| okulossos | 17.03.2011 11:23 |
Nope alles mehr oder minder sauber gelöscht.
Gmer mach ich nachher (Zeitmangel), aber das ist denke ich ok, denn ich mache mir allgemein eher weniger Sorgen. dennoch, hier sind OTL und EXTRAS. ich hoffe ihr nehmt mir nicht übel, dass ich das land entfernt habe, das kann man zwar anhand meiner IP erkennen, aber die hat nicht jeder und naja, meine Paranoia.
also:
OTL Logfile: Code:
OTL logfile created on: 17.03.2011 09:48:00 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Benutzer\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000c07 | Country: | Language: DEA | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931,51 Gb Total Space | 267,32 Gb Free Space | 28,70% Space Free | Partition Type: NTFS
Computer Name: MERCURY-PC | User Name: Benutzer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.03.17 09:35:55 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Benutzer\Desktop\OTL.exe
PRC - [2011.01.13 09:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011.01.13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.08.26 02:57:32 | 000,380,928 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2010.08.26 02:57:04 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2010.03.09 01:47:06 | 005,010,288 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\System32\Wacom_Tablet.exe
PRC - [2010.03.09 01:47:06 | 002,046,320 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\System32\WTablet\Wacom_TabletUser.exe
PRC - [2009.04.11 14:18:30 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.07.16 14:06:56 | 000,129,424 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\inteldh\common\SWUpdateClient.exe
PRC - [2008.07.16 13:44:28 | 001,628,560 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\inteldh\msm\MSM.exe
PRC - [2008.07.16 13:42:46 | 000,051,088 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\inteldh\common\IntelDHSvcMgr.exe
PRC - [2008.06.23 13:12:52 | 000,174,616 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\AMT\LMS.exe
PRC - [2008.01.21 03:23:24 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdSync.exe
PRC - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
========== Modules (SafeList) ==========
MOD - [2011.03.17 09:35:55 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Benutzer\Desktop\OTL.exe
MOD - [2011.01.13 09:47:35 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2010.08.31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2010.05.04 20:13:07 | 000,231,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
MOD - [2008.01.21 03:25:01 | 000,183,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\duser.dll
========== Win32 Services (SafeList) ==========
SRV - [2011.01.13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.08.26 02:57:04 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2010.03.09 01:47:06 | 005,010,288 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Windows\System32\Wacom_Tablet.exe -- (TabletServiceWacom)
SRV - [2010.01.14 22:54:52 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008.12.22 11:52:16 | 000,104,944 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2008.07.16 13:44:28 | 001,628,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\inteldh\msm\MSM.exe -- (ME Services Manager)
SRV - [2008.07.16 13:42:46 | 000,051,088 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\inteldh\common\IntelDHSvcMgr.exe -- (Software Services Manager)
SRV - [2008.06.23 13:12:52 | 000,174,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\AMT\LMS.exe -- (LMS) Intel(R)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.21 03:23:24 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008.01.21 03:23:24 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
========== Driver Services (SafeList) ==========
DRV - [2011.01.13 09:41:16 | 000,294,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.01.13 09:40:16 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.01.13 09:37:30 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.01.13 09:37:19 | 000,051,280 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011.01.13 09:37:09 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.08.26 04:36:28 | 006,380,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2010.08.26 04:36:28 | 006,380,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2010.08.26 02:20:36 | 000,221,696 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010.06.07 10:44:38 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2010.06.07 10:44:38 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010.01.25 00:32:24 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV - [2010.01.14 19:15:29 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.09.22 00:29:22 | 000,014,120 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2009.04.11 14:18:01 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2008.11.21 02:53:44 | 000,220,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1y6032.sys -- (e1yexpress) Intel(R)
DRV - [2008.03.28 13:42:12 | 000,040,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI) Intel(R)
DRV - [2007.07.17 10:22:06 | 000,908,832 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PhilCap.sys -- (PhilCap)
DRV - [2007.02.16 20:12:36 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2005.01.31 10:20:04 | 000,211,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LV561AV.SYS -- (PID_0928) Logitech QuickCam Express(PID_0928)
DRV - [2005.01.31 10:12:46 | 000,022,016 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: calendar-timezones@mozilla.org:0.1.2008d
FF - prefs.js..extensions.enabledItems: default-palette@celtx.com:1.0
FF - prefs.js..extensions.enabledItems: emoticons-msn-smileys@m513901.de:0.1
FF - prefs.js..extensions.enabledItems: inspector@mozilla.org:2.0.0
FF - prefs.js..extensions.enabledItems: messagestyle-blackened@addons.instantbird.org:0.9
FF - prefs.js..extensions.enabledItems: messagestyle-depth@addons.instantbird.org:1.1
FF - prefs.js..extensions.enabledItems: messagestyle-minimal20@addons.instantbird.org:1.5
[2010.01.14 19:27:16 | 000,000,000 | ---D | M] (Timezone Definitions for Mozilla Calendar) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\CALENDAR-TIMEZONES@MOZILLA.ORG
[2010.01.14 19:27:16 | 000,000,000 | ---D | M] (Default Shot Palette) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\DEFAULT-PALETTE@CELTX.COM
[2010.01.14 19:27:16 | 000,000,000 | ---D | M] (MSN-Smileys) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\EMOTICONS-MSN-SMILEYS@M513901.DE
[2010.01.14 19:27:16 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\INSPECTOR@MOZILLA.ORG
[2010.01.14 19:27:16 | 000,000,000 | ---D | M] (Blackened) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\MESSAGESTYLE-BLACKENED@ADDONS.INSTANTBIRD.ORG
[2010.01.14 19:27:16 | 000,000,000 | ---D | M] (Depth) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\MESSAGESTYLE-DEPTH@ADDONS.INSTANTBIRD.ORG
[2010.01.14 19:27:16 | 000,000,000 | ---D | M] (Minimal) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\MESSAGESTYLE-MINIMAL20@ADDONS.INSTANTBIRD.ORG
O1 HOSTS File: ([2011.03.17 09:41:12 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll ()
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [IntelSWUpdateClient] C:\Program Files\Intel\inteldh\common\SWUpdateClient.exe (Intel(R) Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files\Free Download Manager\dlfvideo.htm ()
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} hxxp://ax.emsisoft.com/emsisoft_webscan.cab (Emsisoft Web Malware Scan)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.186.211.21 195.34.133.21
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Benutzer\Pictures\Desktop\battle.jpg
O24 - Desktop BackupWallPaper: C:\Users\Benutzer\Pictures\Desktop\battle.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
MsConfig - State: "bootini" - 2
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2011.03.17 09:45:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2011.03.17 09:45:38 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2011.03.17 09:35:49 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\Benutzer\Desktop\Erunt-setup.exe
[2011.03.17 09:35:49 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Benutzer\Desktop\OTL.exe
[2011.03.17 09:35:49 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\Benutzer\Desktop\TFC.exe
[2011.03.17 09:08:37 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Local\{ABB62BB9-7619-4FCF-B1F3-52A08EB8C8A7}
[2011.03.16 11:54:50 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Local\{2FD05649-F3E4-4008-912B-9D6176C011F4}
[2011.03.15 23:54:15 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Local\{97E74F65-03D3-49C2-B37F-7396EB75F17B}
[2011.03.15 20:59:27 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Roaming\Malwarebytes
[2011.03.15 20:59:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.03.15 17:39:16 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011.03.15 17:39:12 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011.03.15 17:20:04 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011.03.15 17:20:04 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011.03.15 17:20:04 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011.03.15 17:19:57 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011.03.15 17:19:56 | 000,000,000 | ---D | C] -- C:\ComboFix
[2011.03.15 17:18:49 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.03.15 17:18:31 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2011.03.15 11:15:09 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Local\{444FA878-C7DB-40F7-82C2-A6D44C020A25}
[2011.03.14 23:14:34 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Local\{F5E1DFA5-4C6A-46C9-9CF2-C3A484BC9276}
[2011.03.14 18:28:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2011.03.14 11:14:00 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Local\{A63B6DDA-4DA2-4E6D-8C6A-F3BE0613A3A8}
[2011.03.13 22:38:46 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Local\{37785AC6-71AE-49CA-B830-EF66434EBF51}
[2011.03.13 18:49:40 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\f4
[2011.03.13 18:49:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\f4
[2011.03.13 18:49:16 | 000,000,000 | ---D | C] -- C:\Program Files\f4
[2011.03.13 09:26:12 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Local\{AB69449D-7E1F-437C-BF31-F200B77F1E13}
[2011.03.12 21:25:37 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Local\{9EDC30AB-0A50-4AF9-AB93-115D272D3DAE}
[2011.03.12 09:25:03 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Local\{7AE5B526-3ABF-45F8-B5DC-0D29ADC29DDB}
[2011.03.11 21:24:28 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Local\{F416E896-34AD-44CA-B13E-44C8DA39B7B9}
[2011.03.11 09:24:05 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Local\{EB661E99-1EC8-4545-B3E9-2925A4A9DB36}
[2011.03.10 15:59:39 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Local\{6B7D8A7C-357F-41F5-9BCE-F8A09C796580}
[2011.03.10 01:21:46 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Local\{BB58DF50-D376-4F8F-889D-CFF8C744720C}
[2011.03.09 11:21:38 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Local\{95660795-44AE-4851-BFA5-01E44A4E6FD3}
[2011.03.08 21:33:39 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Local\{C87951B0-955B-444F-BC9D-E0EB89D888BA}
[2011.03.08 09:13:26 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Local\{B0FD89B4-71CF-412E-8741-166D5FE767A9}
[2011.03.07 23:26:40 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Local\{1EB3DB89-FCFB-47F7-9820-A535350B77A0}
[2011.03.07 20:42:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
[2011.03.07 20:42:13 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft
[2011.03.07 20:10:44 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Star Assault
[2011.03.07 20:10:32 | 000,000,000 | ---D | C] -- C:\Program Files\Kalypso
[2011.03.04 18:01:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraDefrag
[2011.03.04 18:01:51 | 000,000,000 | ---D | C] -- C:\Windows\UltraDefrag
[2011.03.02 17:27:58 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\.idlerc
[2011.02.26 21:27:39 | 000,000,000 | ---D | C] -- C:\Program Files\EA
[2011.02.26 21:25:44 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2011.02.22 20:42:21 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Roaming\Blender Foundation
[2011.02.17 09:47:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
========== Files - Modified Within 30 Days ==========
[2011.03.17 09:46:04 | 000,638,898 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.03.17 09:46:04 | 000,604,566 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.03.17 09:46:04 | 000,131,000 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.03.17 09:46:04 | 000,107,898 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.03.17 09:45:39 | 000,000,693 | ---- | M] () -- C:\Users\Benutzer\Desktop\NTREGOPT.lnk
[2011.03.17 09:45:39 | 000,000,674 | ---- | M] () -- C:\Users\Benutzer\Desktop\ERUNT.lnk
[2011.03.17 09:41:12 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011.03.17 09:41:01 | 000,003,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.03.17 09:41:01 | 000,003,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.03.17 09:40:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.03.17 09:40:54 | 3216,908,288 | -HS- | M] () -- C:\hiberfil.sys
[2011.03.17 09:36:00 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Benutzer\Desktop\TFC.exe
[2011.03.17 09:35:55 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Benutzer\Desktop\OTL.exe
[2011.03.17 09:35:52 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\Benutzer\Desktop\Erunt-setup.exe
[2011.03.17 09:35:50 | 000,296,448 | ---- | M] () -- C:\Users\Benutzer\Desktop\g2m3e4r.exe
[2011.03.16 12:58:50 | 000,742,874 | ---- | M] () -- C:\Users\Benutzer\Desktop\Load.exe
[2011.03.16 11:42:19 | 000,001,192 | ---- | M] () -- C:\Users\Benutzer\Documents\vlc-record-2011-03-16-11h42m17s-Immaterials_ Light painting WiFi.mp4-.mp4
[2011.03.16 09:13:39 | 000,003,204 | ---- | M] () -- C:\Users\Benutzer\cc_20110316_091334.reg
[2011.03.16 00:32:46 | 000,480,216 | ---- | M] () -- C:\Users\Benutzer\Desktop\Quokka.jpg
[2011.03.15 18:59:08 | 000,016,762 | ---- | M] () -- C:\Users\Benutzer\Desktop\20011q1.ods
[2011.03.15 18:26:34 | 000,006,088 | ---- | M] () -- C:\Users\Benutzer\cc_20110315_182631.reg
[2011.03.15 16:54:17 | 000,002,514 | ---- | M] () -- C:\Users\Benutzer\cc_20110315_165414.reg
[2011.03.15 12:43:56 | 000,104,960 | ---- | M] () -- C:\Users\Benutzer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.03.15 11:39:10 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2011.03.15 11:39:10 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2011.03.15 11:38:59 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2011.03.14 16:28:11 | 000,008,949 | ---- | M] () -- C:\Users\Benutzer\.recently-used.xbel
[2011.03.14 14:42:44 | 000,365,461 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Anleitung.exe
[2011.03.13 12:36:01 | 000,009,241 | ---- | M] () -- C:\Users\Benutzer\Desktop\Anleitung.html
[2011.03.07 20:55:11 | 000,161,986 | ---- | M] () -- C:\Windows\Star Assault Uninstaller.exe
[2011.03.07 20:10:54 | 000,001,868 | ---- | M] () -- C:\Users\Benutzer\Desktop\Star Assault.lnk
[2011.03.05 12:32:18 | 000,001,362 | ---- | M] () -- C:\Users\Benutzer\cc_20110305_123214.reg
[2011.03.04 08:58:49 | 000,003,872 | ---- | M] () -- C:\Windows\System32\Wacom_Tablet.dat
[2011.03.03 21:56:29 | 000,002,014 | ---- | M] () -- C:\Users\Benutzer\cc_20110303_215624.reg
[2011.02.22 20:36:59 | 000,000,841 | ---- | M] () -- C:\Users\Benutzer\Desktop\blender.lnk
[2011.02.22 11:13:42 | 000,014,440 | ---- | M] () -- C:\Users\Benutzer\cc_20110222_111333.reg
[2011.02.15 20:21:02 | 003,222,026 | ---- | M] () -- C:\Users\Benutzer\Documents\Pheno01 001.pdf
========== Files Created - No Company Name ==========
[2011.03.17 09:45:39 | 000,000,693 | ---- | C] () -- C:\Users\Benutzer\Desktop\NTREGOPT.lnk
[2011.03.17 09:45:39 | 000,000,674 | ---- | C] () -- C:\Users\Benutzer\Desktop\ERUNT.lnk
[2011.03.17 09:35:50 | 000,296,448 | ---- | C] () -- C:\Users\Benutzer\Desktop\g2m3e4r.exe
[2011.03.16 12:58:49 | 000,742,874 | ---- | C] () -- C:\Users\Benutzer\Desktop\Load.exe
[2011.03.16 11:42:19 | 000,001,192 | ---- | C] () -- C:\Users\Benutzer\Documents\vlc-record-2011-03-16-11h42m17s-Immaterials_ Light painting WiFi.mp4-.mp4
[2011.03.16 09:13:37 | 000,003,204 | ---- | C] () -- C:\Users\Benutzer\cc_20110316_091334.reg
[2011.03.16 00:33:22 | 000,480,216 | ---- | C] () -- C:\Users\Benutzer\Desktop\Quokka.jpg
[2011.03.15 18:26:33 | 000,006,088 | ---- | C] () -- C:\Users\Benutzer\cc_20110315_182631.reg
[2011.03.15 17:20:04 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011.03.15 17:20:04 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011.03.15 17:20:04 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011.03.15 17:20:04 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011.03.15 17:20:04 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011.03.15 16:54:16 | 000,002,514 | ---- | C] () -- C:\Users\Benutzer\cc_20110315_165414.reg
[2011.03.15 11:38:59 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011.03.14 18:28:41 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2011.03.14 16:28:11 | 000,008,949 | ---- | C] () -- C:\Users\Benutzer\.recently-used.xbel
[2011.03.13 12:41:20 | 000,009,241 | ---- | C] () -- C:\Users\Benutzer\Desktop\Anleitung.html
[2011.03.13 12:16:23 | 000,365,461 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Anleitung.exe
[2011.03.10 18:09:45 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011.03.07 20:10:53 | 000,001,868 | ---- | C] () -- C:\Users\Benutzer\Desktop\Star Assault.lnk
[2011.03.07 20:10:44 | 000,161,986 | ---- | C] () -- C:\Windows\Star Assault Uninstaller.exe
[2011.03.05 12:32:16 | 000,001,362 | ---- | C] () -- C:\Users\Benutzer\cc_20110305_123214.reg
[2011.03.03 21:56:26 | 000,002,014 | ---- | C] () -- C:\Users\Benutzer\cc_20110303_215624.reg
[2011.02.22 20:36:59 | 000,000,841 | ---- | C] () -- C:\Users\Benutzer\Desktop\blender.lnk
[2011.02.22 11:13:40 | 000,014,440 | ---- | C] () -- C:\Users\Benutzer\cc_20110222_111333.reg
[2011.02.15 20:20:58 | 003,222,026 | ---- | C] () -- C:\Users\Benutzer\Documents\Pheno01 001.pdf
[2011.02.03 16:56:32 | 000,146,190 | ---- | C] () -- C:\Windows\hpoins18.dat.temp
[2011.02.03 16:56:32 | 000,006,600 | ---- | C] () -- C:\Windows\hpomdl18.dat.temp
[2011.02.03 16:56:05 | 000,006,600 | ---- | C] () -- C:\Windows\hpomdl18.dat
[2011.01.01 11:37:46 | 000,003,872 | ---- | C] () -- C:\Windows\System32\Wacom_Tablet.dat
[2010.12.07 17:09:08 | 000,000,848 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010.11.27 00:22:27 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll
[2010.11.27 00:22:27 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth2.dll
[2010.11.27 00:22:27 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth1.dll
[2010.11.27 00:22:27 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll
[2010.11.27 00:22:27 | 000,000,073 | ---- | C] () -- C:\Windows\System32\ssprs.dll
[2010.11.07 10:03:35 | 000,044,544 | ---- | C] () -- C:\Windows\System32\GIF89.DLL
[2010.11.07 10:03:29 | 000,484,352 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2010.10.15 08:22:18 | 000,000,096 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\fusioncache.dat
[2010.10.14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010.10.13 12:01:12 | 000,022,328 | ---- | C] () -- C:\Users\Benutzer\AppData\Roaming\PnkBstrK.sys
[2010.09.24 08:49:00 | 000,014,848 | ---- | C] () -- C:\Windows\System32\lua5.1a_gui.exe
[2010.09.24 08:49:00 | 000,010,752 | ---- | C] () -- C:\Windows\System32\lua5.1a.exe
[2010.09.24 08:48:58 | 000,092,160 | ---- | C] () -- C:\Windows\System32\lua5.1a.dll
[2010.08.26 02:19:36 | 000,023,040 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2010.07.29 08:03:07 | 000,001,148 | ---- | C] () -- C:\Windows\System32\game.ini
[2010.07.24 01:03:37 | 000,000,057 | ---- | C] () -- C:\Windows\sierra.ini
[2010.07.24 00:32:23 | 000,217,088 | ---- | C] () -- C:\Windows\System32\libmySQL.dll
[2010.07.24 00:32:23 | 000,102,400 | ---- | C] () -- C:\Windows\System32\TrackerNET.dll
[2010.07.20 18:08:13 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini
[2010.07.10 19:28:29 | 000,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010.07.10 19:28:29 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010.06.16 14:22:56 | 000,219,348 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2010.06.15 23:28:54 | 000,002,857 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2010.06.07 10:44:38 | 000,278,984 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2010.06.07 10:44:38 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2010.05.17 21:08:23 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2010.05.10 21:36:47 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2010.05.10 21:06:41 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[2010.03.29 14:50:26 | 000,000,034 | ---- | C] () -- C:\Windows\cdplayer.ini
[2010.03.24 18:59:24 | 000,000,338 | ---- | C] () -- C:\Windows\d3xp.ini
[2010.03.20 18:52:41 | 000,000,331 | ---- | C] () -- C:\Windows\doom3.ini
[2010.03.14 16:23:17 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2010.03.14 16:23:17 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2010.03.14 16:23:17 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2010.03.09 09:57:10 | 000,000,167 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2010.02.04 19:58:05 | 000,000,056 | ---- | C] () -- C:\Windows\kgt2k.INI
[2010.02.03 01:33:51 | 000,270,336 | ---- | C] () -- C:\Windows\unin0407.exe
[2010.01.16 13:21:33 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll
[2010.01.16 13:21:33 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll
[2010.01.15 17:48:55 | 000,130,798 | ---- | C] () -- C:\Windows\hpoins18.dat
[2010.01.15 02:50:26 | 000,104,960 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.01.14 23:01:47 | 002,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
[2010.01.14 19:40:45 | 000,000,760 | ---- | C] () -- C:\Windows\AnimatorDV.INI
[2010.01.14 19:31:17 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010.01.14 13:44:20 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.01.14 12:26:41 | 000,000,680 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\d3d9caps.dat
[2009.04.11 17:54:15 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2009.04.11 17:54:14 | 000,638,898 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2009.04.11 17:54:14 | 000,131,000 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2009.04.11 17:54:14 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2009.04.11 14:18:12 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.04.11 14:18:12 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.04.11 14:18:11 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.02.18 19:55:20 | 000,294,912 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2009.02.03 22:52:02 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2007.08.22 11:21:08 | 000,184,320 | ---- | C] () -- C:\Windows\System32\vgl.dll
[2007.07.17 10:22:02 | 000,009,760 | ---- | C] () -- C:\Windows\System32\716xCoInstaller.dll
[2007.06.27 16:13:51 | 000,516,096 | ---- | C] () -- C:\Windows\System32\RegisterDialog.dll
[2007.06.08 08:10:38 | 000,319,488 | ---- | C] () -- C:\Windows\System32\LS3Renderer.dll
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 001,602,032 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,604,566 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,107,898 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005.01.31 08:37:58 | 000,009,255 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
========== LOP Check ==========
[2010.09.23 13:04:24 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\.minecraft
[2010.11.21 00:08:35 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\avidemux
[2011.02.22 20:42:21 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Blender Foundation
[2010.01.14 22:52:29 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\DAEMON Tools Lite
[2011.03.15 17:17:27 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Free Download Manager
[2011.01.23 18:44:22 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\FreeBurner
[2010.05.08 23:10:16 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\FreeFLVConverter
[2010.01.14 23:42:26 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Greyfirst
[2011.03.12 20:00:39 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\gtk-2.0
[2010.05.18 22:39:32 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Image Zone Express
[2011.01.23 18:52:27 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\InfraRecorder
[2010.01.23 23:11:56 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\IrfanView
[2011.03.16 12:52:16 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\MusicBee
[2011.01.26 12:20:14 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\MySQL
[2010.01.16 09:51:27 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\OpenOffice.org
[2010.05.18 22:39:32 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Printer Info Cache
[2010.10.21 12:09:36 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\smc
[2010.09.07 18:51:00 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\SpieleEntwicklungsKombinat
[2010.01.22 00:15:10 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\uqm
[2011.01.05 22:19:59 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Windows Live Writer
[2010.03.12 11:43:48 | 000,000,214 | ---- | M] () -- C:\Windows\Tasks\CreateChoiceProcessTask.job
[2011.03.17 09:39:25 | 000,032,538 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2011.03.15 17:39:16 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2010.04.16 18:41:02 | 000,000,000 | ---D | M] -- C:\adobe
[2011.02.03 20:27:40 | 000,000,000 | ---D | M] -- C:\ADVProjects
[2011.02.01 11:42:38 | 000,000,000 | ---D | M] -- C:\AHDProjects
[2010.01.14 13:38:37 | 000,000,000 | ---D | M] -- C:\ATI
[2011.01.10 12:57:00 | 000,000,000 | ---D | M] -- C:\Bibliothek
[2011.03.06 15:30:10 | 000,000,000 | ---D | M] -- C:\Bilder
[2010.01.14 12:10:06 | 000,000,000 | ---D | M] -- C:\Boot
[2011.03.15 17:39:14 | 000,000,000 | ---D | M] -- C:\ComboFix
[2011.03.15 16:52:50 | 000,000,000 | ---D | M] -- C:\Config.Msi
[2006.11.02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2010.01.14 12:25:07 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2011.03.07 12:15:11 | 000,000,000 | ---D | M] -- C:\Downloads
[2011.03.03 21:49:42 | 000,000,000 | ---D | M] -- C:\games
[2011.02.06 18:16:50 | 000,000,000 | ---D | M] -- C:\gmax
[2010.05.10 21:06:21 | 000,000,000 | ---D | M] -- C:\I-Magic
[2010.01.14 12:38:54 | 000,000,000 | ---D | M] -- C:\Intel
[2010.11.20 16:01:00 | 000,000,000 | ---D | M] -- C:\kram
[2011.03.04 00:59:35 | 000,000,000 | ---D | M] -- C:\meine Filme
[2011.02.14 10:38:16 | 000,000,000 | ---D | M] -- C:\pages
[2008.01.21 03:32:31 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2011.03.17 09:45:38 | 000,000,000 | ---D | M] -- C:\Program Files
[2011.03.15 20:59:19 | 000,000,000 | ---D | M] -- C:\ProgramData
[2010.01.14 12:25:07 | 000,000,000 | -HSD | M] -- C:\Programme
[2010.01.24 00:55:16 | 000,000,000 | ---D | M] -- C:\Python26
[2011.03.15 17:39:14 | 000,000,000 | ---D | M] -- C:\Qoobox
[2010.10.03 09:42:40 | 000,000,000 | ---D | M] -- C:\Root
[2010.07.24 01:02:51 | 000,000,000 | ---D | M] -- C:\Sierra
[2010.03.11 12:21:46 | 000,000,000 | ---D | M] -- C:\Sonstige Projekte
[2011.03.17 09:49:41 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2010.11.28 00:34:36 | 000,000,000 | ---D | M] -- C:\Temp
[2010.01.14 13:26:46 | 000,000,000 | ---D | M] -- C:\TempEI4
[2011.03.08 10:03:01 | 000,000,000 | ---D | M] -- C:\Uni
[2010.01.14 12:26:40 | 000,000,000 | R--D | M] -- C:\Users
[2011.03.17 09:39:07 | 000,000,000 | ---D | M] -- C:\Windows
< %PROGRAMFILES%\*.exe >
< %LOCALAPPDATA%\*.exe >
< %systemroot%\*. /mp /s >
< MD5 for: EXPLORER.EXE >
[2009.04.11 14:18:30 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\ERDNT\cache\explorer.exe
[2009.04.11 14:18:30 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 14:18:30 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
< MD5 for: USERINIT.EXE >
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\ERDNT\cache\userinit.exe
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
< MD5 for: WININIT.EXE >
[2008.01.21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\ERDNT\cache\wininit.exe
[2008.01.21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008.01.21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
< MD5 for: WINLOGON.EXE >
[2009.04.11 14:18:46 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\ERDNT\cache\winlogon.exe
[2009.04.11 14:18:46 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 14:18:46 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-03-15 06:58:24
< End of report >
--- --- ---
OTL Logfile: Code:
OTL Extras logfile created on: 17.03.2011 09:48:00 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Benutzer\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000c07 | Country: | Language: DEA | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931,51 Gb Total Space | 267,32 Gb Free Space | 28,70% Space Free | Partition Type: NTFS
Computer Name: MERCURY-PC | User Name: Benutzer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1311790516-237250954-1396119219-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03D4F066-2F96-49B8-BD1B-AD477B38B6C9}" = lport=138 | protocol=17 | dir=in | app=system |
"{3C74AE9A-280F-4B02-82AA-A0D27768E4BA}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{51F3724F-B006-4F36-ACB9-6B40EB88F9C9}" = rport=139 | protocol=6 | dir=out | app=system |
"{73405F3C-5B18-48F5-B673-9067248D7755}" = lport=137 | protocol=17 | dir=in | app=system |
"{7BD7D5A3-8B2D-4686-B877-48FABF844711}" = lport=445 | protocol=6 | dir=in | app=system |
"{824CD84F-73C4-4C08-BD58-6CF3B759172E}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{9ABACE36-6610-4B83-9CBE-EE643F1AE605}" = lport=139 | protocol=6 | dir=in | app=system |
"{AC0A73F0-4C10-4A77-AB6C-75F7B695F412}" = rport=138 | protocol=17 | dir=out | app=system |
"{C8E9058F-F518-48B2-A8CB-C054A34BFD2C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{E14C7D68-2CF1-4431-AC9C-207E69556962}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E9AF4699-73C2-4843-9803-E85F43285A32}" = rport=137 | protocol=17 | dir=out | app=system |
"{FFD5E713-49BD-474D-8028-A970829A1953}" = rport=445 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{024C0160-C837-4344-8EB8-DF9EF448160E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{03E0F865-1646-4292-A498-98422BCE49AE}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{0E9C785E-5BF8-4B36-BDE7-9D7A255C616D}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{12E02750-4DAA-464F-9993-477494782D9C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{228DB644-41BE-403D-8305-01887C17A445}" = protocol=6 | dir=in | app=c:\program files\mass effect\masseffectlauncher.exe |
"{2838AC0B-0209-446F-9BE7-91A98F8566A4}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{33CBD062-CFBB-4D05-B2B8-36EE378C352A}" = protocol=6 | dir=in | app=c:\program files\mass effect 2\binaries\masseffect2.exe |
"{39F7EB88-7DE3-4097-A941-9737C76B24D0}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\aliens vs predator\avp_dx11.exe |
"{48C824A7-AB05-48E6-8CE7-470C3EE6439F}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{5853F19B-C346-49F8-B292-788A87B52430}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{720F8412-35EE-478B-AF55-37E15BF79A7D}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\aliens vs predator\avp.exe |
"{75A64743-7EEE-468D-8CD5-3859D0C2989A}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{77277E88-62B7-4EE6-A0B0-F4721835567A}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{7B1235AA-55F6-4EB4-A09F-B1592897F83F}" = protocol=6 | dir=in | app=c:\program files\ea games\mirror's edge\binaries\mirrorsedge.exe |
"{7CEE7290-247B-49DB-A860-B99DAD3A9B2C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{7F01B39D-22E6-4F2E-88AF-F95AEED5D26F}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\aliens vs predator\avp_dx11.exe |
"{820A765C-22E8-4054-B2A0-9346C48EC951}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\aliens vs predator\avp_launcher.exe |
"{8975284E-EA24-4535-BF8D-3181AB9AC982}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{8A28947E-BA0F-4003-A557-D739294B1B36}" = protocol=6 | dir=in | app=c:\program files\mass effect 2\masseffect2launcher.exe |
"{95F2ABF8-23CF-4CEF-8430-E529C94259E6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{989F884F-ACB1-4426-8BA9-3D67CC346CDB}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{9A240917-F1D3-465F-A503-3FE9BCF31D84}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A5F17897-46A1-46A3-A8BB-1040B1F275DB}" = protocol=17 | dir=in | app=c:\program files\mass effect\masseffectlauncher.exe |
"{AF44AA5C-F0F0-4421-9671-058C4A0EDC88}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B3C6089B-0138-417A-B403-183EB499A8D0}" = protocol=17 | dir=in | app=c:\program files\mass effect 2\binaries\masseffect2.exe |
"{BAD81DC3-F356-42AE-87C6-4A0867C758BA}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{C1DF2D7E-6961-4927-8039-D15143875395}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\aliens vs predator\avp.exe |
"{C87DF743-1C0C-4DE6-BD14-ADDC3F0ACD5F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C931F1AE-B487-4A11-B4F4-8B40F672FEB7}" = protocol=6 | dir=in | app=c:\program files\mass effect\binaries\masseffect.exe |
"{D8E0B27E-2D9C-49E1-9A24-C3A83BC1A3BA}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{DCC62720-1C41-4448-A8E1-0BEE3FF34DF1}" = protocol=17 | dir=in | app=c:\program files\mass effect\binaries\masseffect.exe |
"{DFD3CA83-DF34-4C1A-9A83-8ACCBD030CA0}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\aliens vs predator\avp_launcher.exe |
"{EC7D61DD-424C-4367-B341-23CA5887D499}" = protocol=17 | dir=in | app=c:\program files\mass effect 2\masseffect2launcher.exe |
"TCP Query User{0938D019-7F9A-47F7-9D21-F07A7CDA5BD0}C:\program files\eclipse\eclipse.exe" = protocol=6 | dir=in | app=c:\program files\eclipse\eclipse.exe |
"TCP Query User{1750BB9A-61DE-4F04-873B-3DDD1BDC5313}C:\games\urbanterror\iourbanterror.exe" = protocol=6 | dir=in | app=c:\games\urbanterror\iourbanterror.exe |
"TCP Query User{1C0B56B8-3B29-4A41-8D0B-26FF676215C1}C:\program files\proun beta\proun.exe" = protocol=6 | dir=in | app=c:\program files\proun beta\proun.exe |
"TCP Query User{24B3AEF4-50DF-485D-9BBC-25A80C45F033}C:\program files\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe |
"TCP Query User{4F36C661-26A1-471B-B621-625D91E597D6}C:\program files\free download manager\fdm.exe" = protocol=6 | dir=in | app=c:\program files\free download manager\fdm.exe |
"TCP Query User{51D0AA4F-37CC-4F72-9285-46CA6F16C8C6}C:\program files\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe |
"TCP Query User{58301552-6B65-4514-995F-07254DD452B8}C:\program files\free download manager\fdmwi.exe" = protocol=6 | dir=in | app=c:\program files\free download manager\fdmwi.exe |
"TCP Query User{63FCC78B-1CF5-45E5-B8DF-B27DE779943A}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{6FAC0BE6-549A-437B-9D49-5D3FFD5476FE}C:\program files\ea games\american mcgee's alice\alice.exe" = protocol=6 | dir=in | app=c:\program files\ea games\american mcgee's alice\alice.exe |
"TCP Query User{727D1F70-918E-4E8C-80C1-7BF3B7870B26}C:\udk\dungeon defense\binaries\win32\udk.exe" = protocol=6 | dir=in | app=c:\udk\dungeon defense\binaries\win32\udk.exe |
"TCP Query User{8BD40546-2AD4-42D1-AD5B-9E60B189E9DB}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{9F58970A-153E-4896-826C-E3691C073249}C:\dynamix\tribes2\gamedata\tribes2.exe" = protocol=6 | dir=in | app=c:\dynamix\tribes2\gamedata\tribes2.exe |
"TCP Query User{BBF391DB-2DC8-4640-9E67-A3D1B8CCA2CB}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{C2A5D85A-0F6E-4D98-80E4-D5F17EA912AF}C:\program files\quake iii arena\quake3.exe" = protocol=6 | dir=in | app=c:\program files\quake iii arena\quake3.exe |
"TCP Query User{D138565B-8D38-461F-A244-563DE0D391E2}C:\sierra\half-life\hl.exe" = protocol=6 | dir=in | app=c:\sierra\half-life\hl.exe |
"TCP Query User{D98D600F-7057-4D39-8B49-FC083BB5736C}C:\downloads\jd\eclipse-php-helios-sr1-win32\eclipse\eclipse.exe" = protocol=6 | dir=in | app=c:\downloads\jd\eclipse-php-helios-sr1-win32\eclipse\eclipse.exe |
"TCP Query User{EF75C27B-77F5-418F-8FA8-FD3103D9CB9E}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{FC7D2849-3CB9-4758-81B7-E40FB264DBFC}C:\codemasters\insane\game.exe" = protocol=6 | dir=in | app=c:\codemasters\insane\game.exe |
"UDP Query User{0790E740-1E56-4F31-9F31-C1BAB921FD8B}C:\sierra\half-life\hl.exe" = protocol=17 | dir=in | app=c:\sierra\half-life\hl.exe |
"UDP Query User{2724C868-CF1F-43D4-8327-FEC6F1EC6D20}C:\program files\quake iii arena\quake3.exe" = protocol=17 | dir=in | app=c:\program files\quake iii arena\quake3.exe |
"UDP Query User{2CD72FA5-189E-448E-B342-78925907D868}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{689B0435-878C-42C9-AB64-9B677F59246D}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{70467346-429A-456E-A03B-42CB0F88E38B}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{705D10F2-5CC1-4412-8BE1-F50F10B5D0EF}C:\games\urbanterror\iourbanterror.exe" = protocol=17 | dir=in | app=c:\games\urbanterror\iourbanterror.exe |
"UDP Query User{752C7BC2-DD92-4C68-B954-9C2E8FDE50A1}C:\program files\free download manager\fdm.exe" = protocol=17 | dir=in | app=c:\program files\free download manager\fdm.exe |
"UDP Query User{7E1C134B-4BE2-4BE2-BD83-A525C5CD984E}C:\program files\ea games\american mcgee's alice\alice.exe" = protocol=17 | dir=in | app=c:\program files\ea games\american mcgee's alice\alice.exe |
"UDP Query User{ACE12BC6-11BC-4A8B-BDF2-299ABD3D2EB4}C:\downloads\jd\eclipse-php-helios-sr1-win32\eclipse\eclipse.exe" = protocol=17 | dir=in | app=c:\downloads\jd\eclipse-php-helios-sr1-win32\eclipse\eclipse.exe |
"UDP Query User{B1069055-BB03-407B-83A9-8B97C1377CF4}C:\dynamix\tribes2\gamedata\tribes2.exe" = protocol=17 | dir=in | app=c:\dynamix\tribes2\gamedata\tribes2.exe |
"UDP Query User{B1776FE5-881F-4000-999F-669AAD92B493}C:\program files\proun beta\proun.exe" = protocol=17 | dir=in | app=c:\program files\proun beta\proun.exe |
"UDP Query User{E0403854-5E72-461D-8AA2-16D30384B6B2}C:\program files\eclipse\eclipse.exe" = protocol=17 | dir=in | app=c:\program files\eclipse\eclipse.exe |
"UDP Query User{E383FABE-D40E-4F45-8B5B-B8E5247C7B47}C:\udk\dungeon defense\binaries\win32\udk.exe" = protocol=17 | dir=in | app=c:\udk\dungeon defense\binaries\win32\udk.exe |
"UDP Query User{E47EB45B-AB1F-4A83-B391-01CC46167E42}C:\program files\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe |
"UDP Query User{E530F366-9DBC-43CF-93A8-9FD76B4AF54B}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{EA7DB116-7B50-45A5-9BFD-C13905ADAAB0}C:\codemasters\insane\game.exe" = protocol=17 | dir=in | app=c:\codemasters\insane\game.exe |
"UDP Query User{F6AD1086-9732-47CA-BAF5-011F1739D947}C:\program files\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe |
"UDP Query User{FE4417F4-A0BD-4D60-A012-5ACDF7371105}C:\program files\free download manager\fdmwi.exe" = protocol=17 | dir=in | app=c:\program files\free download manager\fdmwi.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{EAB6F4ED-B18D-4BF5-B18E-3C7921560EC4}" = Corel Painter Sketch Pad
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{00BA866C-F2A2-4BB9-A308-3DFA695B6F7C}" = Java DB 10.5.3.0
"{00D6C191-50A2-4D9C-9285-1817D8420FB6}" = IPM
"{0370E621-61D1-4199-82AF-8F21851FD194}" = i_instrumentation 1.0.38.0
"{04347DFD-87B6-4E30-B14D-5DF2888AD8F5}" = DOOM 3: Resurrection of Evil
"{044F9133-B8D7-4d11-BF39-803FA20F5C8B}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{0D2F6F25-394B-4ACA-BC9C-1394E963C620}" = Intel(R) Remote Wake Technology 1.0.45.9
"{0E592C31-09EF-3CA1-A7DE-05D13DFCF791}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - deu
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{1367FA2F-2B3D-430F-872F-588B93420BFC}" = TimeShift
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{1AE3E621-E0C0-4aa1-B10B-B3E353A8D110}" = c3100_Help
"{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect
"{1D666E21-2924-4B94-9A33-D6136761ACAB}" = Intel(R) Remote Wake Technology 1.0.296.0
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 24
"{273799F6-BC76-46F1-95E1-EF05322C3A5F}" = i_msm 1.0.312.0
"{282E5AB2-8E47-4571-B6FA-6B512555B557}" = HP Photosmart.All-In-One Driver Software 8.0 .A
"{2BE51F94-8ED9-4B31-898C-01BFA71CC1DC}" = i_swupdate 1.0.40.0
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{32A3A4F4-B792-11D6-A78A-00B0D0160230}" = Java(TM) SE Development Kit 6 Update 23
"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3FA7A919-87DA-42B1-814B-86DE8DCA17C2}" = gmax
"{41785C66-90F2-40CE-8CB5-1C94BFC97280}" = Microsoft Chart Controls for Microsoft .NET Framework 3.5
"{44F5A980-8A6B-4aca-8D85-EFCE5D67D379}" = AIO_CDA_ProductContext
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51DC7E02-3EEE-D01E-60D1-103A0DA2C3BF}" = Catalyst Control Center Graphics Previews Common
"{52A7026F-476C-4E3B-A4C7-8FF7DAD65FEB}" = i_redistributables 1.0.45
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{56AAE9D5-3D96-8D1D-C4C4-0290B21CE901}" = ccc-core-static
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{59ADFE8C-AD8C-2B04-6940-2D417FBAD111}" = CCC Help English
"{5BD093B2-58E6-467D-99E4-E88A5FFC412C}" = Painter Sketch Pad
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{6200495A-E409-4D63-B84E-F92D3C5310C1}_is1" = AnimatorHD Home
"{6530FDAA-5B1F-4830-95BB-650E9804D239}" = UE3Redist
"{657B7314-CC55-46A3-BB92-1E3315E051B9}" = ME_Kit_Files
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72F6D9F1-98C4-473F-A540-ECDCEB6D3D76}" = Registration
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{777AD08E-B32A-4456-AFE1-094DBECEB268}" = Intel(R) Network Connections 13.5.32.0
"{7A7DC702-DEDE-42A8-8722-B3BA724D546F}" = Fax
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{842FAF7C-50EF-4463-9B8F-6222E1384D7D}" = Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes
"{88D422DB-E9C7-4E16-9D80-2999F4FD6AD9}" = Adobe Flash Player 9 Plugin
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{8DB4B3C5-9308-401B-97E6-ECF0A378703A}" = MusicBee
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F014E72-8456-431B-A985-EBBBFEAE85ED}" = Game Creators Dark GDK
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-00AF-0407-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy
"{A8E2EF8F-73EF-4DD8-BB38-31FCCAF50103}" = Dark Messiah
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB61E316-F10B-43eb-B47F-42095835F9CC}" = C3100
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{AF1C9345-B53D-4110-BFBF-A0DD83AEAB83}" = AIO_CDA_Software
"{AF2E5BA0-759C-926D-6C3F-11A3751C286E}" = Catalyst Control Center Graphics Previews Vista
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C969744F-EB74-5868-719E-D4B1F3D0792F}" = ccc-utility
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE03D1DC-FD8D-2F5C-5FAD-02570BA0383B}" = Catalyst Control Center InstallProxy
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5A7D7AB-3093-3619-9261-74DB250ECF7B}" = Microsoft Visual C++ 2008 Express Edition with SP1 - DEU
"{DDA34038-89BD-4804-B0B8-DC48D5DFB463}" = Catalyst Control Center - Branding
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{e7394a0f-3f80-45b1-87fc-abcd51893246}" = Python 2.6.4
"{E7562F88-BDCC-44D3-9C6B-313FC43052B7}" = IconHandler 32 bit
"{EAA01BA0-6991-4296-A404-4FFF2DAC2225}" = ParaWorld
"{EAB6F4ED-B18D-4BF5-B18E-3C7921560EC4}" = Corel SketchPad - ICA
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}" = Doom 3
"{F0A4913F-46A5-48F2-BC73-EE41A6C81EB3}" = Microsoft DirectX SDK (August 2007)
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F34D6DAE-7777-5C40-E143-8A0D6A048F75}" = ATI Catalyst Install Manager
"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FB6908C2-2138-4D6E-9CAF-11D7AE6C3909}" = Doom 3
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Android SDK Tools" = Android SDK Tools
"AnimatorDV Simple+ 9.02_is1" = AnimatorDV Simple+ 9.02
"ArgoUML" = ArgoUML 0.30.2
"Audiograbber" = Audiograbber 1.83 SE
"avast5" = avast! Free Antivirus
"CCleaner" = CCleaner
"Celtx (2.7)" = Celtx (2.7)
"CintaNotes_is1" = CintaNotes 1.2
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2009-09-09
"DVD Flick_is1" = DVD Flick 1.3.0.7
"DVD Shrink DE_is1" = DVD Shrink 3.2 deutsch (DeCSS-frei)
"ERUNT_is1" = ERUNT 1.1j
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"f4" = f4 3.1.0
"FLV Player" = FLV Player 2.0 (build 25)
"Free Download Manager_is1" = Free Download Manager 3.0
"Free Easy Burner_is1" = Free Easy Burner V 4.1
"Free FLV Converter_is1" = Free FLV Converter V 6.7.7
"Half-Life" = Half-Life
"HECI" = Intel(R) Management Engine Interface
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"HPOCR" = HP OCR Software 8.0
"InfraRecorder" = InfraRecorder
"InstallShield_{04347DFD-87B6-4E30-B14D-5DF2888AD8F5}" = DOOM 3: Resurrection of Evil
"InstallShield_{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}" = Doom 3
"IrfanView" = IrfanView (remove only)
"JDownloader" = JDownloader
"MaPZone2.Free" = Allegorithmic MaPZone2.Free
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Visual C++ 2008 Express Edition with SP1 - DEU" = Microsoft Visual C++ 2008 Express Edition mit SP1 - DEU
"Octodad" = Octodad
"OpenAL" = OpenAL
"Playlogic_Xyanide_Resurrection" = Xyanide Resurrection
"PROSetDX" = Intel(R) Network Connections 13.5.32.0
"Proun Beta" = Proun Beta
"Quake2MissionPackGroundZeroUninstallKey" = Quake II MP: Ground Zero
"Quake2MissionPackUninstallKey" = Quake II MP: The Reckoning
"Quake2UninstallKey" = Quake II
"Scribus 1.3.3.14" = Scribus 1.3.3.14
"SimCity2000CDv1" = SimCity 2000® CD-Collection
"Star Assault" = Star Assault
"Steam App 10680" = Aliens vs Predator
"Steam App 400" = Portal
"The Ur-Quan Masters" = The Ur-Quan Masters 0.6.2
"TmNationsForever_is1" = TmNationsForever
"UltraDefrag" = Ultra Defragmenter
"Unlocker" = Unlocker 1.8.7
"Urban Terror_is1" = Urban Terror 4.1
"VLC media player" = VLC media player 1.0.3
"Wacom Tablet Driver" = Wacom Tablett
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"WinGimp-2.0_is1" = GIMP 2.6.10
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"Xvid_is1" = Xvid 1.1.2 final uninstall
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"8172654c702bc68b" = FLV to AVI Converter
"InstallShield_{6530FDAA-5B1F-4830-95BB-650E9804D239}" = UE3Redist
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 07.03.2011 06:35:54 | Computer Name = mercury-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 07.03.2011 06:35:54 | Computer Name = mercury-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 07.03.2011 06:35:54 | Computer Name = mercury-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 07.03.2011 06:35:54 | Computer Name = mercury-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 07.03.2011 06:35:54 | Computer Name = mercury-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 07.03.2011 06:35:54 | Computer Name = mercury-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 07.03.2011 06:35:54 | Computer Name = mercury-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 07.03.2011 06:35:54 | Computer Name = mercury-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 07.03.2011 06:35:54 | Computer Name = mercury-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 07.03.2011 06:35:54 | Computer Name = mercury-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
[ Media Center Events ]
Error - 14.01.2010 09:08:23 | Computer Name = Benutzer-PC | Source = ehRecvr | ID = 4
Description =
Error - 14.01.2010 09:08:23 | Computer Name = Benutzer-PC | Source = ehRecvr | ID = 4
Description =
Error - 14.01.2010 09:08:34 | Computer Name = Benutzer-PC | Source = ehRecvr | ID = 4
Description =
Error - 14.01.2010 09:08:36 | Computer Name = Benutzer-PC | Source = ehRecvr | ID = 4
Description =
Error - 27.11.2010 19:32:12 | Computer Name = mercury-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.SqmFlushSession failed;
Win32 GetLastError returned 0D Prozess: DefaultDomain Objektname: Media Center Guide
Error - 27.11.2010 19:32:18 | Computer Name = mercury-PC | Source = ehRecvr | ID = 4
Description =
Error - 27.11.2010 19:32:18 | Computer Name = mercury-PC | Source = ehRecvr | ID = 4
Description =
Error - 04.12.2010 15:49:19 | Computer Name = mercury-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide
Error - 04.12.2010 16:40:16 | Computer Name = mercury-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide
[ System Events ]
Error - 15.03.2011 02:53:58 | Computer Name = mercury-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 15.03.2011 06:45:21 | Computer Name = mercury-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 15.03.2011 12:23:07 | Computer Name = mercury-PC | Source = Service Control Manager | ID = 7030
Description =
Error - 15.03.2011 12:30:08 | Computer Name = mercury-PC | Source = Service Control Manager | ID = 7030
Description =
Error - 15.03.2011 12:35:54 | Computer Name = mercury-PC | Source = Service Control Manager | ID = 7030
Description =
Error - 15.03.2011 12:59:02 | Computer Name = mercury-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 16.03.2011 04:10:05 | Computer Name = mercury-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 17.03.2011 04:07:49 | Computer Name = mercury-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 17.03.2011 04:36:32 | Computer Name = mercury-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 17.03.2011 04:42:28 | Computer Name = mercury-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report >
--- --- ---
ja, wie gesagt, wenn nötig kümmere ich mich heute am späten nachmittag noch um die Gmer.txt, aber wenn man hierdraus bereits erkennen kann, dass nichts ist, dann erspare ich mir das.
Vielen Dank soweit erstmal, ich bin jetzt mal auf Antworten gespannt.
Oh ach ja, wegen dem Firefox: ich hab ihn nicht installiert, sondern als portable on-off Version, nur falls die Einträge dazu irgendwie komisch aussehen. |
