Trojaner-Board - Offen Generic PUP.i

Log Malwarebytes (Infizierte Datei wurde entfernt)

Code:

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org
 

Datenbank Version: 4253
 

Windows 6.1.7600

Internet Explorer 8.0.7600.16385
 

29.06.2010 14:39:05

mbam-log-2010-06-29 (14-39-05).txt
 

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)

Durchsuchte Objekte: 273252

Laufzeit: 1 Stunde(n), 12 Minute(n), 2 Sekunde(n)
 

Infizierte Speicherprozesse: 0

Infizierte Speichermodule: 0

Infizierte Registrierungsschlüssel: 0

Infizierte Registrierungswerte: 0

Infizierte Dateiobjekte der Registrierung: 0

Infizierte Verzeichnisse: 0

Infizierte Dateien: 1
 

Infizierte Speicherprozesse:

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule:

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel:

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungswerte:

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateiobjekte der Registrierung:

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse:

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien:

C:\ProgramData\Microsoft\Windows Defender\LocalCopy\{B59BDB21-7B82-47D6-9913-88165B6F06E4}-actualspy.exe (Application.ActualSpy) -> No action taken.

Log OTL

Code:

OTL logfile created on: 29.06.2010 14:57:56 - Run 1

OTL by OldTimer - Version 3.2.7.0     Folder = C:\Users\Xxy\Downloads

64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free

6,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 286,27 Gb Total Space | 226,50 Gb Free Space | 79,12% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: XXY-PC

Current User Name: Xxy

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: Current user

Include 64bit Scans

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Minimal

 
 ========== Processes (SafeList) ==========

 

PRC - C:\Users\Xxy\Downloads\OTL.exe (OldTimer Tools)

PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

PRC - C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)

PRC - C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe ()

PRC - c:\PROGRA~2\mcafee.com\agent\mcagent.exe (McAfee, Inc.)

PRC - C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)

PRC - C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe (McAfee, Inc.)

PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)

PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)

PRC - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe (Egis Technology Inc.)

PRC - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)

PRC - C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)

PRC - C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)

PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)

PRC - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)

PRC - c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe (McAfee, Inc.)

PRC - c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe (McAfee, Inc.)

PRC - C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer)

PRC - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (NewTech Infosystems, Inc.)

PRC - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)

PRC - C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)

PRC - C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe (Brother Industries, Ltd.)

PRC - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

PRC - C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe (Brother Industries, Ltd.)

PRC - C:\Windows\PLFSetI.exe ()

 

 
 ========== Modules (SafeList) ==========

 

MOD - C:\Users\Xxy\Downloads\OTL.exe (OldTimer Tools)

MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation)

MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)

SRV - (mcmscsvc) -- C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)

SRV - (Radio.fx) -- C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe ()

SRV - (clr_optimization_v4.0.30319_64) -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (Microsoft Corporation)

SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)

SRV - (MpfService) -- C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)

SRV - (McODS) -- C:\Programme\McAfee\VirusScan\mcods.exe (McAfee, Inc.)

SRV - (McShield) -- C:\Programme\McAfee\VirusScan\Mcshield.exe (McAfee, Inc.)

SRV - (McSysmon) -- C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe (McAfee, Inc.)

SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)

SRV - (MWLService) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe ()

SRV - (ePowerSvc) -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated)

SRV - (VSS) -- C:\Windows\Vss [2009.07.14 05:20:14 | 000,000,000 | ---D | M]

SRV - (MSDTC) -- C:\Windows\SysWOW64\Msdtc [2009.07.14 05:20:14 | 000,000,000 | ---D | M]

SRV - (vds) -- C:\Windows\SysWOW64\wbem\vds.mof ()

SRV - (McProxy) -- c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe (McAfee, Inc.)

SRV - (McNASvc) -- c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe (McAfee, Inc.)

SRV - (Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer)

SRV - (NTISchedulerSvc) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (NewTech Infosystems, Inc.)

SRV - (NTIBackupSvc) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.)

SRV - (Greg_Service) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)

SRV - (AgereModemAudio) -- C:\Programme\LSI SoftModem\agr64svc.exe (LSI Corporation)

SRV - (Microsoft Office Groove Audit Service) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64j.sys (Nokia)

DRV:64bit: - (nmwcdcx64) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia)

DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Nokia)

DRV:64bit: - (nmwcdx64) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)

DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)

DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)

DRV:64bit: - (mfesmfk) -- C:\Windows\SysNative\drivers\mfesmfk.sys (McAfee, Inc.)

DRV:64bit: - (mferkdk) -- C:\Windows\SysNative\drivers\mferkdk.sys (McAfee, Inc.)

DRV:64bit: - (MPFP) -- C:\Windows\SysNative\drivers\Mpfp.sys (McAfee, Inc.)

DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)

DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)

DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)

DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)

DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)

DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)

DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)

DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)

DRV:64bit: - (k57nd60a) Broadcom NetLink (TM) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20) -- C:\Windows\SysNative\drivers\L1E62x64.sys (Atheros Communications, Inc.)

DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)

DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corporation)

DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)

DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)

DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)

DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)

DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)

DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)

DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)

DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Research Inc.)

DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)

DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)

DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)

DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)

DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)

DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)

DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)

DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)

DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)

DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)

DRV - (mpsdrv) -- C:\Windows\SysWOW64\wbem\mpsdrv.mof ()

DRV - (Tcpip) -- C:\Windows\SysWOW64\wbem\tcpip.mof ()

DRV - (mwlPSDVDisk) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlPSDVdisk.sys (Egis Technology Inc.)

DRV - (mwlPSDNServ) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlPSDNServ.sys (Egis Technology Inc.)

DRV - (mwlPSDFilter) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlPSDFilter.sys (Egis Technology Inc.)

DRV - (DKbFltr) Dritek Keyboard Filter Driver (64-bit) -- C:\Windows\SysWOW64\drivers\DKbFltr.sys (Dritek System Inc.)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7540&r=27361109i716l0378z165t4791a676

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7540&r=27361109i716l0378z165t4791a676

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7540&r=27361109i716l0378z165t4791a676

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7540&r=27361109i716l0378z165t4791a676

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7540&r=27361109i716l0378z165t4791a676

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7540&r=27361109i716l0378z165t4791a676

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"

FF - prefs.js..browser.startup.homepage: "hxxp://www.schnaeppchenfuchs.com/blog/"

FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.5.4

 

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.06.25 12:06:00 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.06.25 12:06:00 | 000,000,000 | ---D | M]

 

[2009.11.12 22:21:15 | 000,000,000 | ---D | M] -- C:\Users\Xxy\AppData\Roaming\mozilla\Extensions

[2010.06.29 10:10:11 | 000,000,000 | ---D | M] -- C:\Users\Xxy\AppData\Roaming\mozilla\Firefox\Profiles\8jmwrrki.default\extensions

[2010.05.08 19:33:43 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Xxy\AppData\Roaming\mozilla\Firefox\Profiles\8jmwrrki.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

[2010.05.08 19:33:40 | 000,000,000 | ---D | M] -- C:\Users\Xxy\AppData\Roaming\mozilla\Firefox\Profiles\8jmwrrki.default\extensions\firebug@software.joehewitt.com

[2010.06.28 11:26:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions

[2009.11.03 04:14:39 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml

[2009.11.03 04:14:39 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml

[2009.11.03 04:14:39 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml

[2009.11.03 04:14:39 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml

[2009.11.03 04:14:39 | 000,000,801 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

 

O1 - HOSTS file present but inaccessible!

O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)

O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)

O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)

O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)

O4 - HKLM..\Run: [BrMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)

O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)

O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)

O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)

O4 - HKLM..\Run: [mcagent_exe] C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)

O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)

O4 - HKLM..\Run: [regapp32] C:\Windows\SysWOW64\regapp32.exe (Microsoft Corporation)

O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - Startup: C:\Users\Xxy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)

O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)

O13 - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} hxxp://www.navigram.com/engine/v911/Navigram.cab (Reg Error: Key error.)

O16 - DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} hxxp://www.navigram.com/engine/v911/Navigram.cab (Navigram Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)

O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 213.20.173.75 193.189.244.205

O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found

O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *) -  File not found

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2010.06.29 13:20:12 | 000,000,000 | ---D | C] -- C:\Users\Xxy\AppData\Roaming\Malwarebytes

[2010.06.29 13:20:02 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

[2010.06.29 13:20:01 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2010.06.29 13:20:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2010.06.29 13:20:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2010.06.28 21:23:20 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ODKOB32.DLL

[2010.06.28 21:23:19 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RACREG32.DLL

[2010.06.28 21:23:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Haushaltsbuch

[2010.06.28 11:22:55 | 000,000,000 | -HSD | C] -- C:\Config.Msi

[2010.06.28 11:21:59 | 000,000,000 | ---D | C] -- C:\Users\Xxy\Documents\Eigene PaperPort-Dokumente

[2010.06.28 11:09:38 | 000,000,000 | ---D | C] -- C:\Users\Xxy\AppData\Roaming\Enplase

[2010.06.24 08:48:30 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll

[2010.06.24 08:48:30 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll

[2010.06.24 08:48:30 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe

[2010.06.24 08:48:30 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe

[2010.06.24 08:48:30 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll

[2010.06.24 08:48:30 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll

[2010.06.24 08:48:30 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll

[2010.06.24 08:48:30 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll

[2010.06.23 08:25:05 | 001,736,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll

[2010.06.23 08:24:51 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll

[2010.06.23 08:24:51 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll

[2010.06.23 08:24:50 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll

[2010.06.23 08:24:50 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax

[2010.06.23 08:24:50 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax

[2010.06.23 08:24:50 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax

[2010.06.23 08:24:49 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax

[2010.06.18 22:21:34 | 000,000,000 | ---D | C] -- C:\Windows\pss

[2010.06.18 11:37:34 | 000,000,000 | ---D | C] -- C:\Users\Xxy\AppData\Roaming\Tobit

[2010.06.18 11:37:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tobit Radio.fx

[2010.06.18 11:37:11 | 001,848,584 | ---- | C] (Tobit.Software) -- C:\Windows\RXSUnins.exe

[2010.06.18 11:37:11 | 001,848,584 | ---- | C] (Tobit.Software) -- C:\Windows\RXCUnins.exe

[2010.06.18 11:37:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Tobit

[2010.06.18 11:30:19 | 000,692,224 | ---- | C] (CIA, The Company) -- C:\Windows\SysWow64\emx6.dat

[2010.06.18 11:30:19 | 000,308,224 | ---- | C] (www.dimac.net) -- C:\Windows\SysWow64\p20.dat

[2010.06.18 11:30:19 | 000,213,092 | ---- | C] (CIA, The Company) -- C:\Windows\SysWow64\emx1.dat

[2010.06.18 11:30:19 | 000,151,552 | ---- | C] (Catenary Systems) -- C:\Windows\SysWow64\Vic32.dll

[2010.06.18 11:30:19 | 000,117,507 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\p22.dat

[2010.06.18 11:30:19 | 000,053,248 | ---- | C] (CIA, The Company) -- C:\Windows\SysWow64\emx11.dat

[2010.06.18 11:30:19 | 000,040,960 | ---- | C] (CIA, The Company) -- C:\Windows\SysWow64\emx10.dat

[2010.06.18 11:30:19 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\regapp32.exe

[2010.06.18 11:30:18 | 000,000,000 | RHSD | C] -- C:\Program Files (x86)\PSCS

[2010.06.18 10:48:19 | 000,000,000 | ---D | C] -- C:\Users\Xxy\AppData\Roaming\Uniblue

[2010.06.14 10:31:35 | 000,000,000 | ---D | C] -- C:\Users\Xxy\Citrix

[2010.06.10 08:02:42 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll

[2010.06.10 08:02:42 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll

[2010.06.10 08:02:42 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll

[2010.06.10 08:02:42 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll

[2010.06.03 10:43:27 | 000,000,000 | ---D | C] -- C:\Users\Xxy\AppData\Local\ElevatedDiagnostics

[2010.06.01 17:51:36 | 000,000,000 | ---D | C] -- C:\Users\Xxy\AppData\Roaming\Nero

[2010.06.01 17:37:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero

[2010.06.01 17:21:39 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll

[2010.06.01 17:21:09 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll

[2010.06.01 17:20:41 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll

[2010.06.01 17:20:13 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll

[2010.06.01 17:19:45 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll

[2010.06.01 17:19:15 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll

[2010.05.31 21:16:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Smart Projects

[2010.05.30 22:09:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vuze_Remote

[1 C:\Users\Xxy\Desktop\*.tmp files -> C:\Users\Xxy\Desktop\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2010.06.29 15:01:16 | 002,883,584 | -HS- | M] () -- C:\Users\Xxy\ntuser.dat

[2010.06.29 14:50:17 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2010.06.29 14:50:17 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2010.06.29 14:43:24 | 000,030,498 | ---- | M] () -- C:\Windows\SysNative\Config.MPF

[2010.06.29 14:42:53 | 000,427,240 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2010.06.29 14:42:23 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2010.06.29 14:42:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010.06.29 14:41:34 | 2414,628,864 | -HS- | M] () -- C:\hiberfil.sys

[2010.06.29 14:40:28 | 008,061,010 | -H-- | M] () -- C:\Users\Xxy\AppData\Local\IconCache.db

[2010.06.29 08:15:45 | 000,236,179 | ---- | M] () -- C:\Users\Xxy\Desktop\2010-06-28-1047976846_04-RG-1.pdf

[2010.06.28 22:15:51 | 000,111,216 | ---- | M] () -- C:\Users\Xxy\AppData\Local\GDIPFONTCACHEV1.DAT

[2010.06.26 08:58:09 | 001,523,126 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2010.06.26 08:58:09 | 000,657,676 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat

[2010.06.26 08:58:09 | 000,618,912 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2010.06.26 08:58:09 | 000,131,016 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat

[2010.06.26 08:58:09 | 000,107,232 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2010.06.25 17:25:38 | 000,248,320 | ---- | M] () -- C:\Users\Xxy\Desktop\WM Spielplan.xls

[2010.06.21 09:52:56 | 000,240,128 | ---- | M] () -- C:\Users\Xxy\Desktop\Email.doc

[2010.06.21 09:50:43 | 000,226,327 | ---- | M] () -- C:\Users\Xxy\Desktop\Email.docx

[2010.06.18 11:30:53 | 000,000,718 | ---- | M] () -- C:\Windows\SysWow64\psini.ini

[2010.06.18 08:55:12 | 000,000,983 | ---- | M] () -- C:\Windows\uninst.ini

[2010.06.14 16:29:30 | 000,010,525 | ---- | M] () -- C:\Users\Xxy\Desktop\Rechnung.xlsx

[2010.06.14 10:31:38 | 000,000,081 | ---- | M] () -- C:\Users\Xxy\CTX.DAT

[2010.06.01 17:51:52 | 000,000,000 | ---- | M] () -- C:\Users\Xxy\AppData\Roaming\.NANotifyHere

[1 C:\Users\Xxy\Desktop\*.tmp files -> C:\Users\Xxy\Desktop\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2010.06.29 08:15:45 | 000,236,179 | ---- | C] () -- C:\Users\Xxy\Desktop\2010-06-28-1047976846_04-RG-1.pdf

[2010.06.21 17:18:14 | 000,248,320 | ---- | C] () -- C:\Users\Xxy\Desktop\WM Spielplan.xls

[2010.06.21 09:52:54 | 000,240,128 | ---- | C] () -- C:\Users\Xxy\Desktop\Email.doc

[2010.06.21 09:50:42 | 000,226,327 | ---- | C] () -- C:\Users\Xxy\Desktop\Email.docx

[2010.06.18 11:37:11 | 000,554,496 | ---- | C] () -- C:\Windows\SysWow64\dvmsg.dll

[2010.06.18 11:30:19 | 000,000,718 | ---- | C] () -- C:\Windows\SysWow64\psini.ini

[2010.06.14 10:31:38 | 000,000,081 | ---- | C] () -- C:\Users\Xxy\CTX.DAT

[2010.06.01 17:51:10 | 000,000,000 | ---- | C] () -- C:\Users\Xxy\AppData\Roaming\.NANotifyHere

[2010.05.18 17:51:22 | 000,000,983 | ---- | C] () -- C:\Windows\uninst.ini

[2010.05.18 16:22:44 | 000,000,000 | ---- | C] () -- C:\Windows\buhl.ini

[2010.05.18 16:21:05 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\BpShellEx.dll

[2010.05.10 11:57:55 | 000,000,057 | ---- | C] () -- C:\Windows\pdf2word.INI

[2010.04.27 13:04:15 | 001,500,444 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2010.01.03 18:51:35 | 000,000,028 | ---- | C] () -- C:\Windows\ODBC.INI

[2009.12.28 19:27:58 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI

[2009.12.04 00:53:22 | 000,147,456 | ---- | C] () -- C:\Windows\SysWow64\msnacjosd.dll

[2009.11.29 20:14:19 | 000,000,980 | ---- | C] () -- C:\Windows\wininit.ini

[2009.08.30 17:26:52 | 000,001,667 | ---- | C] () -- C:\Windows\WPatchProgress.ini

[2009.08.30 08:30:13 | 000,000,033 | ---- | C] () -- C:\Windows\LaunApp.ini

[2009.08.30 08:06:45 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll

[2009.08.30 08:06:45 | 000,000,323 | ---- | C] () -- C:\Windows\PidList.ini

[2009.08.22 08:01:04 | 000,872,448 | ---- | C] () -- C:\Windows\iconv.dll

[2009.08.22 08:01:04 | 000,743,424 | ---- | C] () -- C:\Windows\libxml2.dll

[2009.08.22 08:01:02 | 000,000,193 | ---- | C] () -- C:\Windows\Prelaunch.ini

[2009.08.22 08:01:02 | 000,000,168 | ---- | C] () -- C:\Windows\WisLangCode.ini

[2009.08.22 08:01:02 | 000,000,147 | ---- | C] () -- C:\Windows\WisPriority.ini

[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2007.09.28 10:40:55 | 000,009,851 | ---- | C] () -- C:\Windows\SysWow64\mswanjose.dll

 
 ========== Alternate Data Streams ==========

 

@Alternate Data Stream - 221 bytes -> C:\ProgramData\Temp:8927A071

< End of report >

Log 2:

Code:

OTL Extras logfile created on: 29.06.2010 14:57:57 - Run 1

OTL by OldTimer - Version 3.2.7.0     Folder = C:\Users\Xxy\Downloads

64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free

6,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 286,27 Gb Total Space | 226,50 Gb Free Space | 79,12% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: XXY-PC

Current User Name: Xxy

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: Current user

Include 64bit Scans

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Minimal

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 
 ========== Shell Spawning ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %* File not found

cmdfile [open] -- "%1" %* File not found

comfile [open] -- "%1" %* File not found

exefile [open] -- "%1" %* File not found

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %* File not found

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1" File not found

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S File not found

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L" File not found

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L" File not found

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 
 ========== Authorized Applications List ==========

 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2

"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007

"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}" = Broadcom Gigabit NetLink Controller

"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64

"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053

"{BADFD936-E907-C666-A6E1-3C04C06E4260}" = ATI Catalyst Install Manager

"{C3199A20-E216-102C-04B0-8F9FF608A8E1}" = ccc-utility64

"{EE5BE032-86BA-4A2B-4CB0-556156B45FEA}" = ATI AVIVO64 Codecs

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"LSI Soft Modem" = LSI HDA Modem

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"SynTPDeinstKey" = Synaptics Pointing Device Driver

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator

"{00303EC0-EE53-4934-A606-E9B98A96E026}" = CCC Help German

"{046BFB05-BC7F-01A4-C199-B49640D2AD0F}" = Catalyst Control Center Graphics Full New

"{064C45D3-880F-D130-554A-91043413BCEE}" = CCC Help Thai

"{08C12672-6B9B-F155-B060-D375A020B656}" = CCC Help Chinese Traditional

"{090EFBB9-1196-5391-3637-64CAAC5E982B}" = CCC Help Hungarian

"{119B7481-0216-40D2-A5CC-C3E1F461ECC1}" = Windows Live Fotogalerie

"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard

"{14272C6B-36D4-FB95-B95B-ADB1C2A7F029}" = CCC Help Italian

"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2

"{1D535E4B-4D8D-FD55-AD08-125C8C4117D3}" = ccc-core-static

"{1DC4A8CA-F9B1-F762-2448-0A72B36E1E12}" = CCC Help Korean

"{1E517C0C-8542-4F8C-DA23-98BCA13CD1F4}_is1" = Haushaltsbuch Freeware 2.7

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8

"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe

"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 19

"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com

"{309BBBEE-F25E-0105-6DB1-B668958C9D37}" = CCC Help Polish

"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform

"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management

"{3EDFC198-8ACC-A6C1-6991-35A80EC9A002}" = CCC Help English

"{42ED876C-C635-EF22-F4CD-620DC799CDDD}" = Catalyst Control Center Localization All

"{47826EF1-5634-D2E7-0C39-E356B8207676}" = CCC Help Turkish

"{49D59D86-7A0D-4217-979A-3D43F1F45CC8}" = BUHL-Lizenzmanagement-Software

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update

"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent

"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail

"{5C93667C-8802-F818-DE66-5E16996D6074}" = CCC Help Japanese

"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053

"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call

"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5

"{6140FD34-61AF-2EE7-3E9F-C0D26E532617}" = CCC Help Finnish

"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker

"{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}" = Brother MFL-Pro Suite DCP-375CW

"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2

"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam

"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management

"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer

"{82809116-D1EE-443C-AE31-F19E709DDF7A}" = AMD USB Filter Driver

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114803710}" = Star Defender 4

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger

"{8568FE6D-9769-A751-11D5-5AC7F6B698C2}" = CCC Help Russian

"{890E6592-0998-3C7A-2DB4-A29381485DA5}" = CCC Help Spanish

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8B999A44-8314-493B-877E-A1DA5B54D9B8}" = Catalyst Control Center - Branding

"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard

"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007

"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007

"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007

"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007

"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007

"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007

"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007

"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System

"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007

"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007

"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007

"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007

"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007

"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{91E04CA7-0B13-4F8C-AA4D-2A573AC96D19}" = Windows Live Essentials

"{96A39248-6496-075F-BD29-E99333354958}" = CCC Help French

"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader

"{9978DB94-91EE-8D32-354E-F54A99051A37}" = Catalyst Control Center Core Implementation

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{A14A9BB0-7284-D33A-C5D8-DFD773843484}" = Catalyst Control Center Graphics Full Existing

"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR

"{A391AF4E-D4D4-D295-19FC-FF6C2DB74169}" = CCC Help Portuguese

"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.3.2 MUI

"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86

"{B02C36FE-3C50-CD6B-6469-4A2F8D90DB3B}" = CCC Help Dutch

"{B4E92469-CC2A-3AB0-E45A-F4C20F8C86C6}" = CCC Help Chinese Standard

"{B77CD8C3-7DB4-8339-0E2F-EEB8DFCABCBC}" = CCC Help Norwegian

"{BF2433BA-ACC4-6DA5-047E-B2D95FE8ECDA}" = CCC Help Greek

"{CD0F9E16-4E3F-2369-9D67-9A0B84362D0A}" = Catalyst Control Center InstallProxy

"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005

"{D332D9A9-C8C7-67C6-D5B5-6A0088AB4CF5}" = CCC Help Czech

"{E0A6AD5F-CFAF-63ED-5C31-6E94B271A4C8}" = Catalyst Control Center Graphics Light

"{E41CF65A-72A1-143E-1B4E-1E570C6AD4EC}" = CCC Help Danish

"{ED636101-1959-4360-8BF7-209436E7DEE4}" = Windows Live Sync

"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{FC1FFB3D-0FD9-0746-31EF-3AD987574BE8}" = CCC Help Swedish

"Acer Registration" = Acer Registration

"Acer Welcome Center" = Welcome Center

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"CCleaner" = CCleaner

"DivX Setup.divx.com" = DivX-Setup

"ENTERPRISE" = Microsoft Office Enterprise 2007

"FileZilla Client" = FileZilla Client 3.2.7.1

"GridVista" = Acer GridVista

"Identity Card" = Identity Card

"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5

"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2

"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8

"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe

"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager

"LManager" = Launch Manager

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Mozilla Firefox (3.5.10)" = Mozilla Firefox (3.5.10)

"MSC" = McAfee SecurityCenter

"Nice PDF Compressor_is1" = Nice PDF Compressor 2.0

"Tobit Radio.fx Server" = Radio.fx

"Totalcmd" = Total Commander (Remove or Repair)

"VeryPDF PDF2Word v3.0_is1" = VeryPDF PDF2Word v3.0

"WinLiveSuite_Wave3" = Windows Live Essentials

 
 ========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 26.06.2010 17:39:56 | Computer Name = Xxy-PC | Source = Brother BrLog | ID = 1001

Description = WDLMW BrtWDLMW: [2010/06/26 23:39:56.742]: [00004324]: lperrcode->api

 = 1 , lperrcode->code = 2   

 

Error - 26.06.2010 17:39:58 | Computer Name = Xxy-PC | Source = Brother BrLog | ID = 1001

Description = WDLMW BrtWDLMW: [2010/06/26 23:39:58.243]: [00004324]: lperrcode->api

 = 1 , lperrcode->code = 2   

 

Error - 26.06.2010 17:39:59 | Computer Name = Xxy-PC | Source = Brother BrLog | ID = 1001

Description = WDLMW BrtWDLMW: [2010/06/26 23:39:59.743]: [00004324]: lperrcode->api

 = 1 , lperrcode->code = 2   

 

Error - 26.06.2010 17:40:01 | Computer Name = Xxy-PC | Source = Brother BrLog | ID = 1001

Description = WDLMW BrtWDLMW: [2010/06/26 23:40:01.244]: [00004324]: lperrcode->api

 = 1 , lperrcode->code = 2   

 

Error - 26.06.2010 17:40:02 | Computer Name = Xxy-PC | Source = Brother BrLog | ID = 1001

Description = WDLMW BrtWDLMW: [2010/06/26 23:40:02.746]: [00004324]: lperrcode->api

 = 1 , lperrcode->code = 2   

 

Error - 26.06.2010 17:40:04 | Computer Name = Xxy-PC | Source = Brother BrLog | ID = 1001

Description = WDLMW BrtWDLMW: [2010/06/26 23:40:04.247]: [00004324]: lperrcode->api

 = 1 , lperrcode->code = 2   

 

Error - 26.06.2010 17:40:05 | Computer Name = Xxy-PC | Source = Brother BrLog | ID = 1001

Description = WDLMW BrtWDLMW: [2010/06/26 23:40:05.748]: [00004324]: lperrcode->api

 = 1 , lperrcode->code = 2   

 

Error - 26.06.2010 17:40:07 | Computer Name = Xxy-PC | Source = Brother BrLog | ID = 1001

Description = WDLMW BrtWDLMW: [2010/06/26 23:40:07.251]: [00004324]: lperrcode->api

 = 1 , lperrcode->code = 2   

 

Error - 26.06.2010 17:40:08 | Computer Name = Xxy-PC | Source = Brother BrLog | ID = 1001

Description = WDLMW BrtWDLMW: [2010/06/26 23:40:08.752]: [00004324]: lperrcode->api

 = 1 , lperrcode->code = 2   

 

Error - 26.06.2010 17:40:10 | Computer Name = Xxy-PC | Source = Brother BrLog | ID = 1001

Description = WDLMW BrtWDLMW: [2010/06/26 23:40:10.252]: [00004324]: lperrcode->api

 = 1 , lperrcode->code = 2   

 

[ OSession Events ]

Error - 01.12.2009 12:36:49 | Computer Name = Xxy-PC | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:

 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 18

 seconds with 0 seconds of active time.  This session ended with a crash.

 

Error - 27.12.2009 10:30:52 | Computer Name = Xxy-PC | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:

 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1376

 seconds with 1140 seconds of active time.  This session ended with a crash.

 

Error - 18.01.2010 04:17:00 | Computer Name = Xxy-PC | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 2, Application Name: Microsoft Office Access, Application Version:

 12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 38734

 seconds with 4020 seconds of active time.  This session ended with a crash.

 

Error - 25.01.2010 14:36:05 | Computer Name = Xxy-PC | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:

 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 376

 seconds with 300 seconds of active time.  This session ended with a crash.

 

Error - 03.03.2010 14:09:19 | Computer Name = Xxy-PC | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:

 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 754

 seconds with 480 seconds of active time.  This session ended with a crash.

 

[ System Events ]

Error - 24.04.2010 13:26:15 | Computer Name = Xxy-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012

Description = Fehler beim Lesen der Datei für lokale Hosts.

 

Error - 24.04.2010 13:26:16 | Computer Name = Xxy-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012

Description = Fehler beim Lesen der Datei für lokale Hosts.

 

Error - 24.04.2010 13:32:38 | Computer Name = Xxy-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012

Description = Fehler beim Lesen der Datei für lokale Hosts.

 

Error - 25.04.2010 01:32:43 | Computer Name = Xxy-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012

Description = Fehler beim Lesen der Datei für lokale Hosts.

 

Error - 25.04.2010 01:32:44 | Computer Name = Xxy-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012

Description = Fehler beim Lesen der Datei für lokale Hosts.

 

Error - 25.04.2010 01:32:46 | Computer Name = Xxy-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012

Description = Fehler beim Lesen der Datei für lokale Hosts.

 

Error - 25.04.2010 01:33:02 | Computer Name = Xxy-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012

Description = Fehler beim Lesen der Datei für lokale Hosts.

 

Error - 25.04.2010 03:15:38 | Computer Name = Xxy-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012

Description = Fehler beim Lesen der Datei für lokale Hosts.

 

Error - 25.04.2010 03:15:39 | Computer Name = Xxy-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012

Description = Fehler beim Lesen der Datei für lokale Hosts.

 

Error - 25.04.2010 03:15:41 | Computer Name = Xxy-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012

Description = Fehler beim Lesen der Datei für lokale Hosts.

 

 

< End of report >

Ich hoffe das du dir einen Überblick verschaffen kannst. Vorab schon mal vielen Dank!