIL 5
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B2157760-AA3C-4E2E-BFE6-D20BC52495D9}" = cp_PosterPrintConfig
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B3B9BC18-2A09-4728-9B46-12E85FF3F628}" = C5100
"{B6286A44-7505-471A-A72B-04EC2DB2F442}" = CueTour
"{B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3}" = CP_Panorama1Config
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B802B2D2-C777-1876-8204-C0F360CBF955}" = CCC Help Dutch
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BBC2068D-CE9C-48F5-A6EA-4B44B9DB14A5}" = Catalyst Control Center - Branding
"{BBFB2E59-B0DB-42C8-8F4D-CF4E85471667}" = Toolbox
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C1C6767D-B395-43CB-BF99-051B58B86DA6}" = PhotoGallery
"{C3A11907-930D-41AC-A135-CC3B12F92011}" = Seagate Dashboard
"{C6BD88D1-A8D3-B46F-781E-80A6A6927E09}" = CCC Help Chinese Standard
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D3CD290C-C254-F440-962D-F9D0E60DD3F4}" = CCC Help Danish
"{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}" = COMODO Internet Security
"{d75b9df1-3507-4b65-9df8-a4a6e70dc800}" = Nero 9 Lite
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA3DB4D7-429D-4292-F855-C47C6EA1AFF8}" = CCC Help Thai
"{DE464235-13EC-F0E2-2608-9A8103F52DF8}" = CCC Help Japanese
"{E26A5188-EFCA-4C98-B942-C8BBE8F8110C}" = Advanced Combat Radio Environment
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{E8AEA11B-E60A-455E-B008-E4E763604612}" = Browser Configuration Utility
"{E8D9FAA2-D3DB-7FA3-3FFE-0AC935251F99}" = CCC Help Swedish
"{ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F}" = CP_CalendarTemplates1
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F2A7F421-1679-48D5-B918-96999014ED53}" = Microsoft .NET Framework 3.0 German Language Pack
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{F748B53A-A58F-17B4-F380-08EF92B6A6F4}" = CCC Help Korean
"{F80BD4BC-06B8-488E-A62E-C4755013DD71}" = Network
"{F88E2E04-7EF5-488C-8E38-C94EB808458E}" = PS_AIO_07_B110_SW_Min
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FA584B62-7ECF-A981-0D1E-A8BE67C604DB}" = Catalyst Control Center Graphics Previews Common
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"{FBFC6AFA-082C-CBEC-3D28-1EE9CA16D029}" = ccc-utility
"{FCCDE84B-0154-459E-A8F2-C6B3FA5C1881}" = HydraVision
"{FE7E1DD7-EBCE-4696-ADE2-22BDBF2372DA}" = DocumentViewer
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FF9B0E3E-9D2E-2560-EEA2-BB35A369C491}" = CCC Help Russian
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ArmA 2" = ArmA 2 Uninstall
"ARMA 2 Operation Arrowhead" = ARMA 2 Operation Arrowhead Uninstall
"Audacity_is1" = Audacity 1.2.6
"AVS Audio Converter 6.1_is1" = AVS Audio Converter version 6.1
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"BattlEye" = BattlEye Uninstall
"BattlEye for OA" = BattlEye for OA Uninstall
"CCleaner" = CCleaner
"CL-Eye Driver" = CL-Eye Driver
"Comodo Dragon" = Comodo Dragon
"Cool Edit Pro 2.0" = Cool Edit Pro 2.0
"Deus Ex" = Deus Ex
"Diablo III" = Diablo III
"EASEUS Partition Master Home Edition_is1" = EASEUS Partition Master 4.0 Home Edition
"ESET Online Scanner" = ESET Online Scanner v3
"Flashpoint" = Flashpoint uninstall
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.5.3.920
"Free CD to MP3 Converter" = Free CD to MP3 Converter
"Free Studio_is1" = Free Studio version 5.0.2
"Free YouTube Download_is1" = Free YouTube Download version 3.0.20.1228
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.15.1228
"Google Chrome" = Google Chrome
"HP Document Viewer" = HP Document Viewer 7.0
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.5
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"HPOCR" = OCR Software by I.R.I.S 7.0
"ie8" = Windows Internet Explorer 8
"Jumblo_is1" = Jumblo
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.2.0 (Basic)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
"Microsoft .NET Framework 3.0 German Language Pack" = Microsoft .NET Framework 3.0 German Language Pack
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.48
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Need for Speed High Stakes" = Need for Speed
"Need For Speed III" = Need For Speed III
"Network Play System" = EA Network Play System
"OpenAL" = OpenAL
"OpenRA" = OpenRA
"OpenVPN" = OpenVPN 2.1_rc20
"PunkBusterSvc" = PunkBuster Services
"Red Alert" = Red Alert Windows 95
"RMVB Player_is1" = RMVB Player 1.0.1
"Shop for HP Supplies" = Shop for HP Supplies
"Six Updater Suite" = Six Updater Suite
"Steam App 34330" = Total War: SHOGUN 2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"The Core Media Player" = The Core Media Player 4.0
"The Rosetta Stone" = The Rosetta Stone
"Tunngle beta_is1" = Tunngle beta
"Uninstall_is1" = Uninstall 1.0.0.1
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.4
"Warcraft II BNE" = Warcraft II BNE
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"winusb0200" = Microsoft WinUsb 2.0
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XCC Utilities" = XCC Utilities 1.46
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"Yahoo! Messenger" = Yahoo! Messenger
"ZoneAlarm LTD Toolbar" = ZoneAlarm LTD Toolbar
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FoxTab Video Converter" = FoxTab Video Converter
"GameRanger" = GameRanger
"Warcraft III" = Warcraft III
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 25.06.2012 20:00:00 | Computer Name = MIX-COMPUTER | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung Game.exe, Version 1.0.0.1, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 25.06.2012 20:00:12 | Computer Name = MIX-COMPUTER | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung Game.exe, Version 1.0.0.1, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 26.06.2012 19:25:15 | Computer Name = MIX-COMPUTER | Source = Microsoft Office 11 | ID = 1000
Description =
Error - 29.06.2012 07:24:35 | Computer Name = MIX-COMPUTER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung sky92.tmp, Version 5.10.0.114, fehlgeschlagenes
Modul ntdll.dll, Version 5.1.2600.6055, Fehleradresse 0x00012333.
Error - 30.06.2012 17:37:13 | Computer Name = MIX-COMPUTER | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung Game.exe, Version 1.0.0.1, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 30.06.2012 17:37:16 | Computer Name = MIX-COMPUTER | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung Game.exe, Version 1.0.0.1, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 04.07.2012 16:56:59 | Computer Name = MIX-COMPUTER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung rundll32.exe, Version 5.1.2600.5512, fehlgeschlagenes
Modul gdiplus.dll, Version 5.2.6002.22509, Fehleradresse 0x0000f47d.
Error - 04.07.2012 16:57:11 | Computer Name = MIX-COMPUTER | Source = | ID = 0
Description =
Error - 04.07.2012 16:57:11 | Computer Name = MIX-COMPUTER | Source = | ID = 0
Description =
Error - 04.07.2012 16:57:22 | Computer Name = MIX-COMPUTER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung drwtsn32.exe, Version 5.1.2600.0, fehlgeschlagenes
Modul dbghelp.dll, Version 5.1.2600.5512, Fehleradresse 0x0001295d.
[ System Events ]
Error - 25.07.2012 18:11:41 | Computer Name = MIX-COMPUTER | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Apple Mobile Device" wurde unerwartet beendet. Dies ist
bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden
durchgeführt: Starten Sie den Dienst neu..
Error - 25.07.2012 18:11:41 | Computer Name = MIX-COMPUTER | Source = Service Control Manager | ID = 7034
Description = Dienst "COMODO Dragon Update Service" wurde unerwartet beendet. Dies
ist bereits 1 Mal passiert.
Error - 25.07.2012 18:11:41 | Computer Name = MIX-COMPUTER | Source = Service Control Manager | ID = 7034
Description = Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal
passiert.
Error - 25.07.2012 18:11:42 | Computer Name = MIX-COMPUTER | Source = Service Control Manager | ID = 7034
Description = Dienst "TunngleService" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 25.07.2012 18:11:42 | Computer Name = MIX-COMPUTER | Source = Service Control Manager | ID = 7034
Description = Dienst "Seagate Dashboard Service" wurde unerwartet beendet. Dies
ist bereits 1 Mal passiert.
Error - 25.07.2012 18:11:42 | Computer Name = MIX-COMPUTER | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Windows Live ID Sign-in Assistant" wurde unerwartet beendet.
Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000
Millisekunden durchgeführt: Starten Sie den Dienst neu..
Error - 25.07.2012 18:14:06 | Computer Name = MIX-COMPUTER | Source = Service Control Manager | ID = 7000
Description = Der Dienst "StarOpen" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 25.07.2012 18:32:32 | Computer Name = MIX-COMPUTER | Source = Service Control Manager | ID = 7000
Description = Der Dienst "StarOpen" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 26.07.2012 07:51:57 | Computer Name = MIX-COMPUTER | Source = Service Control Manager | ID = 7000
Description = Der Dienst "StarOpen" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 26.07.2012 08:14:55 | Computer Name = MIX-COMPUTER | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie chkdsk auf Volume "C:" aus.
< End of report >
Nach einem PC-Neustart wurde CHKDSK auf "C:" bei mir ausgeführt. Bei ICQ und Yahoo habe ich bisher keine Fehlermeldung mehr erhalten, beim Starten des MSN Messengers kommt jedoch immer noch die Meldung: "msnmsgr.exe - Abbild fehlerhaft - Die Anwendung oder DLL C:\WINDOWS\system32\wmp.dll ist keine gültige Windows-Datei. Überprüfen Sie dies mit der Installationsdiskette." Hab ein wenig den Überblick bei den Trojaner-Scannern verloren, aber einer hatte vier Bedrohungen gefunden und in die Quarantäne gepackt. |
|
27.07.2012, 09:01
| #6 | ||
| /// Helfer-Team | CLayoutEngine-Tooltip: YahooMessenger.exe - Abbild fehlerhaftZitat:
Zitat:
danach: 1. Neue Liste erstellen:
2. erneut einen Scan mit OTL:
► Wenn Du nun alle Schritte erledigt hast, melde dich mit die gewünschten Ergebnisse zurück! Nur bei Probleme inzwischen melden!
__________________ --> CLayoutEngine-Tooltip: YahooMessenger.exe - Abbild fehlerhaft Geändert von kira (27.07.2012 um 09:06 Uhr) |
|
31.08.2012, 17:38
| #7 |
| | CLayoutEngine-Tooltip: YahooMessenger.exe - Abbild fehlerhaft Hi, ich bin jetzt in Ruhe nochmal alle Schritte durchgegangen und hoffe, dass ich diesmal wirklich nichts übersehen habe. Hier meine aktuellen Logs: Code:
ATTFilter 2027 version 1.2 29.09.2011 1.2 7-Zip 4.65 06.09.2009 Adobe Creative Suite 5 Master Collection Adobe Systems Incorporated 5.0 Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 27.08.2012 11.3.300.271 Adobe Flash Player 11 Plugin Adobe Systems Incorporated 27.08.2012 11.3.300.271 Adobe Reader X (10.1.4) - Deutsch Adobe Systems Incorporated 30.08.2012 122,00MB 10.1.4 Advanced Combat Radio Environment International Development & Integration Systems, LLC 27.03.2011 61,17MB 1.2.6 AMD Catalyst Install Manager Advanced Micro Devices, Inc. 20.04.2012 20,25MB 3.0.868.0 AMD Processor Driver AMD 29.08.2009 1.3.2.0053 Apple Application Support Apple Inc. 30.04.2010 41,36MB 1.2.1 Apple Mobile Device Support Apple Inc. 30.04.2010 21,44MB 3.0.1.3 Apple Software Update Apple Inc. 03.11.2009 2,16MB 2.1.1.116 ARMA 2 Operation Arrowhead Uninstall 22.07.2012 ArmA 2 Uninstall 22.07.2012 ATI AVIVO Codecs ATI Technologies Inc. 29.08.2009 2,20MB 10.5.0.40515 Audacity 1.2.6 05.11.2009 AVS Audio Converter version 6.1 Online Media Technologies Ltd. 13.02.2010 AVS Update Manager 1.0 Online Media Technologies Ltd. 13.02.2010 AVS4YOU Software Navigator 1.3 Online Media Technologies Ltd. 13.02.2010 BattlEye for OA Uninstall 30.08.2012 Browser Configuration Utility DeviceVM Inc. 29.08.2009 1.0.4.9 CCleaner Piriform 22.08.2012 3.22 CL-Eye Driver Code Laboratories, Inc. 01.06.2012 5.0.1.0528 Command & Conquer The First Decade Electronic Arts 14.06.2012 1.00.0000 Comodo Dragon COMODO 22.08.2012 21.1.1.0 COMODO Internet Security COMODO Security Solutions Inc. 06.04.2012 135,00MB 5.10.31649.2253 Compatibility Pack for the 2007 Office system Microsoft Corporation 30.08.2012 206,00MB 12.0.6612.1000 Cool Edit Pro 2.0 13.12.2009 Counter-Strike: Source Valve 11.10.2009 3.843,00MB 1.0.0.0 Demo von StarCraft II Blizzard Entertainment 13.08.2012 1.0.0.17759 Deus Ex 30.09.2011 Diablo III Blizzard Entertainment 30.08.2012 1.0.4.11327 DivX Plus Web Player DivX,Inc. 30.01.2010 2.0.0 Dragon Age: Origins Electronic Arts, Inc. 04.04.2012 1.00 Duty Calls Duty Calls 08.02.2011 542,00MB 1.00.0000 EA Network Play System 18.12.2011 EASEUS Partition Master 4.0 Home Edition EASEUS 29.08.2009 ESET Online Scanner v3 26.07.2012 FoxTab Video Converter Free Audio CD Burner version 1.5.3.920 DVDVideoSoft Ltd. 16.12.2011 Free CD to MP3 Converter 23.11.2010 Free Studio version 5.0.2 DVDVideoSoft Limited. 25.12.2010 Free YouTube Download version 3.0.20.1228 DVDVideoSoft Ltd. 21.01.2012 Free YouTube to MP3 Converter version 3.10.15.1228 DVDVideoSoft Ltd. 23.01.2012 GameRanger GameRanger Technologies 21.10.2010 Google Chrome Google Inc. 30.01.2010 21.0.1180.83 Google Earth Plug-in Google 14.11.2011 40,92MB 6.1.0.5001 Grand Theft Auto IV Rockstar Games 16.07.2012 1.00.0000 Grand Theft Auto: Episodes From Liberty City Rockstar Games 18.04.2010 1.1.0.0 Hama Black Force Pad 2007.01.01 HD View Microsoft Research 17.03.2010 2,58MB 3.3.0 High Definition Audio - KB888111 Microsoft Corporation 20040219.000000 HP Customer Participation Program 14.0 HP 19.05.2012 14.0 HP Document Viewer 7.0 HP 18.10.2009 7.0 HP Imaging Device Functions 14.0 HP 19.05.2012 14.0 HP Photosmart Premier Software 6.5 HP 18.10.2009 6.5 HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 HP 19.05.2012 14.0 HP Photosmart, Officejet and Deskjet 7.0.A HP 18.10.2009 HP Product Detection HP 05.06.2012 1,87MB 11.14.0001 HP Smart Web Printing 4.60 HP 19.05.2012 4.60 HP Solution Center 14.0 HP 19.05.2012 14.0 HP Update Hewlett-Packard 05.06.2012 3,98MB 5.003.001.001 HydraVision ATI Technologies Inc. 29.08.2009 5,14MB 4.0.2.0 ICQ Update Patch 1.9 murb.com 06.04.2011 ICQ6.5 ICQ 05.09.2009 6.5 iTunes Apple Inc. 30.04.2010 159,00MB 9.1.1.12 Java(TM) 7 Update 5 Oracle 26.07.2012 101,00MB 7.0.50 Jumblo Finarea S.A. Switzerland 01.12.2010 4.07 build 617 K-Lite Codec Pack 5.2.0 (Basic) 25.10.2009 5.2.0 Logitech Gaming Software 8.12 Logitech Inc. 20.11.2011 21,92MB 8.12.030 Malwarebytes Anti-Malware Version 1.62.0.1300 Malwarebytes Corporation 20.07.2012 1.62.0.1300 Mercury Microsoft .NET Framework 2.0 Language Pack - DEU Microsoft Corporation 29.08.2009 Microsoft .NET Framework 2.0 Service Pack 2 Microsoft Corporation 23.07.2012 185,00MB 2.2.30729 Microsoft .NET Framework 3.0 German Language Pack Microsoft Corporation 29.08.2009 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft Corporation 23.07.2012 239,00MB 3.2.30729 Microsoft .NET Framework 3.5 SP1 Microsoft Corporation 23.07.2012 Microsoft .NET Framework 4 Client Profile Microsoft Corporation 23.07.2012 4.0.30319 Microsoft .NET Framework 4 Extended Microsoft Corporation 09.04.2012 4.0.30319 Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Corporation 29.02.2012 1 Microsoft Games for Windows - LIVE Microsoft Corporation 28.01.2011 6,01MB 3.4.54.0 Microsoft Games for Windows - LIVE Redistributable Microsoft Corporation 15.05.2011 32,72MB 3.5.88.0 Microsoft Office Professional Edition 2003 Microsoft Corporation 30.08.2012 653,00MB 11.0.8173.0 Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Corporation 29.08.2009 Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 05.12.2011 4,64MB 8.0.59193 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 05.12.2011 4,44MB 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 Microsoft Corporation 24.07.2012 11,10MB 9.0.30411 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 18.10.2010 10,29MB 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 11.10.2009 10,28MB 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 07.11.2010 10,19MB 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 03.07.2011 10,20MB 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 09.04.2012 14,97MB 10.0.40219 Microsoft Visual J# .NET Redistributable Package 1.1 Microsoft 06.11.2010 11,41MB 1.1.4322 Microsoft WinUsb 2.0 Microsoft Corporation 01.06.2012 Microsoft WSE 3.0 Runtime Microsoft Corp. 27.12.2009 0,92MB 3.0.5305.0 Mozilla Firefox 15.0 (x86 de) Mozilla 30.08.2012 15.0 Mozilla Maintenance Service Mozilla 30.08.2012 15.0 Mp3tag v2.48 Florian Heidenreich 11.02.2011 v2.48 MSXML 4.0 SP2 (KB954430) Microsoft Corporation 11.10.2010 1,42MB 4.20.9870.0 MSXML 4.0 SP2 (KB973688) Microsoft Corporation 11.10.2010 2,77MB 4.20.9876.0 MSXML 6.0 Parser (KB925673) Microsoft Corporation 29.08.2009 1,31MB 6.00.3888.0 MSXML4 Parser Microsoft Game Studios 26.12.2009 1,25MB 1.0.0 Need for Speed 05.05.2011 Need For Speed III 15.05.2011 Need for Speed(TM) Hot Pursuit Electronic Arts 05.05.2011 7.922,00MB 1.0.0.0 Nero 9 Lite Nero AG 16.03.2010 NVIDIA PhysX NVIDIA Corporation 08.10.2009 121,00MB 9.09.0203 OCR Software by I.R.I.S 7.0 HP 18.10.2009 7.0 OpenAL 26.09.2011 OpenOffice.org 3.4 OpenOffice.org 24.07.2012 310,00MB 3.4.9590 OpenRA IJW Software (New Zealand) 16.10.2011 OpenVPN 2.1_rc20 11.01.2010 2.1_rc20 Paint.NET v3.5.6 dotPDN LLC 04.12.2010 14,29MB 3.56.0 Pando Media Booster Pando Networks Inc. 13.06.2012 2.6.0.7 PDFCreator Frank Heindörfer, Philip Chinery 26.02.2010 0.9.9 PunkBuster Services Even Balance, Inc. 06.09.2009 0.986 QuickTime Apple Inc. 30.04.2010 73,79MB 7.66.71.0 REALTEK GbE & FE Ethernet PCI-E NIC Driver Realtek 29.08.2009 1.20.0000 Realtek High Definition Audio Driver Realtek Semiconductor Corp. 17.10.2010 5.10.0.6215 Red Alert Windows 95 30.08.2012 RMVB Player 1.0.1 vsevensoft.com 29.02.2012 Seagate Dashboard Memeo Inc. 28.12.2011 1.0.0.809 Shop for HP Supplies HP 19.05.2012 14.0 Six Updater Six Projects 25.07.2012 38,78MB 2.09.7016 Skype Click to Call Skype Technologies S.A. 06.12.2011 14,39MB 5.6.8442 Skype™ 5.10 Skype Technologies S.A. 08.08.2012 19,32MB 5.10.116 Steam(TM) Valve 11.10.2009 16,58MB 1.0.0.0 SUPERAntiSpyware SUPERAntiSpyware.com 26.07.2012 5.5.1012 System Requirements Lab Husdawg, LLC 26.10.2009 0,40MB 4.1.14.0 TeamSpeak 3 Client TeamSpeak Systems GmbH 22.07.2012 The Core Media Player 4.0 29.02.2012 The Rosetta Stone 20.10.2010 Total War: SHOGUN 2 The Creative Assembly 07.12.2011 Tunngle beta Tunngle.net GmbH 02.01.2011 Uninstall 1.0.0.1 10.05.2011 VLC media player 1.1.4 VideoLAN 24.10.2010 1.1.4 Warcraft II BNE 01.11.2009 Warcraft III 30.08.2012 Winamp Nullsoft, Inc 23.07.2011 5.621 Winamp Erkennungs-Plug-in Nullsoft, Inc 23.07.2011 1.0.0.1 Windows Internet Explorer 8 Microsoft Corporation 09.04.2012 20090308.140743 Windows Live Essentials Microsoft Corporation 27.08.2012 14.0.8117.0416 Windows Live ID Sign-in Assistant Microsoft Corporation 04.01.2011 4,69MB 6.500.3165.0 Windows Live-Uploadtool Microsoft Corporation 03.09.2009 0,22MB 14.0.8014.1029 Windows Media Format 11 runtime 29.02.2012 Windows Media Player 11 29.02.2012 Windows XP Service Pack 3 Microsoft Corporation 29.08.2009 20080414.031514 XCC Utilities 1.46 21.12.2010 Yahoo! Messenger Yahoo! Inc. 30.08.2012 µTorrent 11.05.2012 3.1.3 Code:
ATTFilter M:\Dokumente und Einstellungen\Pascalo\Eigene Dateien\Downloads\etypesetup.exe a variant of Win32/Somoto.A application cleaned by deleting - quarantined
Code:
ATTFilter 2027 version 1.2 29.09.2011 1.2 7-Zip 4.65 06.09.2009 Adobe Creative Suite 5 Master Collection Adobe Systems Incorporated 5.0 Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 27.08.2012 11.3.300.271 Adobe Flash Player 11 Plugin Adobe Systems Incorporated 27.08.2012 11.3.300.271 Adobe Reader X (10.1.4) - Deutsch Adobe Systems Incorporated 30.08.2012 122,00MB 10.1.4 Advanced Combat Radio Environment International Development & Integration Systems, LLC 27.03.2011 61,17MB 1.2.6 AMD Catalyst Install Manager Advanced Micro Devices, Inc. 20.04.2012 20,25MB 3.0.868.0 AMD Processor Driver AMD 29.08.2009 1.3.2.0053 Apple Application Support Apple Inc. 30.04.2010 41,36MB 1.2.1 Apple Mobile Device Support Apple Inc. 30.04.2010 21,44MB 3.0.1.3 Apple Software Update Apple Inc. 03.11.2009 2,16MB 2.1.1.116 ARMA 2 Operation Arrowhead Uninstall 22.07.2012 ArmA 2 Uninstall 22.07.2012 ATI AVIVO Codecs ATI Technologies Inc. 29.08.2009 2,20MB 10.5.0.40515 Audacity 1.2.6 05.11.2009 AVS Audio Converter version 6.1 Online Media Technologies Ltd. 13.02.2010 AVS Update Manager 1.0 Online Media Technologies Ltd. 13.02.2010 AVS4YOU Software Navigator 1.3 Online Media Technologies Ltd. 13.02.2010 BattlEye for OA Uninstall 30.08.2012 Browser Configuration Utility DeviceVM Inc. 29.08.2009 1.0.4.9 CCleaner Piriform 22.08.2012 3.22 CL-Eye Driver Code Laboratories, Inc. 01.06.2012 5.0.1.0528 Command & Conquer The First Decade Electronic Arts 14.06.2012 1.00.0000 Comodo Dragon COMODO 22.08.2012 21.1.1.0 COMODO Internet Security COMODO Security Solutions Inc. 06.04.2012 135,00MB 5.10.31649.2253 Compatibility Pack for the 2007 Office system Microsoft Corporation 30.08.2012 206,00MB 12.0.6612.1000 Cool Edit Pro 2.0 13.12.2009 Counter-Strike: Source Valve 11.10.2009 3.843,00MB 1.0.0.0 Demo von StarCraft II Blizzard Entertainment 13.08.2012 1.0.0.17759 Deus Ex 30.09.2011 Diablo III Blizzard Entertainment 30.08.2012 1.0.4.11327 DivX Plus Web Player DivX,Inc. 30.01.2010 2.0.0 Dragon Age: Origins Electronic Arts, Inc. 04.04.2012 1.00 Duty Calls Duty Calls 08.02.2011 542,00MB 1.00.0000 EA Network Play System 18.12.2011 EASEUS Partition Master 4.0 Home Edition EASEUS 29.08.2009 ESET Online Scanner v3 26.07.2012 FoxTab Video Converter Free Audio CD Burner version 1.5.3.920 DVDVideoSoft Ltd. 16.12.2011 Free CD to MP3 Converter 23.11.2010 Free Studio version 5.0.2 DVDVideoSoft Limited. 25.12.2010 Free YouTube Download version 3.0.20.1228 DVDVideoSoft Ltd. 21.01.2012 Free YouTube to MP3 Converter version 3.10.15.1228 DVDVideoSoft Ltd. 23.01.2012 GameRanger GameRanger Technologies 21.10.2010 Google Chrome Google Inc. 30.01.2010 21.0.1180.83 Google Earth Plug-in Google 14.11.2011 40,92MB 6.1.0.5001 Grand Theft Auto IV Rockstar Games 16.07.2012 1.00.0000 Grand Theft Auto: Episodes From Liberty City Rockstar Games 18.04.2010 1.1.0.0 Hama Black Force Pad 2007.01.01 HD View Microsoft Research 17.03.2010 2,58MB 3.3.0 High Definition Audio - KB888111 Microsoft Corporation 20040219.000000 HP Customer Participation Program 14.0 HP 19.05.2012 14.0 HP Document Viewer 7.0 HP 18.10.2009 7.0 HP Imaging Device Functions 14.0 HP 19.05.2012 14.0 HP Photosmart Premier Software 6.5 HP 18.10.2009 6.5 HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 HP 19.05.2012 14.0 HP Photosmart, Officejet and Deskjet 7.0.A HP 18.10.2009 HP Product Detection HP 05.06.2012 1,87MB 11.14.0001 HP Smart Web Printing 4.60 HP 19.05.2012 4.60 HP Solution Center 14.0 HP 19.05.2012 14.0 HP Update Hewlett-Packard 05.06.2012 3,98MB 5.003.001.001 HydraVision ATI Technologies Inc. 29.08.2009 5,14MB 4.0.2.0 ICQ Update Patch 1.9 murb.com 06.04.2011 ICQ6.5 ICQ 05.09.2009 6.5 iTunes Apple Inc. 30.04.2010 159,00MB 9.1.1.12 Java(TM) 7 Update 5 Oracle 26.07.2012 101,00MB 7.0.50 Jumblo Finarea S.A. Switzerland 01.12.2010 4.07 build 617 K-Lite Codec Pack 5.2.0 (Basic) 25.10.2009 5.2.0 Logitech Gaming Software 8.12 Logitech Inc. 20.11.2011 21,92MB 8.12.030 Malwarebytes Anti-Malware Version 1.62.0.1300 Malwarebytes Corporation 20.07.2012 1.62.0.1300 Mercury Microsoft .NET Framework 2.0 Language Pack - DEU Microsoft Corporation 29.08.2009 Microsoft .NET Framework 2.0 Service Pack 2 Microsoft Corporation 23.07.2012 185,00MB 2.2.30729 Microsoft .NET Framework 3.0 German Language Pack Microsoft Corporation 29.08.2009 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft Corporation 23.07.2012 239,00MB 3.2.30729 Microsoft .NET Framework 3.5 SP1 Microsoft Corporation 23.07.2012 Microsoft .NET Framework 4 Client Profile Microsoft Corporation 23.07.2012 4.0.30319 Microsoft .NET Framework 4 Extended Microsoft Corporation 09.04.2012 4.0.30319 Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Corporation 29.02.2012 1 Microsoft Games for Windows - LIVE Microsoft Corporation 28.01.2011 6,01MB 3.4.54.0 Microsoft Games for Windows - LIVE Redistributable Microsoft Corporation 15.05.2011 32,72MB 3.5.88.0 Microsoft Office Professional Edition 2003 Microsoft Corporation 30.08.2012 653,00MB 11.0.8173.0 Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Corporation 29.08.2009 Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 05.12.2011 4,64MB 8.0.59193 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 05.12.2011 4,44MB 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 Microsoft Corporation 24.07.2012 11,10MB 9.0.30411 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 18.10.2010 10,29MB 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 11.10.2009 10,28MB 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 07.11.2010 10,19MB 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 03.07.2011 10,20MB 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 09.04.2012 14,97MB 10.0.40219 Microsoft Visual J# .NET Redistributable Package 1.1 Microsoft 06.11.2010 11,41MB 1.1.4322 Microsoft WinUsb 2.0 Microsoft Corporation 01.06.2012 Microsoft WSE 3.0 Runtime Microsoft Corp. 27.12.2009 0,92MB 3.0.5305.0 Mozilla Firefox 15.0 (x86 de) Mozilla 30.08.2012 15.0 Mozilla Maintenance Service Mozilla 30.08.2012 15.0 Mp3tag v2.48 Florian Heidenreich 11.02.2011 v2.48 MSXML 4.0 SP2 (KB954430) Microsoft Corporation 11.10.2010 1,42MB 4.20.9870.0 MSXML 4.0 SP2 (KB973688) Microsoft Corporation 11.10.2010 2,77MB 4.20.9876.0 MSXML 6.0 Parser (KB925673) Microsoft Corporation 29.08.2009 1,31MB 6.00.3888.0 MSXML4 Parser Microsoft Game Studios 26.12.2009 1,25MB 1.0.0 Need for Speed 05.05.2011 Need For Speed III 15.05.2011 Need for Speed(TM) Hot Pursuit Electronic Arts 05.05.2011 7.922,00MB 1.0.0.0 Nero 9 Lite Nero AG 16.03.2010 NVIDIA PhysX NVIDIA Corporation 08.10.2009 121,00MB 9.09.0203 OCR Software by I.R.I.S 7.0 HP 18.10.2009 7.0 OpenAL 26.09.2011 OpenOffice.org 3.4 OpenOffice.org 24.07.2012 310,00MB 3.4.9590 OpenRA IJW Software (New Zealand) 16.10.2011 OpenVPN 2.1_rc20 11.01.2010 2.1_rc20 Paint.NET v3.5.6 dotPDN LLC 04.12.2010 14,29MB 3.56.0 Pando Media Booster Pando Networks Inc. 13.06.2012 2.6.0.7 PDFCreator Frank Heindörfer, Philip Chinery 26.02.2010 0.9.9 PunkBuster Services Even Balance, Inc. 06.09.2009 0.986 QuickTime Apple Inc. 30.04.2010 73,79MB 7.66.71.0 REALTEK GbE & FE Ethernet PCI-E NIC Driver Realtek 29.08.2009 1.20.0000 Realtek High Definition Audio Driver Realtek Semiconductor Corp. 17.10.2010 5.10.0.6215 Red Alert Windows 95 30.08.2012 RMVB Player 1.0.1 vsevensoft.com 29.02.2012 Seagate Dashboard Memeo Inc. 28.12.2011 1.0.0.809 Shop for HP Supplies HP 19.05.2012 14.0 Six Updater Six Projects 25.07.2012 38,78MB 2.09.7016 Skype Click to Call Skype Technologies S.A. 06.12.2011 14,39MB 5.6.8442 Skype™ 5.10 Skype Technologies S.A. 08.08.2012 19,32MB 5.10.116 Steam(TM) Valve 11.10.2009 16,58MB 1.0.0.0 SUPERAntiSpyware SUPERAntiSpyware.com 26.07.2012 5.5.1012 System Requirements Lab Husdawg, LLC 26.10.2009 0,40MB 4.1.14.0 TeamSpeak 3 Client TeamSpeak Systems GmbH 22.07.2012 The Core Media Player 4.0 29.02.2012 The Rosetta Stone 20.10.2010 Total War: SHOGUN 2 The Creative Assembly 07.12.2011 Tunngle beta Tunngle.net GmbH 02.01.2011 Uninstall 1.0.0.1 10.05.2011 VLC media player 1.1.4 VideoLAN 24.10.2010 1.1.4 Warcraft II BNE 01.11.2009 Warcraft III 30.08.2012 Winamp Nullsoft, Inc 23.07.2011 5.621 Winamp Erkennungs-Plug-in Nullsoft, Inc 23.07.2011 1.0.0.1 Windows Internet Explorer 8 Microsoft Corporation 09.04.2012 20090308.140743 Windows Live Essentials Microsoft Corporation 27.08.2012 14.0.8117.0416 Windows Live ID Sign-in Assistant Microsoft Corporation 04.01.2011 4,69MB 6.500.3165.0 Windows Live-Uploadtool Microsoft Corporation 03.09.2009 0,22MB 14.0.8014.1029 Windows Media Format 11 runtime 29.02.2012 Windows Media Player 11 29.02.2012 Windows XP Service Pack 3 Microsoft Corporation 29.08.2009 20080414.031514 XCC Utilities 1.46 21.12.2010 Yahoo! Messenger Yahoo! Inc. 30.08.2012 µTorrent 11.05.2012 3.1.3 Code:
ATTFilter OTL Extras logfile created on: 30.08.2012 21:35:28 - Run 4
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Dokumente und Einstellungen\Pascalo\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,25 Gb Total Physical Memory | 2,52 Gb Available Physical Memory | 77,55% Memory free
5,09 Gb Paging File | 4,34 Gb Available in Paging File | 85,35% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 19,53 Gb Total Space | 1,26 Gb Free Space | 6,44% Space Free | Partition Type: NTFS
Drive F: | 149,04 Gb Total Space | 0,20 Gb Free Space | 0,14% Space Free | Partition Type: NTFS
Drive M: | 278,55 Gb Total Space | 2,01 Gb Free Space | 0,72% Space Free | Partition Type: NTFS
Computer Name: MIX-COMPUTER | User Name: Pascalo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Programme\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"57355:TCP" = 57355:TCP:*:Enabled:Pando Media Booster
"57355:UDP" = 57355:UDP:*:Enabled:Pando Media Booster
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"57355:TCP" = 57355:TCP:*:Enabled:Pando Media Booster
"57355:UDP" = 57355:UDP:*:Enabled:Pando Media Booster
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hposfx08.exe" = C:\Programme\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hposid01.exe" = C:\Programme\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Programme\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hpoews01.exe" = C:\Programme\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Programme\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpofxs08.exe" = C:\Programme\HP\Digital Imaging\bin\hpofxs08.exe:*:Enabled:hpofxs08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Programme\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Programme\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Programme\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\HP Software Update\hpwucli.exe" = C:\Programme\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Programme\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Programme\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
"C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\ICQ6.5\ICQ.exe" = C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"M:\Operation Flashpoint\FlashpointResistance.exe" = M:\Operation Flashpoint\FlashpointResistance.exe:*:Enabled:Operation Flashpoint -- ()
"C:\Programme\Java\jre6\bin\java.exe" = C:\Programme\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary
"M:\Star Wars JK II Jedi Outcast\GameData\jk2mp.exe" = M:\Star Wars JK II Jedi Outcast\GameData\jk2mp.exe:*:Enabled:jk2mp
"C:\Dokumente und Einstellungen\Pascalo\Lokale Einstellungen\Temp\hp_webrelease\setup\HPZnet01.exe" = C:\Dokumente und Einstellungen\Pascalo\Lokale Einstellungen\Temp\hp_webrelease\setup\HPZnet01.exe:*:Enabled:hpznet01.exe
"C:\Dokumente und Einstellungen\Pascalo\Lokale Einstellungen\Temp\hp_webrelease\setup\hponicifs01.exe" = C:\Dokumente und Einstellungen\Pascalo\Lokale Einstellungen\Temp\hp_webrelease\setup\hponicifs01.exe:*:Enabled:hponicifs01.exe
"C:\Programme\HP\Digital Imaging\bin\hpqscnvw.exe" = C:\Programme\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe
"C:\Programme\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Programme\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Programme\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- (Hewlett-Packard)
"C:\Programme\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Programme\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"M:\Dragon Age - Origins\bin_ship\daorigins.exe" = M:\Dragon Age - Origins\bin_ship\daorigins.exe:*:Enabled:Dragon Age Origins Game -- (BioWare)
"M:\Dragon Age - Origins\DAOriginsLauncher.exe" = M:\Dragon Age - Origins\DAOriginsLauncher.exe:*:Enabled:Dragon Age Origins Launcher -- (BioWare)
"M:\Dragon Age - Origins\bin_ship\daupdatersvc.service.exe" = M:\Dragon Age - Origins\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Origins Updater -- (BioWare)
"M:\StarCraft II\Versions\Base15405\SC2.exe" = M:\StarCraft II\Versions\Base15405\SC2.exe:*:Enabled:StarCraft II
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Programme\Skype\Plugin Manager\skypePM.exe" = C:\Programme\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"M:\FIFA 11\Game\fifa.exe" = M:\FIFA 11\Game\fifa.exe:*:Enabled:FIFA 11
"M:\Programme\Jumblo\Jumblo.exe" = M:\Programme\Jumblo\Jumblo.exe:*:Enabled:Jumblo -- (Jumblo)
"M:\Programme\Tunngle\TnglCtrl.exe" = M:\Programme\Tunngle\TnglCtrl.exe:*:Enabled:Tunngle Service -- (Tunngle.net GmbH)
"M:\Programme\Tunngle\Tunngle.exe" = M:\Programme\Tunngle\Tunngle.exe:*:Enabled:Tunngle Client -- (Tunngle.net GmbH)
"M:\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe" = M:\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV -- (Sony DADC Austria AG)
"C:\Programme\Yahoo!\Messenger\YahooMessenger.exe" = C:\Programme\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"M:\Need for Speed - Hot Pursuit\Launcher.exe" = M:\Need for Speed - Hot Pursuit\Launcher.exe:*:Enabled:Need for Speed(TM) Hot Pursuit -- (Electronic Arts)
"M:\OpenRA\OpenRA.Game.exe" = M:\OpenRA\OpenRA.Game.exe:*:Enabled:OpenRA -- ( )
"C:\Programme\SIX Projects\Six Updater\tools\bin\rsync.exe" = C:\Programme\SIX Projects\Six Updater\tools\bin\rsync.exe:*:Enabled:rsync -- ()
"M:\Steam\steam.exe" = M:\Steam\steam.exe:*:Enabled:Steam -- (Valve Corporation)
"M:\Steam\SteamApps\common\empire total war\Empire.exe" = M:\Steam\SteamApps\common\empire total war\Empire.exe:*:Enabled:Empire: Total War -- (The Creative Assembly Ltd)
"M:\Resident Evil 5\RE5DX9.EXE" = M:\Resident Evil 5\RE5DX9.EXE:*:Enabled:RESIDENT EVIL 5
"M:\Need for Speed IV - Brennender Asphalt\nfshs.exe" = M:\Need for Speed IV - Brennender Asphalt\nfshs.exe:*:Enabled:Need For Speed - High Stakes -- (Electronic Arts, Inc.)
"M:\eMule\emule.exe" = M:\eMule\emule.exe:*:Enabled:eMule
"M:\Downloads\Batman.Arkham.City.PC.English.2011\Binaries\Win32\BatmanAC.exe" = M:\Downloads\Batman.Arkham.City.PC.English.2011\Binaries\Win32\BatmanAC.exe:*:Enabled:Batman: Arkham City
"M:\Batman.Arkham.City.PC.English.2011\Binaries\Win32\BatmanAC.exe" = M:\Batman.Arkham.City.PC.English.2011\Binaries\Win32\BatmanAC.exe:*:Enabled:Batman: Arkham City -- (Rocksteady Studios Ltd.)
"M:\Die Siedler II - Die nächste Generation\bin\S2DNG.exe" = M:\Die Siedler II - Die nächste Generation\bin\S2DNG.exe:*:Enabled:S2DNG
"M:\Dawn of War\W40k.exe" = M:\Dawn of War\W40k.exe:*:Enabled:W40K
"M:\Steam\SteamApps\the_tacitus\counter-strike source\hl2.exe" = M:\Steam\SteamApps\the_tacitus\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source
"M:\ArmA 2\Expansion\beta\arma2oa.exe" = M:\ArmA 2\Expansion\beta\arma2oa.exe:*:Enabled:ArmA 2 OA -- (Bohemia Interactive)
"M:\Programme\uTorrent\uTorrent.exe" = M:\Programme\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hposfx08.exe" = C:\Programme\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hposid01.exe" = C:\Programme\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Programme\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hpoews01.exe" = C:\Programme\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Programme\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpofxs08.exe" = C:\Programme\HP\Digital Imaging\bin\hpofxs08.exe:*:Enabled:hpofxs08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Programme\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Programme\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Programme\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\HP Software Update\hpwucli.exe" = C:\Programme\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Programme\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Programme\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
"C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"M:\Steam\SteamApps\common\total war shogun 2\Shogun2.exe" = M:\Steam\SteamApps\common\total war shogun 2\Shogun2.exe:*:Enabled:Total War: SHOGUN 2 -- (The Creative Assembly Ltd)
"M:\Steam\SteamApps\common\total war shogun 2\data\encyclopedia\how_to_play.html" = M:\Steam\SteamApps\common\total war shogun 2\data\encyclopedia\how_to_play.html:*:Enabled:Total War: SHOGUN 2 -- ()
"M:\Steam\SteamApps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat" = M:\Steam\SteamApps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat:*:Enabled:Total War: SHOGUN 2 -- ()
"M:\Steam\SteamApps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat" = M:\Steam\SteamApps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat:*:Enabled:Total War: SHOGUN 2 -- ()
"M:\ArmA 2\arma2.exe" = M:\ArmA 2\arma2.exe:*:Enabled:ArmA 2 -- (Bohemia Interactive)
"M:\ArmA 2\arma2OA.exe" = M:\ArmA 2\arma2OA.exe:*:Enabled:ArmA 2 Operation Arrowhead -- (Bohemia Interactive)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{014E482A-0C27-47E3-BA82-307E9DCA2F47}" = HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{036138A4-CE69-54B3-EC3A-22EC160303E0}" = CCC Help Czech
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{05D08C4D-58A2-438B-A419-EE994E64E15D}" = B110
"{069730C2-755A-485B-A205-27A1AAFA836A}" = InstantShareAlert
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0A65A3BD-54B5-4d0d-B084-7688507813F5}" = SlideShow
"{0A68C819-3333-E57F-5881-D3FE31C1F2D5}" = CCC Help Turkish
"{0AEB967F-1D12-43C8-A59C-D93DA8EE4A4E}" = Duty Calls
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{15C0AF59-4877-49B6-B8C6-A61CE54515F5}" = cp_OnlineProjectsConfig
"{1A655D51-1423-48A3-B748-8F5A0BE294C8}" = Microsoft Visual J# .NET Redistributable Package 1.1
"{1A9DEF19-760C-4e01-958F-D9B8E6C61B90}" = c5100_Help
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23481C75-AA13-858C-C707-51D7744F2309}" = CCC Help English
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{288DB08D-0708-4A94-B055-55B99E39EB62}" = Adobe Creative Suite 5 Master Collection
"{289338AE-2213-4509-AED2-450414C1260C}_is1" = ICQ Update Patch 1.9
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2D8CED57-CCDB-4D86-9087-3BBCAE8F8F22}" = Six Updater
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2F58D60D-2BFD-4467-9B4D-64E7355C329D}" = Sonic_PrimoSDK
"{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3179E96B-2CCF-A00A-5738-4C14DBA0DACA}" = CCC Help Chinese Traditional
"{32477761-57AE-4D26-A493-9AA1658B6615}" = ATI AVIVO Codecs
"{33BF0960-DBA3-4187-B6CC-C969FCFA2D25}" = SkinsHP1
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone
"{3BDCECE1-F7F8-81E3-EE26-AF8FD5172A56}" = CCC Help German
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{41B4F085-82E5-C9C2-9AB3-65D67EF60883}" = CCC Help Italian
"{41E776A5-9B12-416D-9A12-B4F7B044EBED}" = CP_Package_Basic1
"{498A4E3D-562E-4129-8722-6DCAB12384AE}" = Windows Communication Foundation Language Pack - DEU
"{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}" = Hama Black Force Pad
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}" = OpenOffice.org 3.4
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{5454083B-1308-4485-BF17-111000028701}" = Grand Theft Auto: Episodes from Liberty City
"{5454083B-1308-4485-BF17-111000038701}" = Grand Theft Auto: Episodes from Liberty City
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{565E7B0E-B76B-4EAD-9753-F1E72A5CF12E}" = HPAppStudio
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{59A86970-E9AB-0D1D-A269-2381A89F0CF2}" = Catalyst Control Center InstallProxy
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5DCB68D8-686F-0550-6DD3-957A366F8F99}" = CCC Help Norwegian
"{5ECB3A3C-980B-4D12-9724-25DCB07A1F47}" = iTunes
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}" = Grand Theft Auto: Episodes From Liberty City
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{639673E9-D53F-44F4-A046-485C8A6ADA15}" = Paint.NET v3.5.6
"{653B7F6E-F594-4B55-61BA-78F8FE6E500A}" = CCC Help Finnish
"{6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C}" = RandMap
"{66D6F3BD-CA23-41A4-9FA3-96B26B32528C}" = Command & Conquer The First Decade
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{69101ED4-FAEB-44EE-1A0E-0602CD6458F3}" = Catalyst Control Center
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69ebe133-29a9-4c62-ae28-1509b988d81e}.sdb" = Mercury
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7228FD8C-3B9E-4204-AE36-8A466107685B}" = Windows Workflow Foundation DE Language Pack
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{7596C248-4816-4C6F-8AAC-D8C81F2B4B49}" = HD View
"{76B0FAA5-C23B-58E8-EB51-1195A4D6BEB7}" = Catalyst Control Center Localization All
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7C03270C-4FAB-4F5C-B10D-52FEDA190790}" = DocumentViewerQFolder
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{821CF756-EDC0-5A8C-6ECA-3F4682DEAFD1}" = CCC Help French
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed(TM) Hot Pursuit
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}" = DocProc
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{8E4B1BE8-DCF3-4B90-A726-B28107442623}" = SolutionCenter
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FB7E2C1-13A7-F9A0-277F-8CFB5B198E7E}" = CCC Help Polish
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92DF2F1B-F63C-4D9A-B3E1-B2D11AE29790}" = Windows Presentation Foundation Language Pack (DEU)
"{93FF055C-7E0B-4E26-AAFB-2C4333E2D7D0}" = Logitech Gaming Software 8.12
"{950A97A5-F8AF-26C7-8F8B-47F7C1F03363}" = CCC Help Portuguese
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9580813D-94B1-4C28-9426-A441E2BB29A5}" = Counter-Strike: Source
"{96A092BE-173D-6824-14FD-1C8C0477C1D1}" = CCC Help Greek
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy
"{999EDFF6-2F0E-41EE-8445-DB81404366B3}_is1" = 2027 version 1.2
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BA4C082-183A-4869-06DB-4F563355D33F}" = CCC Help Spanish
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}" = Apple Mobile Device Support
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A29800BA-0BF1-4E63-9F31-DF05A87F4104}" = InstantShareDevices
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A997829F-090A-06FC-ADDA-B907E0D2562E}" = AMD Catalyst Install Manager
"{AB4FE709-7AC5-A7FF-A947-A110CEFCB074}" = CCC Help Hungarian
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC08BBA0-96B9-431A-A7D0-D8598E493775}" = RESIDENT EVIL 5
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B2157760-AA3C-4E2E-BFE6-D20BC52495D9}" = cp_PosterPrintConfig
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B3B9BC18-2A09-4728-9B46-12E85FF3F628}" = C5100
"{B6286A44-7505-471A-A72B-04EC2DB2F442}" = CueTour
"{B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3}" = CP_Panorama1Config
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B802B2D2-C777-1876-8204-C0F360CBF955}" = CCC Help Dutch
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BBC2068D-CE9C-48F5-A6EA-4B44B9DB14A5}" = Catalyst Control Center - Branding
"{BBFB2E59-B0DB-42C8-8F4D-CF4E85471667}" = Toolbox
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C1C6767D-B395-43CB-BF99-051B58B86DA6}" = PhotoGallery
"{C3A11907-930D-41AC-A135-CC3B12F92011}" = Seagate Dashboard
"{C6BD88D1-A8D3-B46F-781E-80A6A6927E09}" = CCC Help Chinese Standard
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D3CD290C-C254-F440-962D-F9D0E60DD3F4}" = CCC Help Danish
"{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}" = COMODO Internet Security
"{d75b9df1-3507-4b65-9df8-a4a6e70dc800}" = Nero 9 Lite
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA3DB4D7-429D-4292-F855-C47C6EA1AFF8}" = CCC Help Thai
"{DE464235-13EC-F0E2-2608-9A8103F52DF8}" = CCC Help Japanese
"{E26A5188-EFCA-4C98-B942-C8BBE8F8110C}" = Advanced Combat Radio Environment
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{E8AEA11B-E60A-455E-B008-E4E763604612}" = Browser Configuration Utility
"{E8D9FAA2-D3DB-7FA3-3FFE-0AC935251F99}" = CCC Help Swedish
"{ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F}" = CP_CalendarTemplates1
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F2A7F421-1679-48D5-B918-96999014ED53}" = Microsoft .NET Framework 3.0 German Language Pack
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{F748B53A-A58F-17B4-F380-08EF92B6A6F4}" = CCC Help Korean
"{F80BD4BC-06B8-488E-A62E-C4755013DD71}" = Network
"{F88E2E04-7EF5-488C-8E38-C94EB808458E}" = PS_AIO_07_B110_SW_Min
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FA584B62-7ECF-A981-0D1E-A8BE67C604DB}" = Catalyst Control Center Graphics Previews Common
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"{FBFC6AFA-082C-CBEC-3D28-1EE9CA16D029}" = ccc-utility
"{FCCDE84B-0154-459E-A8F2-C6B3FA5C1881}" = HydraVision
"{FE7E1DD7-EBCE-4696-ADE2-22BDBF2372DA}" = DocumentViewer
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FF9B0E3E-9D2E-2560-EEA2-BB35A369C491}" = CCC Help Russian
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ArmA 2" = ArmA 2 Uninstall
"ARMA 2 Operation Arrowhead" = ARMA 2 Operation Arrowhead Uninstall
"Audacity_is1" = Audacity 1.2.6
"AVS Audio Converter 6.1_is1" = AVS Audio Converter version 6.1
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"BattlEye for OA" = BattlEye for OA Uninstall
"CCleaner" = CCleaner
"CL-Eye Driver" = CL-Eye Driver
"Comodo Dragon" = Comodo Dragon
"Cool Edit Pro 2.0" = Cool Edit Pro 2.0
"Demo von StarCraft II" = Demo von StarCraft II
"Deus Ex" = Deus Ex
"Diablo III" = Diablo III
"EASEUS Partition Master Home Edition_is1" = EASEUS Partition Master 4.0 Home Edition
"ESET Online Scanner" = ESET Online Scanner v3
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.5.3.920
"Free CD to MP3 Converter" = Free CD to MP3 Converter
"Free Studio_is1" = Free Studio version 5.0.2
"Free YouTube Download_is1" = Free YouTube Download version 3.0.20.1228
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.15.1228
"Google Chrome" = Google Chrome
"HP Document Viewer" = HP Document Viewer 7.0
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.5
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"HPOCR" = OCR Software by I.R.I.S 7.0
"ie8" = Windows Internet Explorer 8
"Jumblo_is1" = Jumblo
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.2.0 (Basic)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
"Microsoft .NET Framework 3.0 German Language Pack" = Microsoft .NET Framework 3.0 German Language Pack
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 15.0 (x86 de)" = Mozilla Firefox 15.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.48
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Need for Speed High Stakes" = Need for Speed
"Need For Speed III" = Need For Speed III
"Network Play System" = EA Network Play System
"OpenAL" = OpenAL
"OpenRA" = OpenRA
"OpenVPN" = OpenVPN 2.1_rc20
"PunkBusterSvc" = PunkBuster Services
"Red Alert" = Red Alert Windows 95
"RMVB Player_is1" = RMVB Player 1.0.1
"Shop for HP Supplies" = Shop for HP Supplies
"Steam App 34330" = Total War: SHOGUN 2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"The Core Media Player" = The Core Media Player 4.0
"The Rosetta Stone" = The Rosetta Stone
"Tunngle beta_is1" = Tunngle beta
"Uninstall_is1" = Uninstall 1.0.0.1
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.4
"Warcraft II BNE" = Warcraft II BNE
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"winusb0200" = Microsoft WinUsb 2.0
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XCC Utilities" = XCC Utilities 1.46
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"Yahoo! Messenger" = Yahoo! Messenger
"ZoneAlarm LTD Toolbar" = ZoneAlarm LTD Toolbar
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FoxTab Video Converter" = FoxTab Video Converter
"GameRanger" = GameRanger
"Warcraft III" = Warcraft III
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 30.06.2012 17:37:13 | Computer Name = MIX-COMPUTER | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung Game.exe, Version 1.0.0.1, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 30.06.2012 17:37:16 | Computer Name = MIX-COMPUTER | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung Game.exe, Version 1.0.0.1, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 04.07.2012 16:56:59 | Computer Name = MIX-COMPUTER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung rundll32.exe, Version 5.1.2600.5512, fehlgeschlagenes
Modul gdiplus.dll, Version 5.2.6002.22509, Fehleradresse 0x0000f47d.
Error - 04.07.2012 16:57:11 | Computer Name = MIX-COMPUTER | Source = | ID = 0
Description =
Error - 04.07.2012 16:57:11 | Computer Name = MIX-COMPUTER | Source = | ID = 0
Description =
Error - 04.07.2012 16:57:22 | Computer Name = MIX-COMPUTER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung drwtsn32.exe, Version 5.1.2600.0, fehlgeschlagenes
Modul dbghelp.dll, Version 5.1.2600.5512, Fehleradresse 0x0001295d.
Error - 04.07.2012 16:59:14 | Computer Name = MIX-COMPUTER | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung Game.exe, Version 1.0.0.1, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 04.07.2012 16:59:26 | Computer Name = MIX-COMPUTER | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung Game.exe, Version 1.0.0.1, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 04.07.2012 17:05:32 | Computer Name = MIX-COMPUTER | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung rundll32.exe, Version 5.1.2600.5512, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 04.07.2012 17:05:44 | Computer Name = MIX-COMPUTER | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung rundll32.exe, Version 5.1.2600.5512, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
[ System Events ]
Error - 30.08.2012 13:01:21 | Computer Name = MIX-COMPUTER | Source = Service Control Manager | ID = 7031
Description = Der Dienst "SAS Core Service" wurde unerwartet beendet. Dies ist bereits
1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt:
Starten Sie den Dienst neu..
Error - 30.08.2012 13:01:21 | Computer Name = MIX-COMPUTER | Source = Service Control Manager | ID = 7034
Description = Dienst "COMODO Dragon Update Service" wurde unerwartet beendet. Dies
ist bereits 1 Mal passiert.
Error - 30.08.2012 13:01:22 | Computer Name = MIX-COMPUTER | Source = Service Control Manager | ID = 7034
Description = Dienst "Java Quick Starter" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 30.08.2012 13:01:23 | Computer Name = MIX-COMPUTER | Source = Service Control Manager | ID = 7034
Description = Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal
passiert.
Error - 30.08.2012 13:01:23 | Computer Name = MIX-COMPUTER | Source = Service Control Manager | ID = 7034
Description = Dienst "Seagate Dashboard Service" wurde unerwartet beendet. Dies
ist bereits 1 Mal passiert.
Error - 30.08.2012 13:01:23 | Computer Name = MIX-COMPUTER | Source = Service Control Manager | ID = 7034
Description = Dienst "TunngleService" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 30.08.2012 13:01:23 | Computer Name = MIX-COMPUTER | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Windows Live ID Sign-in Assistant" wurde unerwartet beendet.
Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000
Millisekunden durchgeführt: Starten Sie den Dienst neu..
Error - 30.08.2012 13:04:06 | Computer Name = MIX-COMPUTER | Source = Service Control Manager | ID = 7000
Description = Der Dienst "StarOpen" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 30.08.2012 15:11:48 | Computer Name = MIX-COMPUTER | Source = Windows Update Agent | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x8007f00c fehlgeschlagen: Sicherheitsupdate für Windows*XP Service Pack*3
(KB973540)
Error - 30.08.2012 15:21:27 | Computer Name = MIX-COMPUTER | Source = Service Control Manager | ID = 7000
Description = Der Dienst "StarOpen" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
< End of report >
Code:
ATTFilter OTL logfile created on: 31.08.2012 00:55:27 - Run 5 OTL by OldTimer - Version 3.2.54.0 Folder = C:\Dokumente und Einstellungen\Pascalo\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,25 Gb Total Physical Memory | 1,45 Gb Available Physical Memory | 44,61% Memory free 5,09 Gb Paging File | 2,82 Gb Available in Paging File | 55,34% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 19,53 Gb Total Space | 1,14 Gb Free Space | 5,85% Space Free | Partition Type: NTFS Drive F: | 149,04 Gb Total Space | 0,20 Gb Free Space | 0,14% Space Free | Partition Type: NTFS Drive M: | 278,55 Gb Total Space | 2,01 Gb Free Space | 0,72% Space Free | Partition Type: NTFS Computer Name: MIX-COMPUTER | User Name: Pascalo | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.08.22 12:16:48 | 001,852,048 | ---- | M] () -- C:\Programme\Comodo\Dragon\dragon_updater.exe PRC - [2012.08.18 00:28:57 | 001,229,848 | ---- | M] (Google Inc.) -- C:\Programme\Google\Chrome\Application\chrome.exe PRC - [2012.07.26 00:21:27 | 000,161,776 | ---- | M] (Oracle Corporation) -- C:\Programme\Java\jre7\bin\jqs.exe PRC - [2012.07.20 14:06:32 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Pascalo\Desktop\OTL.exe PRC - [2012.03.11 21:13:22 | 001,983,232 | ---- | M] (COMODO) -- M:\Programme\COMODO\COMODO Internet Security\cmdagent.exe PRC - [2012.01.17 11:07:54 | 000,252,296 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe PRC - [2011.09.29 12:16:26 | 000,101,144 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech Gaming Software\LCore.exe PRC - [2011.08.12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Programme\SUPERAntiSpyware\SASCore.exe PRC - [2010.11.22 23:52:46 | 000,718,072 | ---- | M] (Tunngle.net GmbH) -- M:\Programme\Tunngle\TnglCtrl.exe PRC - [2010.04.30 16:47:00 | 000,014,088 | ---- | M] (Memeo) -- C:\Programme\Seagate\Seagate Dashboard\SeagateDashboardService.exe PRC - [2010.04.16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2009.08.18 12:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE PRC - [2009.08.18 12:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVCM.EXE PRC - [2008.04.14 07:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe ========== Modules (No Company Name) ========== MOD - [2012.08.22 12:16:48 | 001,852,048 | ---- | M] () -- C:\Programme\Comodo\Dragon\dragon_updater.exe MOD - [2012.08.18 00:28:55 | 000,442,392 | ---- | M] () -- C:\Programme\Google\Chrome\Application\21.0.1180.83\ppgooglenaclpluginchrome.dll MOD - [2012.08.18 00:28:54 | 012,236,824 | ---- | M] () -- C:\Programme\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll MOD - [2012.08.18 00:28:52 | 003,997,720 | ---- | M] () -- C:\Programme\Google\Chrome\Application\21.0.1180.83\pdf.dll MOD - [2012.08.18 00:27:36 | 000,526,872 | ---- | M] () -- C:\Programme\Google\Chrome\Application\21.0.1180.83\libglesv2.dll MOD - [2012.08.18 00:27:35 | 000,104,984 | ---- | M] () -- C:\Programme\Google\Chrome\Application\21.0.1180.83\libegl.dll MOD - [2012.08.18 00:27:23 | 000,144,424 | ---- | M] () -- C:\Programme\Google\Chrome\Application\21.0.1180.83\avutil-51.dll MOD - [2012.08.18 00:27:22 | 000,266,792 | ---- | M] () -- C:\Programme\Google\Chrome\Application\21.0.1180.83\avformat-54.dll MOD - [2012.08.18 00:27:21 | 002,480,680 | ---- | M] () -- C:\Programme\Google\Chrome\Application\21.0.1180.83\avcodec-54.dll MOD - [2012.07.27 22:51:38 | 000,301,056 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU MOD - [2012.07.23 03:10:45 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll MOD - [2012.07.23 03:10:16 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll MOD - [2012.07.23 02:57:59 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll MOD - [2012.07.23 02:57:38 | 001,592,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll MOD - [2012.07.23 02:53:06 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\92d58f840f549f9bd880783d43db7e3c\System.Runtime.Remoting.ni.dll MOD - [2012.07.23 02:52:38 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\016444dfc5f7e3d11c776f2fbc7a4594\Accessibility.ni.dll MOD - [2012.07.23 02:49:46 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll MOD - [2012.07.23 02:49:41 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll MOD - [2012.07.23 02:49:36 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll MOD - [2012.07.23 02:49:24 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll MOD - [2012.03.09 00:32:04 | 000,270,336 | ---- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll MOD - [2011.12.19 18:59:44 | 000,068,424 | ---- | M] () -- M:\Programme\COMODO\COMODO Internet Security\scanners\smart.cav MOD - [2011.11.20 16:19:31 | 000,026,112 | ---- | M] () -- C:\Programme\Logitech Gaming Software\plugins\PnpGamePanelDevices-8.12.049\PnpGamePanelDevices.dll MOD - [2011.11.20 16:19:30 | 000,070,656 | ---- | M] () -- C:\Programme\Logitech Gaming Software\plugins\SimInput-8.12.068\SimInput.dll MOD - [2011.11.20 16:19:28 | 000,467,456 | ---- | M] () -- C:\Programme\Logitech Gaming Software\plugins\MainUI-8.12.179\MainUI.dll MOD - [2011.11.20 16:19:24 | 000,206,336 | ---- | M] () -- C:\Programme\Logitech Gaming Software\plugins\G19Device-8.12.147\G19Device.dll MOD - [2011.11.20 16:19:23 | 000,189,952 | ---- | M] () -- C:\Programme\Logitech Gaming Software\plugins\G13Device-8.12.155\G13Device.dll MOD - [2011.11.20 16:19:23 | 000,086,016 | ---- | M] () -- C:\Programme\Logitech Gaming Software\plugins\DevMgr-8.12.077\DevMgr.dll MOD - [2011.11.20 16:19:22 | 000,090,112 | ---- | M] () -- C:\Programme\Logitech Gaming Software\plugins\DevBusHid-8.12.078\DevBusHid.dll MOD - [2011.11.20 16:19:22 | 000,088,064 | ---- | M] () -- C:\Programme\Logitech Gaming Software\plugins\DevBusBulk-8.12.076\DevBusBulk.dll MOD - [2010.07.06 16:32:40 | 001,572,855 | ---- | M] () -- M:\Programme\Tunngle\libeay32.dll MOD - [2010.03.16 12:22:12 | 000,014,848 | ---- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Core-Static\AxInterop.WBOCXLib.dll MOD - [2009.08.29 17:57:48 | 000,311,296 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2009.08.29 17:57:47 | 000,430,080 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll MOD - [2009.08.29 17:57:46 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll MOD - [2008.04.14 07:52:18 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll MOD - [2001.10.28 17:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll ========== Win32 Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- M:\Dragon Age -- (DAUpdaterSvc) SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt) SRV - [2012.08.30 19:12:50 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.08.22 12:16:48 | 001,852,048 | ---- | M] () [Auto | Running] -- C:\Programme\Comodo\Dragon\dragon_updater.exe -- (DragonUpdater) SRV - [2012.08.15 18:33:12 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.07.26 00:21:27 | 000,161,776 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.03.11 21:13:22 | 001,983,232 | ---- | M] (COMODO) [Auto | Running] -- M:\Programme\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent) SRV - [2011.08.12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Programme\SUPERAntiSpyware\SASCore.exe -- (!SASCORE) SRV - [2010.11.22 23:52:46 | 000,718,072 | ---- | M] (Tunngle.net GmbH) [Auto | Running] -- M:\Programme\Tunngle\TnglCtrl.exe -- (TunngleService) SRV - [2010.04.30 16:47:00 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Programme\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService) SRV - [2010.04.16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2009.10.02 00:18:30 | 000,036,352 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService) SRV - [2009.08.18 12:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2005.04.04 01:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [File_System | Auto | Stopped] -- -- (StarOpen) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2012.04.06 04:47:17 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv) DRV - [2012.03.11 21:13:48 | 000,097,760 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\inspect.sys -- (Inspect) DRV - [2012.03.11 21:13:46 | 000,494,968 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard) DRV - [2012.03.11 21:13:46 | 000,031,704 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp) DRV - [2012.03.11 21:13:44 | 000,018,056 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmderd.sys -- (cmderd) DRV - [2012.03.09 08:22:00 | 007,586,304 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2011.12.20 09:39:28 | 000,100,368 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtihdXP3.sys -- (AtiHDAudioService) DRV - [2011.11.20 16:19:30 | 000,019,720 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LGBusEnum.sys -- (LGBusEnum) DRV - [2011.11.20 16:19:30 | 000,014,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LGVirHid.sys -- (LGVirHid) DRV - [2011.11.20 16:19:22 | 000,041,880 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LGSHidFilt.Sys -- (LGSHidFilt) DRV - [2011.07.22 18:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV) DRV - [2011.07.12 23:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL) DRV - [2010.10.05 18:11:24 | 006,164,584 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2009.11.18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) DRV - [2009.11.18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2009.10.22 13:54:18 | 000,037,392 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\37346712.sys -- (37346712) DRV - [2009.10.09 23:31:10 | 000,315,408 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\3734671.sys -- (setup_9.0.0.722_05.04.2012_06-27drv) DRV - [2009.10.08 16:44:29 | 000,281,504 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2009.10.08 16:44:29 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2009.10.02 00:18:44 | 000,025,984 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tap0901.sys -- (tap0901) DRV - [2009.09.25 17:59:42 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\37346711.sys -- (37346711) DRV - [2009.09.16 08:02:40 | 000,027,136 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tap0901t.sys -- (tap0901t) TAP-Win32 Adapter V9 (Tunngle) DRV - [2009.08.29 17:40:18 | 000,721,904 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2009.07.13 16:51:12 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB) DRV - [2009.04.22 14:28:08 | 000,008,704 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\epmntdrv.sys -- (epmntdrv) DRV - [2009.04.22 14:28:06 | 000,003,072 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\EuGdiDrv.sys -- (EuGdiDrv) DRV - [2009.04.01 13:28:32 | 000,093,184 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV - [2008.12.25 11:32:32 | 003,721,664 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtKHDMI.sys -- (RTHDMIAzAudService) DRV - [2008.10.30 15:14:20 | 000,117,888 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2008.07.03 11:59:54 | 000,193,696 | ---- | M] (Jungo) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\windrvr6.sys -- (WinDriver6) DRV - [2008.04.14 00:26:08 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx) DRV - [2008.04.14 00:23:10 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm) DRV - [2007.04.16 16:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM) DRV - [2005.08.24 15:55:48 | 000,066,560 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x) DRV - [2005.08.10 16:06:28 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x) DRV - [2005.08.10 14:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x) DRV - [2005.05.16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x) DRV - [2004.08.04 14:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb) DRV - [2004.08.04 14:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKLM\..\SearchScopes,DefaultScope = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CA CE F8 B6 E8 86 CD 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.param.yahoo-fr: "" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: M:\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: M:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Programme\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Programme\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@research.microsoft.com/HDView: C:\Programme\Microsoft Research\HD View\nphdview.dll (Microsoft Research) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Programme\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Programme\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.05.19 17:52:47 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.08.30 19:12:56 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.08.30 19:15:58 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Programme\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.05.19 17:52:47 | 000,000,000 | ---D | M] [2009.08.29 17:09:55 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Pascalo\Anwendungsdaten\Mozilla\Extensions [2012.08.02 23:17:06 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Pascalo\Anwendungsdaten\Mozilla\Firefox\Profiles\cyt36d9u.default\extensions [2010.07.20 01:07:53 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Dokumente und Einstellungen\Pascalo\Anwendungsdaten\Mozilla\Firefox\Profiles\cyt36d9u.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012.07.25 23:55:48 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2011.12.06 21:11:40 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012.08.30 19:12:55 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll [2011.07.11 23:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Programme\mozilla firefox\plugins\npwachk.dll [2012.02.29 20:40:49 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Programme\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Programme\Google\Chrome\Application\21.0.1180.83\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Programme\Google\Chrome\Application\21.0.1180.83\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Dokumente und Einstellungen\Pascalo\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Skype Toolbars (Enabled) = C:\Dokumente und Einstellungen\Pascalo\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.270.7 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U27 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Programme\Mozilla Firefox\plugins\NPOFFICE.DLL CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Programme\Mozilla Firefox\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\nprpjplug.dll CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\nprjplug.dll CHR - plugin: Winamp Application Detector (Enabled) = C:\Programme\Mozilla Firefox\plugins\npwachk.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Programme\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: HD View (Enabled) = C:\Programme\Microsoft Research\HD View\nphdview.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: DivX Web Player (Enabled) = M:\Programme\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: iTunes Application Detector (Enabled) = M:\iTunes\Mozilla Plugins\npitunes.dll CHR - Extension: Skype Click to Call = C:\Dokumente und Einstellungen\Pascalo\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\ O1 HOSTS File: ([2012.01.14 19:32:36 | 000,000,850 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 192.168.0.189 HP001871526960 O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Programme\Gemeinsame Dateien\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [COMODO Internet Security] M:\Programme\COMODO\COMODO Internet Security\cfp.exe (COMODO) O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation) O4 - HKLM..\Run: [Launch LCore] C:\Programme\Logitech Gaming Software\LCore.exe (Logitech Inc.) O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Free YouTube Download - C:\Dokumente und Einstellungen\Pascalo\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Dokumente und Einstellungen\Pascalo\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1345424320093 (MUWebControl Class) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{94812E4A-6500-43D0-9469-EFCC88866307}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{94812E4A-6500-43D0-9469-EFCC88866307}: NameServer = 8.26.56.26,156.154.70.22 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Programme\SUPERAntiSpyware\SASWINLO.DLL) - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Pascalo\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Pascalo\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programme\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.08.29 15:25:38 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012.08.30 19:18:39 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Pascalo\Recent [2012.08.30 19:14:22 | 003,927,560 | ---- | C] (Piriform Ltd) -- C:\Dokumente und Einstellungen\Pascalo\Desktop\ccsetup322.exe [2012.08.30 18:57:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Pascalo\Desktop\Logs [2012.08.27 00:26:43 | 000,000,000 | ---D | C] -- M:\Dokumente und Einstellungen\Pascalo\Eigene Dateien\My Received Files [2012.08.13 02:50:32 | 000,000,000 | ---D | C] -- M:\Dokumente und Einstellungen\Pascalo\Eigene Dateien\StarCraft II Demo [2012.08.13 02:50:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Demo von StarCraft II [2012.08.03 00:57:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Pascalo\Desktop\Slender v0.9.5 [2012.08.02 22:46:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Pascalo\Desktop\Slender v0.9.1 ========== Files - Modified Within 30 Days ========== [2012.08.31 00:50:54 | 001,474,832 | ---- | M] () -- C:\WINDOWS\System32\drivers\sfi.dat [2012.08.31 00:33:17 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012.08.30 21:30:57 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1229272821-1935655697-839522115-1004.job [2012.08.30 21:21:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012.08.30 21:20:58 | 000,249,496 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012.08.30 21:12:50 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\Access.dat [2012.08.30 21:12:31 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2012.08.30 19:14:24 | 003,927,560 | ---- | M] (Piriform Ltd) -- C:\Dokumente und Einstellungen\Pascalo\Desktop\ccsetup322.exe [2012.08.30 14:58:57 | 000,356,864 | ---- | M] () -- C:\Dokumente und Einstellungen\Pascalo\Desktop\Bewerbung von Shurouk.pdf [2012.08.30 13:57:30 | 000,251,921 | ---- | M] () -- C:\Dokumente und Einstellungen\Pascalo\Desktop\bewerbungsf_doc_typewriter.pdf [2012.08.30 13:22:28 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012.08.29 23:21:38 | 003,116,822 | ---- | M] () -- C:\Dokumente und Einstellungen\Pascalo\Desktop\20120826184500!Louis_XIV_of_France.jpg [2012.08.21 23:59:46 | 000,001,777 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk [2012.08.20 03:59:44 | 000,057,856 | ---- | M] () -- C:\Dokumente und Einstellungen\Pascalo\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.08.15 18:33:11 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2012.08.15 18:33:11 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2012.08.15 03:30:00 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1229272821-1935655697-839522115-1004.job [2012.08.14 03:00:17 | 001,730,137 | ---- | M] () -- M:\Dokumente und Einstellungen\Pascalo\Eigene Dateien\www.egyptian-embassy.de_images_stories_visaform.pdf [2012.08.13 03:00:16 | 000,000,566 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Demo von StarCraft II.lnk [2012.08.12 18:11:32 | 000,197,622 | ---- | M] () -- C:\Dokumente und Einstellungen\Pascalo\Desktop\Bewerbungsfoto 224.bmp [2012.08.12 18:08:12 | 000,197,394 | ---- | M] () -- C:\Dokumente und Einstellungen\Pascalo\Desktop\Bewerbungsfoto gross.bmp [2012.08.09 14:31:56 | 000,000,741 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Comodo Dragon.lnk [2012.08.08 19:55:06 | 000,001,142 | ---- | M] () -- M:\Dokumente und Einstellungen\Pascalo\Eigene Dateien\ArmA2OA.cfg [2012.08.07 15:10:02 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat ========== Files Created - No Company Name ========== [2012.08.30 21:11:06 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2012.08.30 14:58:57 | 000,356,864 | ---- | C] () -- C:\Dokumente und Einstellungen\Pascalo\Desktop\Bewerbung von Shurouk.pdf [2012.08.30 13:57:28 | 000,251,921 | ---- | C] () -- C:\Dokumente und Einstellungen\Pascalo\Desktop\bewerbungsf_doc_typewriter.pdf [2012.08.29 23:21:37 | 003,116,822 | ---- | C] () -- C:\Dokumente und Einstellungen\Pascalo\Desktop\20120826184500!Louis_XIV_of_France.jpg [2012.08.14 03:00:17 | 001,730,137 | ---- | C] () -- M:\Dokumente und Einstellungen\Pascalo\Eigene Dateien\www.egyptian-embassy.de_images_stories_visaform.pdf [2012.08.13 02:50:32 | 000,000,566 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Demo von StarCraft II.lnk [2012.08.12 18:11:32 | 000,197,622 | ---- | C] () -- C:\Dokumente und Einstellungen\Pascalo\Desktop\Bewerbungsfoto 224.bmp [2012.08.12 18:07:09 | 000,197,394 | ---- | C] () -- C:\Dokumente und Einstellungen\Pascalo\Desktop\Bewerbungsfoto gross.bmp [2012.08.09 14:31:56 | 000,000,741 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Comodo Dragon.lnk [2012.08.08 14:53:22 | 000,000,884 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012.07.20 16:05:31 | 000,000,020 | ---- | C] () -- C:\Dokumente und Einstellungen\Pascalo\defogger_reenable [2012.05.29 07:36:40 | 000,067,464 | ---- | C] () -- C:\WINDOWS\System32\CLEyeDevices.dll [2012.05.19 17:27:06 | 000,231,379 | ---- | C] () -- C:\WINDOWS\hpoins47.dat [2012.05.19 17:27:06 | 000,000,601 | ---- | C] () -- C:\WINDOWS\hpomdl47.dat [2012.04.06 04:58:03 | 001,474,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfi.dat [2012.02.15 18:45:18 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2011.05.24 23:44:26 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll [2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2011.04.05 00:43:39 | 003,664,174 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-1229272821-1935655697-839522115-1004-0.dat [2011.04.05 00:43:38 | 000,254,102 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat [2011.01.02 22:26:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Access.dat [2010.11.18 22:39:26 | 000,002,644 | ---- | C] () -- C:\Dokumente und Einstellungen\Pascalo\.recently-used.xbel [2009.10.18 16:48:15 | 000,000,034 | ---- | C] () -- C:\Dokumente und Einstellungen\Pascalo\.gtk-bookmarks [2009.10.08 22:27:18 | 000,027,963 | ---- | C] () -- C:\Dokumente und Einstellungen\Pascalo\Anwendungsdaten\OFMissionEditorConfig.xml [2009.09.08 00:08:47 | 000,057,856 | ---- | C] () -- C:\Dokumente und Einstellungen\Pascalo\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.09.06 22:56:52 | 000,022,328 | ---- | C] () -- C:\Dokumente und Einstellungen\Pascalo\Anwendungsdaten\PnkBstrK.sys [2009.08.29 15:35:13 | 000,000,140 | ---- | C] () -- C:\Dokumente und Einstellungen\Pascalo\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat ========== LOP Check ========== [2009.12.26 14:52:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Age of Empires 3 [2012.06.01 01:01:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Battle.net [2010.01.06 15:02:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BioWare [2011.12.16 15:15:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Canneverbe Limited [2012.04.06 03:16:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CheckPoint [2012.04.06 04:48:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CPA_VA [2009.08.29 17:43:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite [2011.05.05 22:49:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EA Core [2011.05.05 22:49:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Electronic Arts [2012.06.15 12:48:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PMB Files [2011.05.05 22:21:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Solidshield [2011.01.02 22:24:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Tunngle [2010.04.30 10:45:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2009.11.04 00:31:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{755AC846-7372-4AC8-8550-C52491DAA8BD} [2012.07.24 21:33:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Pascalo\Anwendungsdaten\ArmA II Launcher [2009.08.29 16:56:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Pascalo\Anwendungsdaten\Bump Technologies, Inc [2011.12.16 15:15:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Pascalo\Anwendungsdaten\Canneverbe Limited [2012.04.06 03:19:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Pascalo\Anwendungsdaten\CheckPoint [2012.02.29 03:42:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Pascalo\Anwendungsdaten\CoreCodec [2012.07.24 16:34:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Pascalo\Anwendungsdaten\DAEMON Tools Lite [2012.01.23 17:04:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Pascalo\Anwendungsdaten\DVDVideoSoft [2010.12.25 23:18:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Pascalo\Anwendungsdaten\DVDVideoSoftIEHelpers [2010.10.21 16:17:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Pascalo\Anwendungsdaten\GameRanger [2009.10.18 16:48:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Pascalo\Anwendungsdaten\gtk-2.0 [2012.06.20 21:51:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Pascalo\Anwendungsdaten\ICQ [2011.01.04 22:40:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Pascalo\Anwendungsdaten\Jumblo [2010.10.20 21:32:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Pascalo\Anwendungsdaten\Leadertech [2012.06.13 19:24:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Pascalo\Anwendungsdaten\LolClient2 [2011.02.08 22:20:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Pascalo\Anwendungsdaten\LucasArts [2011.02.11 17:55:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Pascalo\Anwendungsdaten\Mp3tag [2011.04.06 16:32:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Pascalo\Anwendungsdaten\OCS [2012.07.24 16:13:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Pascalo\Anwendungsdaten\OpenOffice.org [2011.04.06 16:32:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Pascalo\Anwendungsdaten\Opera [2009.09.20 19:52:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Pascalo\Anwendungsdaten\Red Alert 3 Demo [2011.12.28 16:58:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Pascalo\Anwendungsdaten\Seagate [2010.11.18 17:36:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Pascalo\Anwendungsdaten\six-rsync [2012.07.21 03:08:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Pascalo\Anwendungsdaten\six-updater [2011.08.06 19:23:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Pascalo\Anwendungsdaten\six-zsync [2011.12.05 18:16:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Pascalo\Anwendungsdaten\The Creative Assembly [2011.09.18 22:59:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Pascalo\Anwendungsdaten\Tunngle [2012.07.24 16:34:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Pascalo\Anwendungsdaten\uTorrent ========== Purity Check ========== < End of report > |
|
01.09.2012, 06:07
| #8 | |
| /// Helfer-Team | CLayoutEngine-Tooltip: YahooMessenger.exe - Abbild fehlerhaft 1. SUPERAntiSpyware FREE Edition kann deinstalliert werden 2. Zitat:
Code:
ATTFilter :OTL
DRV - [2009.10.22 13:54:18 | 000,037,392 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\37346712.sys -- (37346712)
DRV - [2009.10.09 23:31:10 | 000,315,408 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\3734671.sys -- (setup_9.0.0.722_05.04.2012_06-27drv)
DRV - [2009.09.25 17:59:42 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\37346711.sys -- (37346711)
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\..\SearchScopes,DefaultScope =
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found
:Files
C:\Dokumente und Einstellungen\Pascalo\Anwendungsdaten\CheckPoint
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
3. Alle Programme/Fenster schliessen reinige dein System mit CCleaner:
4. Vorbereitung
Den PC NUR online scannen und NICHT ein zweites Antivirenprogramm installieren!!!
► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
|
02.09.2012, 13:14
| #9 |
| | CLayoutEngine-Tooltip: YahooMessenger.exe - Abbild fehlerhaftCode:
ATTFilter All processes killed
========== OTL ==========
Error: Unable to stop service 37346712!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\37346712 deleted successfully.
C:\WINDOWS\system32\drivers\37346712.sys moved successfully.
Error: Unable to stop service setup_9.0.0.722_05.04.2012_06-27drv!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\setup_9.0.0.722_05.04.2012_06-27drv deleted successfully.
C:\WINDOWS\system32\drivers\3734671.sys moved successfully.
Error: Unable to stop service 37346711!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\37346711 deleted successfully.
C:\WINDOWS\system32\drivers\37346711.sys moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache AcceptLangs| /E : value set successfully!
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@checkpoint.com/FFApi\ deleted successfully.
========== FILES ==========
C:\Dokumente und Einstellungen\Pascalo\Anwendungsdaten\CheckPoint\ZoneAlarm LTD Toolbar\TrustChecker folder moved successfully.
C:\Dokumente und Einstellungen\Pascalo\Anwendungsdaten\CheckPoint\ZoneAlarm LTD Toolbar\PTPCACHE folder moved successfully.
C:\Dokumente und Einstellungen\Pascalo\Anwendungsdaten\CheckPoint\ZoneAlarm LTD Toolbar folder moved successfully.
C:\Dokumente und Einstellungen\Pascalo\Anwendungsdaten\CheckPoint folder moved successfully.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Auflösungscache wurde geleert.
M:\Dokumente und Einstellungen\Pascalo\Eigene Dateien\Downloads\cmd.bat deleted successfully.
M:\Dokumente und Einstellungen\Pascalo\Eigene Dateien\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Pascalo
->Temp folder emptied: 2856786 bytes
->Temporary Internet Files folder emptied: 10638337 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 59329118 bytes
->Google Chrome cache emptied: 152728448 bytes
->Flash cache emptied: 1131 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 69518 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 215,00 mb
OTL by OldTimer - Version 3.2.54.0 log created on 09012012_201655
Files\Folders moved on Reboot...
File\Folder C:\Dokumente und Einstellungen\Pascalo\Lokale Einstellungen\Temp\SAS23.tmp not found!
PendingFileRenameOperations files...
File C:\Dokumente und Einstellungen\Pascalo\Lokale Einstellungen\Temp\SAS23.tmp not found!
Registry entries deleted on Reboot...
Code:
ATTFilter ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=000e14c321a01440ac60341dc7e003fc
# end=stopped
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-09-01 09:16:54
# local_time=2012-09-01 11:16:54 (+0100, Westeuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=3073 16777173 80 71 3180 22215848 0 0
# compatibility_mode=8192 67108863 100 0 156 156 0 0
# scanned=65674
# found=0
# cleaned=0
# scan_time=8002
esets_scanner_update returned -1 esets_gle=53251
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=000e14c321a01440ac60341dc7e003fc
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-09-02 03:55:20
# local_time=2012-09-02 05:55:20 (+0100, Westeuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=3073 16777173 80 71 3907 22226184 0 0
# compatibility_mode=8192 67108863 100 0 10492 10492 0 0
# scanned=517076
# found=0
# cleaned=0
# scan_time=21572
msnmsgr.exe - Abbild fehlerhaft Die Anwendung oder DLL C:\WINDOWS\system32\wmp.dll ist keine gültige Windows-Datei. Überprüfen Sie dies mit der Installationsdiskette. Hast du eine Ahnung, wie die Meldung zustande kommt? |
|
03.09.2012, 13:36
| #10 |
| /// Helfer-Team | CLayoutEngine-Tooltip: YahooMessenger.exe - Abbild fehlerhaft überprüfe deine Comodo Antivirus und Firewall Einstellungen, vlt liegt daran
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
|
06.09.2012, 21:13
| #11 |
| | CLayoutEngine-Tooltip: YahooMessenger.exe - Abbild fehlerhaft Ja, scheint wohl nur eine harmlose Sache zu sein. Vielen lieben Dank für deine ausführliche Hilfe und PC-Säuberung! |
|
07.09.2012, 06:42
| #12 |
| /// Helfer-Team | CLayoutEngine-Tooltip: YahooMessenger.exe - Abbild fehlerhaft die Windows Media Player funktioniert gut?
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
|
08.09.2012, 10:33
| #13 |
| | CLayoutEngine-Tooltip: YahooMessenger.exe - Abbild fehlerhaft Den hab ich länger nicht benutzt, aber irgendwie funktioniert er gar nicht mehr. Es kommt die Meldung: "Windows Media Player ist nicht richtig installiert und muss neu installiert werden. Möchten Sie den Player von der Microsoft_Website installieren?" |
|
09.09.2012, 06:20
| #14 |
| /// Helfer-Team | CLayoutEngine-Tooltip: YahooMessenger.exe - Abbild fehlerhaft vlt könntest Du mal mit Hilfe der Windows CD dein Betriebssystem reparieren und so versuchen, mögliche Fehler zu beheben? vorher würd ich aber empfehlen deine für dich wichtige Daten zu sichern!
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
|
| Themen zu CLayoutEngine-Tooltip: YahooMessenger.exe - Abbild fehlerhaft |
| abbild, anwendung, c:\windows, dateien, dll, fehlerhaft, fehlermeldung, folge, folgende, gespeichert, gmer, grund, konnte, laufwerk, mögliche, netzwerkverbindungen, richtig, schei, start, system, system32, versuche, wegbekomme, windows, woanders |
.
Linear-Darstellung
