Also hier der OTL file:OTL Logfile: Code:
OTL logfile created on: 10.02.2012 12:20:07 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Vani\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,18 Gb Available Physical Memory | 72,85% Memory free
6,00 Gb Paging File | 5,22 Gb Available in Paging File | 87,07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 424,66 Gb Total Space | 349,75 Gb Free Space | 82,36% Space Free | Partition Type: NTFS
Drive D: | 40,00 Gb Total Space | 29,00 Gb Free Space | 72,50% Space Free | Partition Type: NTFS
Computer Name: VANI-PC | User Name: Vani | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.02.10 12:19:07 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Vani\Desktop\OTL.exe
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 13:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\iexplore.exe
========== Modules (No Company Name) ==========
========== Win32 Services (SafeList) ==========
SRV - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.10.28 14:36:53 | 001,506,824 | ---- | M] (G Data Software AG) [Auto | Stopped] -- C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe -- (AVKProxy)
SRV - [2011.10.28 14:36:11 | 000,457,536 | ---- | M] (G Data Software AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\G Data\GDScan\GDScan.exe -- (GDScan)
SRV - [2011.10.28 02:40:14 | 001,554,184 | ---- | M] (G Data Software AG) [Auto | Stopped] -- C:\Program Files\G Data\AntiVirus\AVK\AVKWCtl.exe -- (AVKWCtl)
SRV - [2011.08.17 15:00:02 | 000,464,392 | ---- | M] (G Data Software AG) [Auto | Stopped] -- C:\Program Files\G Data\AntiVirus\AVK\AVKService.exe -- (AVKService)
SRV - [2010.09.06 18:56:38 | 000,247,096 | ---- | M] () [Auto | Stopped] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.10 05:04:30 | 000,176,128 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009.06.04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2007.07.24 10:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Stopped] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007.06.05 12:20:32 | 000,177,704 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing)
========== Driver Services (SafeList) ==========
DRV - [2012.02.10 02:08:35 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2012.02.09 20:48:33 | 000,030,416 | ---- | M] (G Data Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\GRD.sys -- (GRD)
DRV - [2012.02.09 20:41:40 | 000,041,336 | ---- | M] (G Data Software AG) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\HookCentre.sys -- (HookCentre)
DRV - [2012.02.09 20:41:14 | 000,079,992 | ---- | M] (G Data Software AG) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\MiniIcpt.sys -- (GDMnIcpt)
DRV - [2012.02.09 20:41:14 | 000,054,648 | ---- | M] (G Data Software AG) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\gdwfpcd32.sys -- (gdwfpcd)
DRV - [2012.02.09 20:41:14 | 000,040,440 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\GDBehave.sys -- (GDBehave)
DRV - [2012.02.09 20:22:59 | 000,049,016 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PktIcpt.sys -- (GDPkIcpt)
DRV - [2012.02.09 20:22:18 | 000,029,560 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GdNetMon32.sys -- (GdNetMon)
DRV - [2011.12.10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010.11.20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2009.07.14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009.07.14 00:45:20 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\acpials.sys -- (acpials)
DRV - [2009.07.10 18:56:40 | 000,842,752 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)
DRV - [2009.07.10 05:40:02 | 004,994,048 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009.06.24 11:23:12 | 000,159,776 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2009.06.24 09:59:10 | 000,167,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009.01.20 13:49:26 | 000,142,848 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Medion | MSN [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{380AE6CB-09B9-4373-B360-D01C2462A6E7}: C:\program files\bullguard ltd\bullguard\backup\thunderbirdbkplugin
FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{0E810812-F4BB-4309-942A-755587587A5E}: C:\program files\bullguard ltd\bullguard\antispam\tbspamfilter
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Programme\G Data\AntiVirus\WebFilter\AvkWebIE.dll (G Data Software AG)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (G Data BankGuard) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Programme\Common Files\G Data\AVKProxy\BanksafeBHO.dll (G Data Software AG)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Programme\G Data\AntiVirus\WebFilter\AvkWebIE.dll (G Data Software AG)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DivX Download Manager] "C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe" start File not found
O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Programme\G Data\AntiVirus\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MDS_Menu] C:\Program Files\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PDVD9LanguageShortcut] C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SweetIM] C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePPShortCut] C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [YouCam Mirror Tray icon] C:\Program Files\CyberLink\YouCam\YouCamTray.exe (CyberLink Corp.)
O4 - HKCU..\Run: [{1882D708-DBAB-11DE-9562-806E6F6E6963}] C:\Users\Vani\AppData\Roaming\Microsoft\torrent.exe ()
O4 - HKCU..\Run: [{D3E4FAB1-DF3F-80EF-C969-8B2142E9861E}] C:\Users\Vani\AppData\Roaming\Umpy\yqih.exe File not found
O4 - HKCU..\Run: [msnmsgr] ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background File not found
O4 - HKCU..\Run: [UniblueRegistryBooster] "C:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000 File not found
O4 - HKCU..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103472 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SIMBAR={89A031C8-6601-4731-AFFA-79BEF36A9081}; BTRS26718; GTB6.6; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; MAMD; .NET4.0C)" -"hxxp://www8.agame.com/mirror/flash/p/PanicattheZoo/panic_at_the_zoo_jetztspielen_de/panic_at_the_zoo_jetztspielen_de.htm" File not found
O4 - HKLM..\RunOnceEx: [] File not found
O4 - Startup: C:\Users\Vani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Free YouTube Download - C:\Users\Vani\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Vani\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay - eine der größten deutschen Shopping-Websites File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay - eine der größten deutschen Shopping-Websites File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab (GMNRev Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B27F5A82-E361-473C-B907-B90AFCE1FAA0}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C3D93F2A-2CD4-4D7C-8FE0-81618EE73728}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{41c1ce28-dbfb-11de-93a2-0025d31e461a}\Shell - "" = AutoRun
O33 - MountPoints2\{41c1ce28-dbfb-11de-93a2-0025d31e461a}\Shell\AutoRun\command - "" = F:\Launch.exe
O33 - MountPoints2\{60f34944-2063-11df-a264-002421f70273}\Shell - "" = AutoRun
O33 - MountPoints2\{60f34944-2063-11df-a264-002421f70273}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\{6d3125fd-dac8-11df-8a05-002421f70273}\Shell - "" = AutoRun
O33 - MountPoints2\{6d3125fd-dac8-11df-8a05-002421f70273}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 11.0.3
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 11.0.3
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
CREATERESTOREPOINT
Error creating restore point.
========== Files/Folders - Created Within 30 Days ==========
[2012.02.10 12:19:03 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Vani\Desktop\OTL.exe
[2012.02.10 02:08:17 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012.02.10 02:08:17 | 000,000,000 | ---D | C] -- C:\Users\Vani\AppData\Roaming\Malwarebytes
[2012.02.10 02:08:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.02.10 02:08:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.02.10 02:08:06 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.02.10 02:08:06 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.02.10 02:06:18 | 009,502,424 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Vani\Desktop\mbam-setup-1.60.1.1000.exe
[2012.02.10 01:44:53 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Vani\Desktop\dds.scr
[2012.02.10 01:44:24 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Vani\Desktop\dds.com
[2012.02.10 00:04:28 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.02.09 20:48:33 | 000,030,416 | ---- | C] (G Data Software) -- C:\Windows\System32\drivers\GRD.sys
[2012.02.09 20:22:59 | 000,049,016 | ---- | C] (G Data Software AG) -- C:\Windows\System32\drivers\PktIcpt.sys
[2012.02.09 20:22:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data AntiVirus 2012
[2012.02.09 20:22:19 | 000,079,992 | ---- | C] (G Data Software AG) -- C:\Windows\System32\drivers\MiniIcpt.sys
[2012.02.09 20:22:19 | 000,041,336 | ---- | C] (G Data Software AG) -- C:\Windows\System32\drivers\HookCentre.sys
[2012.02.09 20:22:19 | 000,040,440 | ---- | C] (G Data Software AG) -- C:\Windows\System32\drivers\GDBehave.sys
[2012.02.09 20:22:18 | 000,054,648 | ---- | C] (G Data Software AG) -- C:\Windows\System32\drivers\gdwfpcd32.sys
[2012.02.09 20:22:18 | 000,029,560 | ---- | C] (G Data Software AG) -- C:\Windows\System32\drivers\GdNetMon32.sys
[2012.02.09 20:21:56 | 000,000,000 | ---D | C] -- C:\ProgramData\G DATA
[2012.02.09 20:21:56 | 000,000,000 | ---D | C] -- C:\Program Files\G Data
[2012.02.09 20:21:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\G Data
[2012.01.31 12:50:54 | 000,000,000 | ---D | C] -- C:\Users\Vani\Desktop\Die chemische Reaktion
[1 C:\Users\Vani\Documents\*.tmp files -> C:\Users\Vani\Documents\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.02.10 12:19:07 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Vani\Desktop\OTL.exe
[2012.02.10 12:16:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.10 12:16:04 | 2415,255,552 | -HS- | M] () -- C:\hiberfil.sys
[2012.02.10 12:14:09 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.02.10 10:55:22 | 000,014,208 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.10 10:55:22 | 000,014,208 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.10 02:08:35 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012.02.10 02:08:08 | 000,001,077 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.02.10 02:06:23 | 009,502,424 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Vani\Desktop\mbam-setup-1.60.1.1000.exe
[2012.02.10 02:05:02 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.02.10 02:02:14 | 000,654,166 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.02.10 02:02:14 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.02.10 02:02:14 | 000,130,006 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.02.10 02:02:14 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.02.10 01:44:55 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Vani\Desktop\dds.scr
[2012.02.10 01:44:26 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Vani\Desktop\dds.com
[2012.02.10 01:31:31 | 000,050,477 | ---- | M] () -- C:\Users\Vani\Desktop\Defogger.exe
[2012.02.10 01:29:44 | 000,000,000 | ---- | M] () -- C:\Users\Vani\defogger_reenable
[2012.02.09 20:48:33 | 000,030,416 | ---- | M] (G Data Software) -- C:\Windows\System32\drivers\GRD.sys
[2012.02.09 20:41:40 | 000,041,336 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\HookCentre.sys
[2012.02.09 20:41:14 | 000,079,992 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\MiniIcpt.sys
[2012.02.09 20:41:14 | 000,054,648 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\gdwfpcd32.sys
[2012.02.09 20:41:14 | 000,040,440 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\GDBehave.sys
[2012.02.09 20:22:59 | 000,049,016 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\PktIcpt.sys
[2012.02.09 20:22:18 | 000,029,560 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\GdNetMon32.sys
[2012.02.09 20:22:14 | 000,002,061 | ---- | M] () -- C:\Users\Public\Desktop\G Data AntiVirus.lnk
[2012.02.08 19:38:30 | 000,060,362 | ---- | M] () -- C:\Users\Vani\Desktop\studbesch_9C9D03D9D5B2D21743A0846B1CD2D007.cit-prod-tomcat1[2].pdf
[2012.01.30 13:31:58 | 000,926,856 | ---- | M] () -- C:\Users\Vani\Desktop\Komplexchemie.pdf
[2012.01.23 22:35:00 | 020,195,022 | ---- | M] () -- C:\Users\Vani\Desktop\Fragen92-07-600version2[5].pdf
[1 C:\Users\Vani\Documents\*.tmp files -> C:\Users\Vani\Documents\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.02.10 02:08:08 | 000,001,077 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.02.10 01:31:28 | 000,050,477 | ---- | C] () -- C:\Users\Vani\Desktop\Defogger.exe
[2012.02.10 01:29:44 | 000,000,000 | ---- | C] () -- C:\Users\Vani\defogger_reenable
[2012.02.09 20:22:13 | 000,002,061 | ---- | C] () -- C:\Users\Public\Desktop\G Data AntiVirus.lnk
[2012.02.08 19:38:30 | 000,060,362 | ---- | C] () -- C:\Users\Vani\Desktop\studbesch_9C9D03D9D5B2D21743A0846B1CD2D007.cit-prod-tomcat1[2].pdf
[2012.01.30 13:31:58 | 000,926,856 | ---- | C] () -- C:\Users\Vani\Desktop\Komplexchemie.pdf
[2012.01.23 22:35:00 | 020,195,022 | ---- | C] () -- C:\Users\Vani\Desktop\Fragen92-07-600version2[5].pdf
[2011.01.20 18:32:34 | 000,000,000 | ---- | C] () -- C:\Users\Vani\AppData\Roaming\wklnhst.dat
[2010.12.18 17:26:59 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2010.10.20 17:27:34 | 000,005,894 | ---- | C] () -- C:\Windows\System32\comBS17j.dll
[2010.03.06 15:02:43 | 000,116,224 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2010.03.06 15:02:43 | 000,045,056 | ---- | C] () -- C:\Windows\System32\unredmon.exe
[2010.02.07 20:00:26 | 000,008,192 | ---- | C] () -- C:\Users\Vani\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.11.30 12:50:31 | 000,001,890 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2009.08.22 12:24:05 | 000,036,864 | ---- | C] () -- C:\Windows\System32\Hooks.dll
[2009.08.22 11:21:23 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
[2009.08.22 11:19:06 | 000,008,252 | ---- | C] () -- C:\Windows\System32\drivers\RTConvEQ.dat
[2009.08.22 11:19:06 | 000,000,056 | ---- | C] () -- C:\Windows\System32\drivers\RtHdatEx.dat
[2009.08.22 11:08:58 | 000,294,912 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2009.08.22 11:08:58 | 000,197,654 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2009.08.22 11:08:58 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2009.08.22 10:55:54 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.07.14 09:47:43 | 000,654,166 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2009.07.14 09:47:43 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2009.07.14 09:47:43 | 000,130,006 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2009.07.14 09:47:43 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2009.07.14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 05:33:53 | 000,363,816 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 03:05:48 | 000,616,008 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 03:05:48 | 000,106,388 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2008.06.04 06:53:14 | 000,026,624 | ---- | C] () -- C:\Windows\System32\sst3cl3.dll
[2007.06.05 12:20:32 | 000,177,704 | ---- | C] () -- C:\Windows\System32\PSIService.exe
========== LOP Check ==========
[2010.11.09 15:27:37 | 000,000,000 | ---D | M] -- C:\Users\Vani\AppData\Roaming\Advanced Chemistry Development
[2011.10.27 13:40:07 | 000,000,000 | ---D | M] -- C:\Users\Vani\AppData\Roaming\Alawar
[2011.10.28 18:05:46 | 000,000,000 | ---D | M] -- C:\Users\Vani\AppData\Roaming\Artogon
[2010.10.20 17:27:48 | 000,000,000 | ---D | M] -- C:\Users\Vani\AppData\Roaming\beSoft
[2011.10.26 18:37:21 | 000,000,000 | ---D | M] -- C:\Users\Vani\AppData\Roaming\Boolat Games
[2011.10.30 17:28:16 | 000,000,000 | ---D | M] -- C:\Users\Vani\AppData\Roaming\Boomzap
[2010.04.24 10:18:31 | 000,000,000 | ---D | M] -- C:\Users\Vani\AppData\Roaming\BullGuard
[2011.10.25 18:39:05 | 000,000,000 | ---D | M] -- C:\Users\Vani\AppData\Roaming\Crown
[2011.05.25 11:53:42 | 000,000,000 | ---D | M] -- C:\Users\Vani\AppData\Roaming\DVDVideoSoft
[2011.05.24 16:54:49 | 000,000,000 | ---D | M] -- C:\Users\Vani\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.10.25 17:09:38 | 000,000,000 | ---D | M] -- C:\Users\Vani\AppData\Roaming\Elephant Games
[2011.10.31 19:40:17 | 000,000,000 | ---D | M] -- C:\Users\Vani\AppData\Roaming\Enki Games
[2011.10.28 15:30:02 | 000,000,000 | ---D | M] -- C:\Users\Vani\AppData\Roaming\ERS Game Studios
[2010.07.21 11:27:36 | 000,000,000 | ---D | M] -- C:\Users\Vani\AppData\Roaming\Fyuz
[2009.11.29 17:07:49 | 000,000,000 | ---D | M] -- C:\Users\Vani\AppData\Roaming\Hansenet
[2011.12.17 14:50:31 | 000,000,000 | ---D | M] -- C:\Users\Vani\AppData\Roaming\ICQ
[2011.03.04 15:27:37 | 000,000,000 | ---D | M] -- C:\Users\Vani\AppData\Roaming\IrfanView
[2010.01.06 13:49:53 | 000,000,000 | ---D | M] -- C:\Users\Vani\AppData\Roaming\IsolatedStorage
[2010.12.29 10:29:29 | 000,000,000 | ---D | M] -- C:\Users\Vani\AppData\Roaming\Local
[2011.10.26 19:39:44 | 000,000,000 | ---D | M] -- C:\Users\Vani\AppData\Roaming\MumboJumbo
[2011.10.26 17:25:51 | 000,000,000 | ---D | M] -- C:\Users\Vani\AppData\Roaming\Orneon
[2011.10.21 14:00:34 | 000,000,000 | ---D | M] -- C:\Users\Vani\AppData\Roaming\PeaceCraft3
[2011.07.27 20:39:34 | 000,000,000 | ---D | M] -- C:\Users\Vani\AppData\Roaming\Playfirst
[2011.11.02 16:22:39 | 000,000,000 | ---D | M] -- C:\Users\Vani\AppData\Roaming\ShaoLin
[2011.11.04 01:36:36 | 000,000,000 | ---D | M] -- C:\Users\Vani\AppData\Roaming\Skunk Studios
[2010.01.06 13:48:05 | 000,000,000 | ---D | M] -- C:\Users\Vani\AppData\Roaming\Symyx
[2012.01.27 20:03:56 | 000,000,000 | ---D | M] -- C:\Users\Vani\AppData\Roaming\temp
[2011.01.20 18:32:36 | 000,000,000 | ---D | M] -- C:\Users\Vani\AppData\Roaming\Template
[2011.11.06 14:41:48 | 000,000,000 | ---D | M] -- C:\Users\Vani\AppData\Roaming\Ten Heavens
[2010.07.21 18:45:19 | 000,000,000 | ---D | M] -- C:\Users\Vani\AppData\Roaming\Umpy
[2010.12.18 16:09:28 | 000,000,000 | ---D | M] -- C:\Users\Vani\AppData\Roaming\Uniblue
[2009.11.30 12:57:08 | 000,000,000 | ---D | M] -- C:\Users\Vani\AppData\Roaming\Windows Live Writer
[2012.01.27 08:51:39 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2009.11.28 00:24:25 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2011.11.08 17:43:40 | 000,000,000 | ---D | M] -- C:\BigFishGamesCache
[2012.02.10 01:06:18 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2009.07.14 05:53:55 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2009.11.28 00:24:06 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2010.01.04 09:48:50 | 000,000,000 | ---D | M] -- C:\DVDVideoSoft
[2009.08.22 11:10:11 | 000,000,000 | ---D | M] -- C:\Intel
[2010.11.30 19:59:13 | 000,000,000 | ---D | M] -- C:\lj1000hb
[2010.11.30 20:12:46 | 000,000,000 | ---D | M] -- C:\lj1488
[2009.08.22 12:13:29 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2009.07.14 03:37:05 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.02.10 02:08:06 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.02.10 02:08:07 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2009.11.28 00:24:06 | 000,000,000 | -HSD | M] -- C:\Programme
[2009.11.28 00:24:06 | 000,000,000 | -HSD | M] -- C:\Recovery
[2012.02.10 00:03:44 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2009.11.28 00:24:15 | 000,000,000 | R--D | M] -- C:\Users
[2012.02.10 10:30:11 | 000,000,000 | ---D | M] -- C:\Windows
[2011.07.27 20:38:49 | 000,000,000 | ---D | M] -- C:\Zylom Games
< %PROGRAMFILES%\*.exe >
< %LOCALAPPDATA%\*.exe >
< %systemroot%\*. /mp /s >
< MD5 for: AGP440.SYS >
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
< MD5 for: EVENTLOG.DLL >
[2007.05.17 20:34:04 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\CyberLink\PowerDirector\EventLog.dll
< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
< MD5 for: IASTOR.SYS >
[2009.06.04 18:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2009.06.04 18:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2009.06.04 17:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Windows\System32\drivers\iaStor.sys
[2009.06.04 18:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_x86_neutral_4f144d6467fc7c22\iaStor.sys
< MD5 for: IASTORV.SYS >
[2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 06:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011.03.11 06:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011.03.11 06:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 06:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011.03.11 06:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011.03.11 06:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010.11.20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
< MD5 for: USER32.DLL >
[2009.07.14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
[2010.11.20 13:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll
[2010.11.20 13:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2012.01.13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2009.07.14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %USERPROFILE%\*.* >
[2012.02.10 01:29:44 | 000,000,000 | ---- | M] () -- C:\Users\Vani\defogger_reenable
[2012.02.10 12:44:49 | 004,718,592 | -HS- | M] () -- C:\Users\Vani\ntuser.dat
[2012.02.10 12:44:49 | 000,262,144 | -HS- | M] () -- C:\Users\Vani\ntuser.dat.LOG1
[2009.11.28 00:24:15 | 000,000,000 | -HS- | M] () -- C:\Users\Vani\ntuser.dat.LOG2
[2010.01.17 19:15:13 | 000,065,536 | -HS- | M] () -- C:\Users\Vani\ntuser.dat{57e14516-0389-11df-939c-0025d31e461a}.TM.blf
[2010.01.17 19:15:13 | 000,524,288 | -HS- | M] () -- C:\Users\Vani\ntuser.dat{57e14516-0389-11df-939c-0025d31e461a}.TMContainer00000000000000000001.regtrans-ms
[2010.01.17 19:15:13 | 000,524,288 | -HS- | M] () -- C:\Users\Vani\ntuser.dat{57e14516-0389-11df-939c-0025d31e461a}.TMContainer00000000000000000002.regtrans-ms
[2009.11.28 00:30:14 | 000,065,536 | -HS- | M] () -- C:\Users\Vani\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2009.11.28 00:30:14 | 000,524,288 | -HS- | M] () -- C:\Users\Vani\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2009.11.28 00:30:14 | 000,524,288 | -HS- | M] () -- C:\Users\Vani\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2009.11.28 00:24:15 | 000,000,020 | -HS- | M] () -- C:\Users\Vani\ntuser.ini
[2011.11.08 11:16:09 | 000,087,552 | -HS- | M] () -- C:\Users\Vani\Thumbs.db
< %USERPROFILE%\Local Settings\Temp\*.exe >
< %USERPROFILE%\Local Settings\Temp\*.dll >
< %USERPROFILE%\Application Data\*.exe >
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
< >
========== Alternate Data Streams ==========
@Alternate Data Stream - 148 bytes -> C:\ProgramData\Temp:40EE25BB
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:5E73E1C2
@Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:491270B8
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:F3591DDB
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:8BE7A048
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:902C848D
@Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:6A0A47E7
@Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:512E1728
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:E6E9EB6C
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:C370B84F
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:C0A9B815
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:B1786630
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:8204AA35
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:927EC486
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:26499772
@Alternate Data Stream - 111 bytes -> C:\ProgramData\Temp:124B94C0
< End of report >
--- --- ---
und der Extra file:OTL Logfile: Code:
OTL Extras logfile created on: 10.02.2012 12:20:07 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Vani\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,18 Gb Available Physical Memory | 72,85% Memory free
6,00 Gb Paging File | 5,22 Gb Available in Paging File | 87,07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 424,66 Gb Total Space | 349,75 Gb Free Space | 82,36% Space Free | Partition Type: NTFS
Drive D: | 40,00 Gb Total Space | 29,00 Gb Free Space | 72,50% Space Free | Partition Type: NTFS
Computer Name: VANI-PC | User Name: Vani | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MIF5BA~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{36C95AD3-D330-4BAA-884A-9F3EFD15A5EA}" = Corel Home Office
"_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}" = CorelDRAW Essentials 4
"_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}" = CorelDRAW Essentials 4 - Windows Shell Extension
"_{E1A63F75-1F72-4450-980D-434496FFC646}" = Corel Painter Essentials 4
"{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}" = Notifier
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{03EDED24-8375-407D-A721-4643D9768BE1}" = kgchlwn
"{073F22CE-9A5B-4A40-A604-C7270AC6BF34}" = ESSSONIC
"{07B62101-7EBD-434A-94B1-B38063BE5516}" = CorelDRAW Essentials 4 - PHOTO-PAINT
"{08CACE47-BB47-E962-9349-6CE3D2550D52}" = CCC Help Korean
"{0ED4216F-3540-4D6B-8199-1C8DDEA3924B}" = CorelDRAW Essentials 4 - Lang DE
"{105DE0A4-72E2-79C7-2658-E334426FBBE9}" = CCC Help Turkish
"{11F3F858-4131-4FFA-A560-3FE282933B6E}" = kgchday
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{17A049A3-8C15-996D-1EFA-CE046A2A1324}" = ATI Catalyst Install Manager
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19AC095C-3520-4999-AA15-93B6D0248A50}" = CorelDRAW Essentials 4 - Content
"{1A34A209-B981-20B0-382A-0B6BF72C817D}" = Catalyst Control Center Core Implementation
"{1AD8819A-70E8-4380-92DA-F5B2421DAE35}" = G Data AntiVirus 2012
"{1CF94969-3555-E4F0-4749-A4E196E985FC}" = Catalyst Control Center Graphics Light
"{1E299D2F-A7BA-457A-BECF-35AC55E4BD74}" = SweetIM Toolbar for Internet Explorer 3.6
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{215A0B99-29AC-F1A7-E685-D539497AA15C}" = CCC Help Czech
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{21BB9CD7-E59B-4339-AE34-62701C8B1B05}" = My Kingdom for the Princess 3
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 23
"{2A974FDA-1976-28C3-27DF-8D7E10344115}" = Catalyst Control Center InstallProxy
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{34A9406E-1994-4C20-AC72-04CFA2B24545}" = CorelDRAW Essentials 4 - Lang EN
"{3576C335-958D-4D60-A812-F68F9A2796AF}" = CorelDRAW Essentials 4 - Lang IT
"{36C95AD3-D330-4BAA-884A-9F3EFD15A5EA}" = Corel Home Office
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{39FE455F-9478-451B-9420-73C15143DF8E}" = Corel Home Office - IPM
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E1BD2A0-9339-EEF6-1E2C-4A139FB7C747}" = CCC Help Portuguese
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{43AD6C1E-1B84-8626-F388-189F1415D5A1}" = Catalyst Control Center Graphics Full New
"{4737AD9F-13AA-4E4C-B86F-B631D557F6A7}" = e-Wörterbücher
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4CCDD743-6E61-50AB-24E6-D4265346E58C}" = ccc-core-static
"{4E5386F5-C0F6-4532-A54A-374865AEAB71}" = Cisco PEAP Module
"{5017D60D-C0A5-4CC8-8D2F-0BDA1ADF39D0}" = Corel Home Office - Templates1
"{5500BB35-1C21-4328-9F16-F894B860FADE}" = CorelDRAW Essentials 4 - Lang NL
"{56AB063D-1450-4BDE-9F0D-E9C693429C51}" = netbrdg
"{5F8156EC-EAF9-6A93-7311-C37D864A596C}" = CCC Help Chinese Standard
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{65D85050-5610-4A91-A3B1-D5C744291AD4}" = PCDADDIN
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{67B5E01A-FA00-67BB-CC8B-79996F2C9BA1}" = CCC Help German
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{693C08A7-9E76-43FF-B11E-9A58175474C4}" = kgckids
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{729F06E7-D815-7E1A-1E93-5CA0AC65B6DF}" = CCC Help French
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{7655E113-C306-11D9-A373-0050BAE317E1}" = MCE Software Encoder 1.1
"{76E852ED-1B06-4BC8-9D6A-625DB95FB7E5}" = CorelDRAW Essentials 4 - IPM - No VBA
"{76F9CF97-FC4B-4E20-B363-D127C888448F}" = Cisco LEAP Module
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7FD00BAD-12DA-36AA-BF83-C2DA28E2AEB3}" = CCC Help Russian
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116638253}" = Chocolatier Decadence By Design
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A07FCF4-936B-5BF2-50AD-25FA7EE0CB63}" = CCC Help Polish
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A8664E1-84C8-4936-891C-BC1F07797549}" = kgcvday
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{8EA39227-11CD-D01C-DA4B-D89866A3EC28}" = CCC Help Hungarian
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9043B9A0-9505-405B-8202-E7167A38A89C}" = CorelDRAW Essentials 4
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9114B133-BA03-4088-9F36-6514F916965E}" = Catalyst Control Center Graphics Full Existing
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{91624474-6146-87CB-FBC7-3CABEF10F27F}" = Catalyst Control Center Localization All
"{9441C4E3-726F-B31C-172D-EEAFE3723DE7}" = CCC Help Chinese Traditional
"{948EE09F-E66A-3DBD-FCE1-1494CDF4C113}" = Catalyst Control Center Graphics Previews Vista
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95ABBA24-2265-CBE9-A085-1704FF18AE67}" = CCC Help Italian
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9BD54685-1496-46A5-AB62-357CD140ED8B}" = kgcinvt
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3D8C60-A55F-4fed-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}" = ESScore
"{A1588373-1D86-4D44-86C9-78ABD190F9CC}" = kgcmove
"{A3B9DE4D-560B-52D9-2AC8-E74FE5C73A10}" = CCC Help Spanish
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB770FDE-8087-4C98-9A85-BD64262C104C}" = Medion Home Cinema
"{ABD8B955-1C69-4AF3-949B-13CD587C175F}" = CorelDRAW Essentials 4 - Lang BR
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AE9F7747-0350-4E02-B115-6A2C92F5FA54}" = Corel Home Office
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}" = KSU
"{B9FA9F15-A1F3-4DB1-AD49-0B9351843FAA}" = CorelDRAW Essentials 4 - Draw
"{BA9319FE-BCEF-4C99-8039-F464648D046E}" = CorelDRAW Essentials 4 - Lang FR
"{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}" = Microsoft SQL Server 2005 Compact Edition [DEU]
"{BECEF2E4-0B0B-461A-AE80-CC569F028303}" = Symyx Draw
"{BF53252E-4AB2-4C7F-A0FD-6100755745E3}" = Cisco EAP-FAST Module
"{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}" = CorelDRAW Essentials 4 - ICA
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C682F3F0-00A6-4379-B083-4F3273624D7B}" = CorelDRAW Essentials 4 - Lang ES
"{C99DCDA4-7407-4F72-A77E-C81C551D0C4E}" = PCDHELP
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}" = CorelDRAW Essentials 4 - Windows Shell Extension
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare Software
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DBF4442B-5D23-B14D-713C-A7AE9263A231}" = CCC Help English
"{E18B549C-5D15-45DA-8D8F-8FD2BD946344}" = kgcbaby
"{E1A63F75-1F72-4450-980D-434496FFC646}" = Corel Painter Essentials 4
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"{E74EA3B1-7192-489D-9A57-0AE918FEC001}" = Corel Home Office - Launcher
"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips
"{EFAA3561-9309-393A-129C-3D5B44C3E70A}" = ccc-utility
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F16841F6-5F0F-4DBE-B318-63CEB916F21D}" = CorelDRAW Essentials 4 - Filters
"{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F81415D2-CEC9-4F96-9ABA-B2CC5382A930}" = SweetIM for Messenger 3.0
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FDF9943A-3D5C-46B3-9679-586BD237DDEE}" = SKIN0001
"4e2a1202b450619d4c88c2362a76dd0c" = Chocolatier 2 - Secret Ingredients
"ACDLabs in C__Program_Files_ACDFREE12_" = ACD/Labs Software in C:\Program Files\ACDFREE12\
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Alice Software" = Alice Software 4.10.0
"Angebote ALDI SÜD" = Angebote ALDI SÜD Bildschirmschoner
"b3c5316f7a3129b27be795edf66f0f55" = Chocolatier(R) - Decadence by Design(TM)
"BFGC" = Big Fish Games: Game Manager
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1
"Free Video Dub_is1" = Free Video Dub version 1.8.11.426
"Free Video to Flash Converter_is1" = Free Video to Flash Converter version 4.7.24.426
"Free YouTube Download_is1" = Free YouTube Download version 2.10.35.426
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.32
"FUSSBALL MANAGER 09" = FUSSBALL MANAGER 09
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ICQToolbar" = ICQ Toolbar
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{AB770FDE-8087-4C98-9A85-BD64262C104C}" = Medion Home Cinema
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Uninstall_is1" = Uninstall 1.0.0.1
"Zylom Games Player Plugin" = Zylom Games Player Plugin
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 07.12.2010 08:30:17 | Computer Name = Vani-PC | Source = RasClient | ID = 20227
Description =
Error - 07.12.2010 12:19:29 | Computer Name = Vani-PC | Source = RasClient | ID = 20227
Description =
Error - 07.12.2010 12:19:33 | Computer Name = Vani-PC | Source = RasClient | ID = 20227
Description =
Error - 07.12.2010 15:17:36 | Computer Name = Vani-PC | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\microsoft\search
enhancement pack\search helper\sepsearchhelperie.dll". Fehler in Manifest- oder
Richtliniendatei "c:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll"
in Zeile 2. Ungültige XML-Syntax.
Error - 11.12.2010 10:28:42 | Computer Name = Vani-PC | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\microsoft\search
enhancement pack\search helper\sepsearchhelperie.dll". Fehler in Manifest- oder
Richtliniendatei "c:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll"
in Zeile 2. Ungültige XML-Syntax.
Error - 17.12.2010 15:02:27 | Computer Name = Vani-PC | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\microsoft\search
enhancement pack\search helper\sepsearchhelperie.dll". Fehler in Manifest- oder
Richtliniendatei "c:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll"
in Zeile 2. Ungültige XML-Syntax.
Error - 19.12.2010 07:59:16 | Computer Name = Vani-PC | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\microsoft\search
enhancement pack\search helper\sepsearchhelperie.dll". Fehler in Manifest- oder
Richtliniendatei "c:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll"
in Zeile 2. Ungültige XML-Syntax.
Error - 21.12.2010 07:36:11 | Computer Name = Vani-PC | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\microsoft\search
enhancement pack\search helper\sepsearchhelperie.dll". Fehler in Manifest- oder
Richtliniendatei "c:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll"
in Zeile 2. Ungültige XML-Syntax.
Error - 28.12.2010 08:30:54 | Computer Name = Vani-PC | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\microsoft\search
enhancement pack\search helper\sepsearchhelperie.dll". Fehler in Manifest- oder
Richtliniendatei "c:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll"
in Zeile 2. Ungültige XML-Syntax.
Error - 28.12.2010 18:14:30 | Computer Name = Vani-PC | Source = Application Hang | ID = 1002
Description = Programm WINWORD.EXE, Version 12.0.6545.5000 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 558 Startzeit: 01cba684619fe539 Endzeit: 0 Anwendungspfad: C:\Program
Files\Microsoft Office\Office12\WINWORD.EXE Berichts-ID:
[ OSession Events ]
Error - 07.01.2010 12:37:07 | Computer Name = Vani-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 9847 seconds with 3900 seconds of active time. This session ended with a
crash.
Error - 14.01.2010 06:31:52 | Computer Name = Vani-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 5575 seconds with 780 seconds of active time. This session ended with a
crash.
Error - 22.01.2010 11:09:45 | Computer Name = Vani-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 12455 seconds with 6420 seconds of active time. This session ended with
a crash.
Error - 10.03.2010 06:23:20 | Computer Name = Vani-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 3114 seconds with 2460 seconds of active time. This session ended with a
crash.
Error - 09.04.2010 16:16:14 | Computer Name = Vani-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7849
seconds with 5520 seconds of active time. This session ended with a crash.
Error - 13.05.2010 09:53:36 | Computer Name = Vani-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6524.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 482
seconds with 60 seconds of active time. This session ended with a crash.
Error - 09.07.2010 14:49:00 | Computer Name = Vani-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 37246
seconds with 25440 seconds of active time. This session ended with a crash.
Error - 05.11.2010 14:55:50 | Computer Name = Vani-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5657
seconds with 4680 seconds of active time. This session ended with a crash.
Error - 21.11.2011 05:49:40 | Computer Name = Vani-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1389
seconds with 900 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 10.02.2012 07:39:48 | Computer Name = Vani-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 10.02.2012 07:40:28 | Computer Name = Vani-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 10.02.2012 07:40:28 | Computer Name = Vani-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 10.02.2012 07:40:28 | Computer Name = Vani-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 10.02.2012 07:44:46 | Computer Name = Vani-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 10.02.2012 07:44:46 | Computer Name = Vani-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 10.02.2012 07:44:46 | Computer Name = Vani-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 10.02.2012 07:45:28 | Computer Name = Vani-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 10.02.2012 07:45:28 | Computer Name = Vani-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 10.02.2012 07:45:28 | Computer Name = Vani-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
< End of report >
--- --- --- |
