Zu 2. sind entfernt.
Zu 3. das sind ihre Weihnacht's Geschichten.
Zu 4. ist deinstalliert.
12212011_164258: Code:
All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\ not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{b106b661-3e1b-4015-af5c-195e909f35c6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b106b661-3e1b-4015-af5c-195e909f35c6}\ not found.
Prefs.js: "Yahoo" removed from browser.search.defaultenginename
Prefs.js: "NCH DE Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2801937&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
Prefs.js: "chr-greentree_ff&type=937811&ilc=12" removed from browser.search.param.yahoo-fr
Prefs.js: "Yahoo" removed from browser.search.selectedEngine
Prefs.js: "hxxp://search.conduit.com/?ctid=CT2801937&SearchSource=13" removed from browser.startup.homepage
Prefs.js: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=" removed from keyword.URL
C:\Users\viola\AppData\Roaming\Mozilla\Firefox\Profiles\b64oyy79.default\searchplugins\conduit.xml moved successfully.
C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml moved successfully.
C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{B106B661-3E1B-4015-AF5C-195E909F35C6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B106B661-3E1B-4015-AF5C-195E909F35C6}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Userinit not found.
Starting removal of ActiveX control {063F7D71-5E0B-48F2-87D5-F63C5917947E}
C:\Windows\Downloaded Program Files\aosmgr.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{063F7D71-5E0B-48F2-87D5-F63C5917947E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{063F7D71-5E0B-48F2-87D5-F63C5917947E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{063F7D71-5E0B-48F2-87D5-F63C5917947E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{063F7D71-5E0B-48F2-87D5-F63C5917947E}\ not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: AppData
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: viola
->Temp folder emptied: 573504 bytes
->Temporary Internet Files folder emptied: 4598828 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 622332116 bytes
->Google Chrome cache emptied: 6942913 bytes
->Flash cache emptied: 470 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 5185539 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67698 bytes
RecycleBin emptied: 35182169 bytes
Total Files Cleaned = 644,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.31.0 log created on 12212011_164258
Files\Folders moved on Reboot...
C:\Users\viola\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
OTL: Code:
OTL logfile created on: 21.12.2011 18:51:47 - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\viola\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,98 Gb Total Physical Memory | 2,01 Gb Available Physical Memory | 67,36% Memory free
5,97 Gb Paging File | 5,01 Gb Available in Paging File | 83,96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 458,45 Gb Total Space | 190,76 Gb Free Space | 41,61% Space Free | Partition Type: NTFS
Drive D: | 458,96 Gb Total Space | 343,57 Gb Free Space | 74,86% Space Free | Partition Type: NTFS
Computer Name: VIOLA-PC | User Name: viola | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.12.21 03:04:10 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\viola\Desktop\OTL.exe
PRC - [2011.12.12 23:20:56 | 003,305,760 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\viola\AppData\Local\Akamai\netsession_win.exe
PRC - [2011.10.15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011.09.20 14:34:58 | 003,077,528 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
PRC - [2011.09.06 22:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\AvastUI.exe
PRC - [2011.09.06 22:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011.08.31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.07.29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2009.10.24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2009.08.28 10:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
PRC - [2009.08.12 23:04:44 | 000,062,208 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2009.07.04 02:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe
========== Modules (No Company Name) ==========
MOD - [2011.09.20 14:34:58 | 003,077,528 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MOD - [2011.07.29 00:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011.07.29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011.09.06 22:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011.08.10 14:23:36 | 000,036,160 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2009.06.15 10:10:00 | 000,382,976 | ---- | M] (Marvell) [Auto | Running] -- C:\Windows\SysNative\yk62x64.dll -- (yksvc)
SRV:64bit: - [2009.06.03 14:54:40 | 000,660,640 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\atwtusb.exe -- (WTService)
SRV - [2011.12.13 23:00:51 | 003,316,000 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_b427739.dll -- (Akamai)
SRV - [2011.10.15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.10.15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.08.10 14:31:08 | 002,027,840 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011.08.10 14:23:30 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2010.11.15 02:40:03 | 000,827,884 | ---- | M] ( ) [Auto | Stopped] -- C:\Windows\SysWOW64\regw2.exe -- (FLEXnet Licensing Manager)
SRV - [2010.06.17 22:50:00 | 003,890,920 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc)
SRV - [2009.10.24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2009.09.10 14:42:46 | 000,305,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)
SRV - [2009.08.28 10:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009.08.25 18:38:06 | 000,935,208 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009.08.12 23:04:44 | 000,062,208 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009.07.04 02:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011.09.06 22:38:18 | 000,601,944 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2011.09.06 22:38:16 | 000,301,912 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2011.09.06 22:36:41 | 000,058,200 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2011.09.06 22:36:41 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2011.09.06 22:36:30 | 000,065,368 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011.09.06 22:36:14 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2011.08.31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011.07.08 00:21:28 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 14:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.19 11:39:00 | 000,107,096 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Mkd2Nadr.sys -- (Mkd2Nadr)
DRV:64bit: - [2010.09.13 06:01:00 | 000,182,872 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mkd3kfnt.sys -- (Mkd3kfNt)
DRV:64bit: - [2010.07.23 23:21:58 | 000,421,248 | ---- | M] (Illusion & Hope. Porting to AMD64 by Sergey Sakharov.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\BT848.sys -- (BT848) Conexant's BtPCI WDM Video Capture (AMD64)
DRV:64bit: - [2010.07.21 16:26:16 | 000,834,544 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.03.08 03:37:00 | 000,097,368 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Mkd2BthF.sys -- (Mkd2Bthf)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.13 22:59:33 | 005,020,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.06.15 10:10:00 | 000,393,216 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009.06.11 06:34:38 | 001,208,320 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.02 12:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009.06.02 12:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009.06.02 12:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009.05.06 00:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009.05.06 00:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2009.05.04 17:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2009.04.17 02:18:26 | 000,007,808 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\walvhid.sys -- (vhidmini)
DRV:64bit: - [2009.03.08 18:16:14 | 000,007,680 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\moufiltr.sys -- (moufiltr)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (Blbemsl)
DRV - [2005.01.04 10:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
DRV - [2001.05.23 09:42:52 | 000,012,084 | ---- | M] (Aiptek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\UTBLFILT.sys -- (utblfilt)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\viola\Downloads
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.param.yahoo-fr: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.5
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@ahnlab.com/asp/npaosmgr.1: C:\Program Files (x86)\AhnLab\ASP\Components\aosmgr\npaosmgr.dll (AhnLab, Inc.)
FF - HKLM\Software\MozillaPlugins\@ahnlab.com/asp/npmkd25sp: C:\Program Files (x86)\AhnLab\ASP\MyKeyDefense 2.5\npmkd25sp.dll (AhnLab, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@ahnlab.com/asp/npmkd25sp: C:\Program Files (x86)\AhnLab\ASP\MyKeyDefense 2.5\npmkd25sp.dll (AhnLab, Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.11.18 23:04:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.11.09 13:53:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.09.27 22:49:37 | 000,000,000 | ---D | M]
[2010.08.01 23:53:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\viola\AppData\Roaming\mozilla\Extensions
[2011.12.14 23:28:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\viola\AppData\Roaming\mozilla\Firefox\Profiles\b64oyy79.default\extensions
[2011.11.11 02:50:58 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\viola\AppData\Roaming\mozilla\Firefox\Profiles\b64oyy79.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011.11.10 15:31:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
() (No name found) -- C:\USERS\VIOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B64OYY79.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011.11.09 13:53:58 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.09.27 22:49:28 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.10.05 21:45:24 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.10.05 21:45:24 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.10.05 21:45:24 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.10.05 21:45:24 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
========== Chrome ==========
O1 HOSTS File: ([2011.12.21 17:24:50 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files (x86)\AutocompletePro\AutocompletePro.dll (SimplyGen)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O4:64bit: - HKLM..\Run: [MacroKeyManager] C:\Windows\SysNative\WTMKM.exe ()
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\viola\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
O16 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.246.64.8 62.220.18.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F37B7DCE-B643-4119-BDBD-08154AA81C6F}: DhcpNameServer = 89.246.64.8 62.220.18.8
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.12.21 18:35:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.12.21 18:35:10 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.12.21 18:34:33 | 003,562,624 | ---- | C] (Piriform Ltd) -- C:\Users\viola\Desktop\ccsetup314.exe
[2011.12.21 13:35:30 | 000,000,000 | ---D | C] -- C:\Users\viola\AppData\Roaming\Malwarebytes
[2011.12.21 13:35:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.12.21 13:35:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.12.21 13:35:24 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.12.21 13:35:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.12.21 13:34:47 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\viola\Desktop\mbam-setup-1.51.2.1300.exe
[2011.12.21 03:08:51 | 000,000,000 | ---D | C] -- C:\_OTL
[2011.12.21 03:06:49 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\viola\Desktop\OTL.exe
[2011.12.21 01:42:58 | 000,000,000 | ---D | C] -- C:\Users\viola\AppData\Roaming\Opera
[2011.12.15 21:07:08 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.12.15 21:07:08 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.12.15 21:07:06 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.12.15 21:07:06 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.12.15 21:07:06 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.12.15 21:07:06 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.12.15 21:07:05 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011.12.15 21:07:05 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011.12.15 21:07:05 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011.12.15 21:07:04 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.12.15 21:07:04 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.12.15 17:26:53 | 000,000,000 | ---D | C] -- C:\Users\viola\Desktop\Neuer Ordner
[2011.12.15 16:09:42 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2011.12.15 16:09:37 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011.12.15 16:09:36 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011.12.14 18:58:58 | 000,000,000 | ---D | C] -- C:\Users\viola\AppData\Local\DDMSettings
[2011.11.23 05:55:42 | 000,000,000 | ---D | C] -- C:\Users\viola\AppData\Roaming\NVIDIA
[2010.11.15 02:40:03 | 000,827,884 | ---- | C] ( ) -- C:\Windows\SysWow64\regw2.exe
[2009.10.12 12:24:23 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe
========== Files - Modified Within 30 Days ==========
[2011.12.21 18:50:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.12.21 18:50:30 | 2403,237,888 | -HS- | M] () -- C:\hiberfil.sys
[2011.12.21 18:35:57 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.21 18:35:57 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.21 17:24:50 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2011.12.21 16:23:16 | 003,562,624 | ---- | M] (Piriform Ltd) -- C:\Users\viola\Desktop\ccsetup314.exe
[2011.12.21 13:29:16 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\viola\Desktop\mbam-setup-1.51.2.1300.exe
[2011.12.21 03:23:13 | 000,000,020 | ---- | M] () -- C:\Users\viola\defogger_reenable
[2011.12.21 03:21:48 | 000,050,477 | ---- | M] () -- C:\Users\viola\Desktop\Defogger.exe
[2011.12.21 03:10:29 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.12.21 03:10:29 | 000,643,628 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.12.21 03:10:29 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.12.21 03:10:29 | 000,126,188 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.12.21 03:10:29 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.12.21 03:04:10 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\viola\Desktop\OTL.exe
[2011.12.19 14:17:25 | 000,006,086 | ---- | M] () -- C:\Users\viola\Documents\wichteln.rtf
[2011.12.18 09:49:13 | 000,002,018 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011.12.17 23:01:52 | 000,124,096 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (24).wma.sfk
[2011.12.17 23:01:52 | 000,104,832 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (10).wma.sfk
[2011.12.17 23:01:52 | 000,103,040 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (23).wma.sfk
[2011.12.17 23:01:52 | 000,080,448 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (8).wma.sfk
[2011.12.17 23:01:52 | 000,078,720 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (4).wma.sfk
[2011.12.17 23:01:52 | 000,062,720 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (3).wma.sfk
[2011.12.17 23:01:52 | 000,061,568 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (18).wma.sfk
[2011.12.17 23:01:52 | 000,060,928 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (20).wma.sfk
[2011.12.17 23:01:52 | 000,055,744 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (22).wma.sfk
[2011.12.17 23:01:52 | 000,050,496 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (13).wma.sfk
[2011.12.17 23:01:52 | 000,047,744 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (21).wma.sfk
[2011.12.17 23:01:52 | 000,042,048 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (11).wma.sfk
[2011.12.17 23:01:52 | 000,034,432 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (6).wma.sfk
[2011.12.17 23:01:52 | 000,032,256 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (16).wma.sfk
[2011.12.17 23:01:52 | 000,028,160 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (5).wma.sfk
[2011.12.17 23:01:52 | 000,027,664 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (15).wma.sfk
[2011.12.17 23:01:52 | 000,019,664 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (17).wma.sfk
[2011.12.17 23:01:52 | 000,012,352 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (19).wma.sfk
[2011.12.17 23:01:52 | 000,012,160 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (7).wma.sfk
[2011.12.17 23:01:52 | 000,011,664 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (9).wma.sfk
[2011.12.17 23:01:52 | 000,008,640 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (12).wma.sfk
[2011.12.17 23:01:52 | 000,008,192 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (14).wma.sfk
[2011.12.17 13:45:37 | 000,037,824 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (2).wma.sfk
[2011.12.17 13:45:15 | 000,054,720 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt.wma.sfk
[2011.12.17 13:42:34 | 001,096,043 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (24).wma
[2011.12.17 13:40:59 | 000,911,953 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (23).wma
[2011.12.17 13:39:40 | 000,498,873 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (22).wma
[2011.12.17 13:38:50 | 000,427,033 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (21).wma
[2011.12.17 13:38:10 | 000,539,283 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (20).wma
[2011.12.17 13:37:18 | 000,117,223 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (19).wma
[2011.12.17 13:37:01 | 000,548,263 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (18).wma
[2011.12.17 13:36:06 | 000,180,083 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (17).wma
[2011.12.17 13:35:33 | 000,287,843 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (16).wma
[2011.12.17 13:35:06 | 000,247,433 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (15).wma
[2011.12.17 13:34:18 | 000,076,813 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (14).wma
[2011.12.17 13:33:53 | 000,449,483 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (13).wma
[2011.12.17 13:33:12 | 000,081,303 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (12).wma
[2011.12.17 13:32:56 | 000,377,643 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (11).wma
[2011.12.17 13:32:21 | 000,925,423 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (10).wma
[2011.12.17 13:31:01 | 000,108,243 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (9).wma
[2011.12.17 13:30:42 | 000,714,393 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (8).wma
[2011.12.17 13:29:40 | 000,112,733 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (7).wma
[2011.12.17 13:29:22 | 000,310,293 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (6).wma
[2011.12.17 13:28:51 | 000,251,923 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (5).wma
[2011.12.17 13:28:25 | 000,696,433 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (4).wma
[2011.12.17 13:27:17 | 000,557,243 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (3).wma
[2011.12.17 13:26:22 | 000,337,233 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (2).wma
[2011.12.17 13:25:22 | 000,485,403 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt.wma
[2011.12.17 01:32:54 | 000,010,309 | ---- | M] () -- C:\Users\viola\Documents\zinnsoldat.rtf
[2011.12.16 10:16:43 | 000,368,512 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.12.07 20:56:08 | 000,134,824 | ---- | M] () -- C:\Users\viola\Desktop\Ch-running.jpg
[2011.12.05 16:30:33 | 000,066,565 | ---- | M] () -- C:\Users\viola\Desktop\schneefl2.jpg
[2011.12.05 16:30:18 | 000,075,496 | ---- | M] () -- C:\Users\viola\Desktop\schneefl.jpg
[2011.11.29 03:19:39 | 000,058,893 | ---- | M] () -- C:\Users\viola\Desktop\manga-haende-14.jpg
[2011.11.28 19:43:01 | 000,008,592 | ---- | M] () -- C:\Users\viola\Documents\weihnachten mit hindernissen.rtf
[2011.11.28 19:18:41 | 000,032,444 | ---- | M] () -- C:\Users\viola\Desktop\event.jpg
[2011.11.27 19:07:07 | 000,184,330 | ---- | M] () -- C:\Users\viola\Desktop\go.png
[2011.11.26 18:23:48 | 000,605,513 | ---- | M] () -- C:\Users\viola\Desktop\rekrutment.png
[2011.11.26 16:26:41 | 000,670,807 | ---- | M] () -- C:\Users\viola\Desktop\rearecruts.png
[2011.11.25 23:13:19 | 000,182,280 | ---- | M] () -- C:\Users\viola\Desktop\reabanner.png
[2011.11.24 23:40:03 | 000,002,340 | ---- | M] () -- C:\Users\viola\Desktop\weihnachtsgeschichte - Verknüpfung.lnk
========== Files Created - No Company Name ==========
[2011.12.21 03:23:12 | 000,000,020 | ---- | C] () -- C:\Users\viola\defogger_reenable
[2011.12.21 03:22:56 | 000,050,477 | ---- | C] () -- C:\Users\viola\Desktop\Defogger.exe
[2011.12.18 09:49:13 | 000,002,018 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011.12.17 13:47:38 | 000,124,096 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (24).wma.sfk
[2011.12.17 13:47:34 | 000,103,040 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (23).wma.sfk
[2011.12.17 13:47:31 | 000,055,744 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (22).wma.sfk
[2011.12.17 13:47:26 | 000,047,744 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (21).wma.sfk
[2011.12.17 13:47:19 | 000,060,928 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (20).wma.sfk
[2011.12.17 13:47:15 | 000,012,352 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (19).wma.sfk
[2011.12.17 13:47:11 | 000,061,568 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (18).wma.sfk
[2011.12.17 13:47:07 | 000,019,664 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (17).wma.sfk
[2011.12.17 13:47:02 | 000,032,256 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (16).wma.sfk
[2011.12.17 13:46:59 | 000,027,664 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (15).wma.sfk
[2011.12.17 13:46:55 | 000,008,192 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (14).wma.sfk
[2011.12.17 13:46:51 | 000,050,496 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (13).wma.sfk
[2011.12.17 13:46:46 | 000,008,640 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (12).wma.sfk
[2011.12.17 13:46:39 | 000,042,048 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (11).wma.sfk
[2011.12.17 13:46:34 | 000,104,832 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (10).wma.sfk
[2011.12.17 13:46:30 | 000,011,664 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (9).wma.sfk
[2011.12.17 13:46:27 | 000,080,448 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (8).wma.sfk
[2011.12.17 13:46:23 | 000,012,160 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (7).wma.sfk
[2011.12.17 13:46:20 | 000,034,432 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (6).wma.sfk
[2011.12.17 13:46:16 | 000,028,160 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (5).wma.sfk
[2011.12.17 13:46:12 | 000,078,720 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (4).wma.sfk
[2011.12.17 13:46:08 | 000,062,720 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (3).wma.sfk
[2011.12.17 13:45:21 | 000,037,824 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (2).wma.sfk
[2011.12.17 13:45:09 | 000,054,720 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt.wma.sfk
[2011.12.17 13:42:34 | 001,096,043 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (24).wma
[2011.12.17 13:40:59 | 000,911,953 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (23).wma
[2011.12.17 13:39:40 | 000,498,873 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (22).wma
[2011.12.17 13:38:50 | 000,427,033 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (21).wma
[2011.12.17 13:38:10 | 000,539,283 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (20).wma
[2011.12.17 13:37:18 | 000,117,223 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (19).wma
[2011.12.17 13:37:01 | 000,548,263 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (18).wma
[2011.12.17 13:36:06 | 000,180,083 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (17).wma
[2011.12.17 13:35:33 | 000,287,843 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (16).wma
[2011.12.17 13:35:06 | 000,247,433 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (15).wma
[2011.12.17 13:34:18 | 000,076,813 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (14).wma
[2011.12.17 13:33:53 | 000,449,483 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (13).wma
[2011.12.17 13:33:11 | 000,081,303 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (12).wma
[2011.12.17 13:32:56 | 000,377,643 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (11).wma
[2011.12.17 13:32:21 | 000,925,423 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (10).wma
[2011.12.17 13:31:01 | 000,108,243 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (9).wma
[2011.12.17 13:30:42 | 000,714,393 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (8).wma
[2011.12.17 13:29:40 | 000,112,733 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (7).wma
[2011.12.17 13:29:22 | 000,310,293 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (6).wma
[2011.12.17 13:28:51 | 000,251,923 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (5).wma
[2011.12.17 13:28:24 | 000,696,433 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (4).wma
[2011.12.17 13:27:17 | 000,557,243 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (3).wma
[2011.12.17 13:26:22 | 000,337,233 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (2).wma
[2011.12.17 13:25:22 | 000,485,403 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt.wma
[2011.12.17 01:32:54 | 000,010,309 | ---- | C] () -- C:\Users\viola\Documents\zinnsoldat.rtf
[2011.12.16 21:05:11 | 000,006,086 | ---- | C] () -- C:\Users\viola\Documents\wichteln.rtf
[2011.12.07 20:56:07 | 000,134,824 | ---- | C] () -- C:\Users\viola\Desktop\Ch-running.jpg
[2011.12.05 16:30:33 | 000,066,565 | ---- | C] () -- C:\Users\viola\Desktop\schneefl2.jpg
[2011.12.05 16:30:18 | 000,075,496 | ---- | C] () -- C:\Users\viola\Desktop\schneefl.jpg
[2011.11.29 03:19:37 | 000,058,893 | ---- | C] () -- C:\Users\viola\Desktop\manga-haende-14.jpg
[2011.11.28 19:43:01 | 000,008,592 | ---- | C] () -- C:\Users\viola\Documents\weihnachten mit hindernissen.rtf
[2011.11.28 19:18:41 | 000,032,444 | ---- | C] () -- C:\Users\viola\Desktop\event.jpg
[2011.11.27 19:07:06 | 000,184,330 | ---- | C] () -- C:\Users\viola\Desktop\go.png
[2011.11.26 18:23:48 | 000,605,513 | ---- | C] () -- C:\Users\viola\Desktop\rekrutment.png
[2011.11.26 16:26:40 | 000,670,807 | ---- | C] () -- C:\Users\viola\Desktop\rearecruts.png
[2011.11.25 23:13:19 | 000,182,280 | ---- | C] () -- C:\Users\viola\Desktop\reabanner.png
[2011.11.22 00:52:20 | 000,002,340 | ---- | C] () -- C:\Users\viola\Desktop\weihnachtsgeschichte - Verknüpfung.lnk
[2011.10.15 00:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011.07.25 19:14:31 | 000,159,881 | ---- | C] () -- C:\Windows\ScanWiz Uninstaller.exe
[2011.07.24 10:50:24 | 000,151,552 | ---- | C] () -- C:\Windows\UnUSBDrv.exe
[2011.03.05 05:30:46 | 000,000,038 | -HS- | C] () -- C:\Windows\camcodec100.ini
[2011.03.05 05:30:46 | 000,000,028 | -HS- | C] () -- C:\Windows\lagarith.ini
[2011.03.05 05:30:05 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2011.01.03 17:19:24 | 000,065,536 | ---- | C] () -- C:\Windows\IFinst27.exe
[2010.12.04 18:42:41 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2010.11.07 11:55:25 | 000,009,728 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll
[2010.08.25 18:43:39 | 000,003,202 | ---- | C] () -- C:\Windows\SysWow64\CONFIG.INI
[2010.08.25 13:25:58 | 000,000,114 | ---- | C] () -- C:\Windows\wininit.ini
[2010.08.23 18:58:09 | 000,000,008 | ---- | C] () -- C:\Users\viola\AppData\Roaming\DofusAppId0_1
[2010.08.23 18:33:50 | 000,000,173 | ---- | C] () -- C:\Users\viola\AppData\Roaming\D2Info0
[2010.08.23 18:33:50 | 000,000,008 | ---- | C] () -- C:\Users\viola\AppData\Roaming\DofusAppId0_2
[2010.07.23 23:06:56 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\HCWxds.dll
[2010.07.23 19:29:29 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\dmcrypto.dll
[2010.07.23 16:27:52 | 000,030,327 | ---- | C] () -- C:\Windows\Irremote.ini
[2010.07.23 16:27:37 | 000,000,507 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.07.23 16:27:37 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2010.07.23 16:27:28 | 000,142,337 | ---- | C] () -- C:\Windows\SysWow64\Wait.exe
[2009.10.12 12:11:41 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.06.10 15:33:44 | 000,127,648 | ---- | C] () -- C:\Windows\RmTablet.exe
========== LOP Check ==========
[2010.08.06 14:45:36 | 000,000,000 | -HSD | M] -- C:\Users\viola\AppData\Roaming\.#
[2010.08.23 18:58:13 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\app
[2011.03.04 17:47:19 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\Audio Record Edit Toolbox
[2011.03.04 17:42:40 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\Audio Recorder for Free 2010
[2010.11.19 08:12:55 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\BitTorrent
[2010.07.21 16:55:59 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\DAEMON Tools Lite
[2010.08.23 19:23:41 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\Dofus 2
[2010.08.23 18:33:50 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2010.08.23 18:58:09 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2011.11.28 20:08:19 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\FileZilla
[2010.08.06 14:45:12 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\GameConsole
[2011.11.12 11:25:46 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\kock
[2011.09.20 17:20:23 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\LolClient
[2011.04.07 10:13:14 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\NCH Swift Sound
[2011.11.08 11:31:28 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\OpenOffice.org
[2011.12.21 01:42:58 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\Opera
[2011.03.12 02:12:40 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\PlayFirst
[2010.07.21 13:29:04 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\PowerCinema
[2011.02.11 22:03:03 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\PriceGong
[2010.11.07 11:56:17 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\Publish Providers
[2010.08.23 18:58:13 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2011.07.25 19:12:38 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\Scan2PDF
[2010.07.21 13:29:15 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\SoftDMA
[2011.02.24 20:55:29 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\Sony
[2010.11.15 02:50:41 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\Sony Creative Software Inc
[2010.07.23 22:48:39 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\TeamViewer
[2011.11.23 12:16:45 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\TS3Client
[2011.06.30 11:10:16 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\TuneUp Software
[2011.11.12 11:25:47 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\xmldm
[2011.11.14 14:40:31 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:5D7E5A8F
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:05EE1EEF
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:ABE89FFE
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:E3C56885
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:0B9176C0
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:4CF61E54
@Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:888AFB86
< End of report >
Extra: Code:
OTL Extras logfile created on: 21.12.2011 18:51:47 - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\viola\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,98 Gb Total Physical Memory | 2,01 Gb Available Physical Memory | 67,36% Memory free
5,97 Gb Paging File | 5,01 Gb Available in Paging File | 83,96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 458,45 Gb Total Space | 190,76 Gb Free Space | 41,61% Space Free | Partition Type: NTFS
Drive D: | 458,96 Gb Total Space | 343,57 Gb Free Space | 74,86% Space Free | Partition Type: NTFS
Computer Name: VIOLA-PC | User Name: viola | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1F9241E8-87C1-FB9C-5D76-3FF7D0318A87}" = ATI Catalyst Install Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{66A4349A-AA55-43E5-A781-62867A701A90}" = MacroKey Manager
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.2.24.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CCleaner" = CCleaner
"LSI Soft Modem" = LSI PCI-SV92PP Soft Modem
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E9C6F05-A8E5-482F-B7D5-78943BCC6073}" = Ragnarok
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 3.4
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool Help
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{30075A70-B5D2-440B-AFA3-FB2021740121}" = Backup Manager Advance
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{40AE01BE-A290-4FFB-8DAB-C624C17DC87E}" = Vegas Movie Studio HD Platinum 10.0
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress
"{5D4C60AA-84E6-4E1A-8A68-69970D387BE1}" = TuneUp Utilities Language Pack (de-DE)
"{625386A4-B6B6-4911-A6E8-23189C3F2D15}" = Microsoft .NET Compact Framework 2.0 SP1
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7148F0A8-6813-11D6-A77B-00B0D0142000}" = Java 2 Runtime Environment, SE v1.4.2
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{83202942-84b3-4c50-8622-b8c0aa2d2885}" = Nero Express Help
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1" = Acer GameZone Console
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2007
"{90120000-0017-0407-0000-0000000FF1CE}_OMUI.de-de_{0B9EAEAC-F271-45DC-BDCB-06ABEEF19825}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.de-de_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_OMUI.de-de_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0407-1000-0000000FF1CE}_OMUI.de-de_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_OMUI.de-de_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2007
"{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007
"{90120000-0101-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90170407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.4.7 MUI
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1" = v2011.build.46
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed Help
"{ccb6b889-f9d9-45fd-8a78-2a4f2e599441}" = Nero 9 Essentials
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed Help
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"{FEEA1915-314F-4406-8BCF-B11412BE936F}" = RagnarokOnline
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AhnLab Online Security" = AhnLab Online Security
"Akamai" = Akamai NetSession Interface Service
"AutocompletePro3_is1" = AutocompletePro
"avast" = avast! Free Antivirus
"Bishoujo Senshi Sailor Moon_is1" = Bishoujo Senshi Sailor Moon
"DivX Setup" = DivX-Setup
"FileZilla Client" = FileZilla Client 3.5.1
"Final Fantasy VII" = Final Fantasy VII
"Fraps" = Fraps (remove only)
"Grand Fantasia" = Grand Fantasia
"Hotkey Utility" = Hotkey Utility
"Identity Card" = Identity Card
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}" = Acer Backup Manager
"InstallShield_{66A4349A-AA55-43E5-A781-62867A701A90}" = MacroKey Manager
"MacroX" = MacroX 3.1
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.2.1300
"Mozilla Firefox 8.0 (x86 de)" = Mozilla Firefox 8.0 (x86 de)
"Neffy" = Neffy 1,3,29,0
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OMUI.de-de" = Microsoft Office Language Pack 2007 - German/Deutsch
"Scan2PDF_is1" = Scan2PDF 1.6
"ScanWiz" = ScanWiz
"Super C_is1" = Super C
"Switch" = Switch Audiodatei-Konverter
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"VLC media player" = VLC media player 1.1.11
"VueScan" = VueScan
"WavePad" = WavePad Audiobearbeitungs-Software
"WinLiveSuite_Wave3" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"SOE-DC Universe Online Live" = DC Universe Online Live
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 02.12.2011 00:32:02 | Computer Name = viola-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 02.12.2011 00:32:02 | Computer Name = viola-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksCal.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 02.12.2011 00:32:02 | Computer Name = viola-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 02.12.2011 00:32:02 | Computer Name = viola-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 03.12.2011 02:56:13 | Computer Name = viola-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: soffice.bin, Version: 3.3.9556.500,
Zeitstempel: 0x4d061efd Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17514,
Zeitstempel: 0x4ce7ba58 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0007377a ID des fehlerhaften
Prozesses: 0xab0 Startzeit der fehlerhaften Anwendung: 0x01ccb1889f29f44c Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: e34d4903-1d7b-11e1-bd2f-90fba64b2e81
Error - 03.12.2011 04:07:58 | Computer Name = viola-PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error - 03.12.2011 04:08:23 | Computer Name = viola-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 03.12.2011 04:08:23 | Computer Name = viola-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksCal.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 03.12.2011 04:08:24 | Computer Name = viola-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 03.12.2011 04:08:24 | Computer Name = viola-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
[ Media Center Events ]
Error - 28.07.2010 08:15:31 | Computer Name = viola-PC | Source = MCUpdate | ID = 0
Description = 14:15:26 - Fehler beim Herstellen der Internetverbindung. 14:15:26
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 21.12.2011 11:23:26 | Computer Name = viola-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "TuneUpUtilitiesDrv" wurde aufgrund folgenden Fehlers nicht
gestartet: %%2
Error - 21.12.2011 11:42:58 | Computer Name = viola-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "NVIDIA Stereoscopic 3D Driver Service" wurde unerwartet beendet.
Dies ist bereits 1 Mal passiert.
Error - 21.12.2011 13:28:34 | Computer Name = viola-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Conexant's BtPCI WDM Video Capture (AMD64)" wurde aufgrund
folgenden Fehlers nicht gestartet: %%577
Error - 21.12.2011 13:28:34 | Computer Name = viola-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "FLEXnet Licensing Manager for Adobe Products" wurde aufgrund
folgenden Fehlers nicht gestartet: %%2
Error - 21.12.2011 13:28:46 | Computer Name = viola-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "TuneUpUtilitiesDrv" wurde aufgrund folgenden Fehlers nicht
gestartet: %%2
Error - 21.12.2011 13:39:15 | Computer Name = viola-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 21.12.2011 13:50:39 | Computer Name = viola-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?21.?12.?2011 um 18:49:30 unerwartet heruntergefahren.
Error - 21.12.2011 13:50:48 | Computer Name = viola-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Conexant's BtPCI WDM Video Capture (AMD64)" wurde aufgrund
folgenden Fehlers nicht gestartet: %%577
Error - 21.12.2011 13:50:48 | Computer Name = viola-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "FLEXnet Licensing Manager for Adobe Products" wurde aufgrund
folgenden Fehlers nicht gestartet: %%2
Error - 21.12.2011 13:50:57 | Computer Name = viola-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "TuneUpUtilitiesDrv" wurde aufgrund folgenden Fehlers nicht
gestartet: %%2
< End of report >
Hab alles gemacht wie beschrieben.
Das Problem besteht weiterhin! |
