Hi Markus,
danke für Deine schnelle Antwort.
Hier meine Daten: OTL.txt:OTL Logfile: Code:
OTL logfile created on: 8/17/2012 4:29:57 PM - Run 1
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\RayVanTekk\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.18 Gb Total Physical Memory | 1.55 Gb Available Physical Memory | 48.76% Memory free
6.35 Gb Paging File | 4.25 Gb Available in Paging File | 66.88% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 565.07 Gb Total Space | 127.96 Gb Free Space | 22.65% Space Free | Partition Type: NTFS
Drive D: | 30.00 Gb Total Space | 9.61 Gb Free Space | 32.05% Space Free | Partition Type: NTFS
Computer Name: RAYVANTEKK-PC | User Name: RayVanTekk | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/08/17 16:26:12 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\RayVanTekk\Desktop\OTL.exe
PRC - [2012/07/18 18:04:42 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012/07/18 18:04:33 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2012/07/18 18:04:23 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/07/18 18:04:22 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/06/24 05:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/07/27 07:05:14 | 001,620,584 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2010/06/21 21:53:44 | 000,436,264 | ---- | M] (Wistron Corp.) -- C:\Program Files\Launch Manager\WButton.exe
PRC - [2010/06/02 15:42:18 | 001,481,320 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
PRC - [2010/05/10 20:28:50 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010/05/10 20:28:50 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010/04/27 09:09:52 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010/04/03 01:27:32 | 001,234,216 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe
PRC - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2010/03/04 04:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2009/12/14 19:25:00 | 000,200,704 | ---- | M] (Wistron) -- C:\Program Files\Launch Manager\HotkeyApp.exe
PRC - [2009/12/11 23:18:16 | 000,348,960 | ---- | M] (Wistron Corp.) -- C:\Program Files\Launch Manager\OSD.exe
PRC - [2009/11/07 11:46:52 | 000,020,480 | ---- | M] (X10) -- C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
PRC - [2009/11/02 22:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009/10/23 01:05:40 | 000,118,560 | ---- | M] (Wistron Corp.) -- C:\Program Files\Launch Manager\WisLMSvc.exe
PRC - [2009/06/26 15:25:24 | 000,356,352 | ---- | M] () -- C:\Program Files\ScanWizard 5\ScannerFinder.exe
========== Modules (No Company Name) ==========
MOD - [2011/11/01 23:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/01 23:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/07/26 15:27:00 | 000,010,856 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
MOD - [2010/06/29 10:31:12 | 000,652,800 | ---- | M] () -- C:\PROGRA~1\IZArc\IZArcCM.dll
MOD - [2009/11/02 22:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009/11/02 22:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2009/07/22 17:22:20 | 000,249,856 | ---- | M] () -- C:\Program Files\ScanWizard 5\SFRes.dll
MOD - [2009/06/26 15:25:24 | 000,356,352 | ---- | M] () -- C:\Program Files\ScanWizard 5\ScannerFinder.exe
========== Win32 Services (SafeList) ==========
SRV - [2012/08/16 17:21:52 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/18 18:04:33 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/07/18 18:04:23 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/09/01 15:51:28 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper)
SRV - [2010/07/27 07:05:14 | 001,620,584 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2010/05/10 20:28:50 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/05/10 20:28:50 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010/03/04 04:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/11/07 11:46:52 | 000,020,480 | ---- | M] (X10) [Auto | Running] -- C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- (x10nets)
SRV - [2009/10/23 01:05:40 | 000,118,560 | ---- | M] (Wistron Corp.) [On_Demand | Running] -- C:\Program Files\Launch Manager\WisLMSvc.exe -- (WisLMSvc)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | Auto | Stopped] -- C:\Windows\system32\Drivers\DgiVecp.sys -- (DgiVecp)
DRV - [2012/07/18 18:04:42 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/07/18 18:04:42 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012/07/18 18:04:42 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/11/20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/07/26 15:27:00 | 010,325,768 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/07/26 15:27:00 | 000,019,656 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvpciflt.sys -- (nvpciflt)
DRV - [2010/06/21 08:14:36 | 000,246,272 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud)
DRV - [2010/06/17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/06/14 09:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/05/24 14:46:34 | 000,193,056 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2010/05/10 20:28:49 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI)
DRV - [2010/04/27 08:28:46 | 000,146,568 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV - [2010/04/27 08:27:50 | 000,064,904 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub)
DRV - [2010/04/27 03:25:16 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2010/04/27 03:25:16 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus)
DRV - [2010/04/27 03:25:16 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV - [2010/04/01 10:13:38 | 001,009,184 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)
DRV - [2010/03/04 16:53:08 | 000,067,624 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2010/02/26 22:01:22 | 000,132,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Impcd.sys -- (Impcd)
DRV - [2010/01/26 11:49:46 | 000,385,544 | ---- | M] (Paragon) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\Uim_IM.sys -- (Uim_IM)
DRV - [2010/01/26 11:49:44 | 000,034,392 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\UimBus.sys -- (UimBus)
DRV - [2009/08/13 07:39:40 | 000,786,400 | ---- | M] (DiBcom SA) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mod7700.sys -- (mod7700)
DRV - [2009/05/13 20:47:30 | 000,027,160 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\x10ufx2.sys -- (XUIF)
DRV - [2009/05/13 20:26:26 | 000,013,720 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10hid.sys -- (X10Hid)
DRV - [2009/02/20 18:09:16 | 000,044,032 | ---- | M] (Siemens Home and Office Communication Devices GmbH & Co. KG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GigasetGenericUSB.sys -- (GigasetGenericUSB)
DRV - [2007/08/13 03:48:45 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files\Winload\prxtbWinl.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\XXX RayVanTekk XXX
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://medion.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.aldi.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo.com/config/login?.src=fpctx&.intl=de&.done=http%3A%2F%2Fde.yahoo.com%2F&.pd=c%3D6T7evjap2e6CwWSb86QVdqk-
IE - HKCU\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files\Winload\prxtbWinl.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.de/search?hl=de&rlz=1I7GGHP_de&q={searchTerms}&btnG=Suche&aq=f&aqi=g10&aql=&oq=
IE - HKCU\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
IE - HKCU\..\SearchScopes\{FE2AFE99-C4F5-40B5-A18A-C0C2CC644058}: "URL" = hxxp://www.google.de/search?q={searchTerms}&rlz=
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+(R),version=1.6.2.91: C:\Program Files\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\RayVanTekk\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2011/04/26 18:38:38 | 000,000,000 | ---D | M]
========== Chrome ==========
O1 HOSTS File: ([2012/03/15 17:30:28 | 000,000,917 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files\Winload\prxtbWinl.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files\Winload\prxtbWinl.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe (Wistron)
O4 - HKLM..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe" File not found
O4 - HKLM..\Run: [LMgrVolOSD] C:\Program Files\Launch Manager\OSD.exe (Wistron Corp.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Wbutton] C:\Program Files\Launch Manager\Wbutton.exe (Wistron Corp.)
O4 - HKCU..\Run: [UpgradeHelper] C:\Users\RayVanTekk\AppData\Roaming\Media Player Classic\{74CA4F2B-5085-4DDA-BE89-B727D4A0AE23}\UpgradeHelper.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {3CA45906-EF10-4E4E-9BE4-B444D220FCB0} hxxp://ua.foto.com/ImageUploader6.cab (Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{91734A2F-C336-4BE9-8362-AA7479B0E354}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\nvinit.dll) - C:\Windows\System32\nvinit.dll (NVIDIA Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKCU Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {B7DP0lwl-gyOj-zQe1-T8DI-cr3qllv4OfBp} -
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012/08/17 16:26:12 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\RayVanTekk\Desktop\OTL.exe
[2012/08/17 14:50:29 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{B61978DA-08B7-4E99-A150-89B25BE99DE5}
[2012/08/17 14:50:17 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{66A27FC8-BD06-4711-8903-9A53CE8C55F1}
[2012/08/16 16:58:57 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{91B553F7-A397-4A6E-AD7D-2CE548651452}
[2012/08/16 16:58:44 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{CB21BE91-1E0B-4E61-A42E-6F4963F34EA6}
[2012/08/15 06:40:06 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{6C117BFD-68CA-4321-B9B4-D070C581398C}
[2012/08/15 06:39:52 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{E9209878-CA67-41D4-A4D6-38A871665A8C}
[2012/08/14 18:07:38 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Roaming\Avira
[2012/08/14 18:06:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012/08/14 18:05:56 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2012/08/14 18:05:55 | 000,137,928 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2012/08/14 18:05:55 | 000,083,392 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2012/08/14 18:05:55 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[2012/08/14 18:05:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012/08/14 18:05:51 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2012/08/14 16:13:42 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{4E78015C-A1A0-46D3-8424-566898912F9F}
[2012/08/14 16:13:30 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{5532B7CC-DFDE-49E9-B240-5DCD29F8ED8A}
[2012/08/14 15:50:15 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{E22998CD-B8EA-4279-88C5-6057E63764BD}
[2012/08/13 18:20:23 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{A7E91F33-6F9D-46E9-BE5A-1544B215FC90}
[2012/08/13 18:20:10 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{6834FF5F-7EC9-4D69-BF60-79E907BB067C}
[2012/08/11 12:58:19 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Roaming\Help
[2012/08/11 12:54:13 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Roaming\TeamViewer
[2012/08/11 12:54:13 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Roaming\Media Player Classic
[2012/08/11 10:09:45 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{3E111757-7C2E-4E5A-A91E-47C1CFC9378D}
[2012/08/11 10:09:32 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{B1BC962B-A960-4983-BE95-35ED9B79D562}
[2012/08/10 18:26:10 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{BA736320-830D-4F49-AACB-916D29A910DE}
[2012/08/10 18:25:57 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{8E21BA9D-EC30-4D8A-A7D7-C55367970968}
[2012/08/10 06:25:28 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{CBD71243-6295-4246-B51F-78A461D398A7}
[2012/08/10 06:25:16 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{D6199E82-AF82-4E49-9D19-0FEC6330D08B}
[2012/08/09 17:02:32 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{253106CF-9EAB-412A-A789-5C1C4A09F5E4}
[2012/08/09 17:02:21 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{7D7ED268-C35B-4215-ACCA-1B423B0F66DB}
[2012/08/08 13:16:57 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{380315E4-B79F-42B1-81CC-713C6BB8E9E5}
[2012/08/08 13:16:42 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{8E0BFF51-45A7-423E-A68F-0F2AFFB39916}
[2012/08/07 17:03:29 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{A257AF3A-BDCA-47E4-A85D-A371C300DAA6}
[2012/08/07 17:03:17 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{A901FA9C-3B2C-47CE-87F9-8B7C9A739521}
[2012/08/06 11:41:21 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{9FD62764-D0ED-41E3-A2CB-90EA7ED4C5DD}
[2012/08/06 11:41:08 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{517FF98D-6840-48EC-B58E-84ACD269A452}
[2012/08/03 16:07:43 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{09E91ED6-4B73-4870-8ECB-08E3FA97D422}
[2012/08/03 16:07:30 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{71C37A0B-96D9-4F5F-B760-50426F267CBE}
[2012/08/02 19:57:53 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{40E91BB5-A570-4E55-8865-8566E5217487}
[2012/08/02 19:57:41 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{B03EB83D-E22E-4BE7-BAA7-50E51213E24F}
[2012/08/02 06:25:05 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{CAB9F045-0FDD-4F06-8C3D-A2C0783317A0}
[2012/08/02 06:24:53 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{FF15FDC4-D0E9-4135-AF8B-B22F393DFFA0}
[2012/08/01 16:24:41 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{2697E8D8-B744-4620-8C07-8AECF443837C}
[2012/08/01 16:24:26 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{F8D005D7-C758-45F7-B1FE-0F8EF279CB08}
[2012/07/30 18:02:08 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{E200372F-8064-485B-8C71-5B67B111083E}
[2012/07/30 18:01:55 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{E6E57BC2-5013-43C0-82D3-7611F47DC50E}
[2012/07/29 17:18:54 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{59FCA466-6312-4115-AF0B-FFA491AF75A2}
[2012/07/29 17:18:42 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{14E2281B-0595-428D-B949-1D64E67DEC81}
[2012/07/28 13:07:59 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{F267587B-3008-49CB-BFB5-B8A6F63B4E3F}
[2012/07/28 13:07:47 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{A74D6C1E-9364-4CD9-9777-041D46E93747}
[2012/07/27 16:12:55 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{3D37FAE1-1162-4D50-8E86-33842DAEB928}
[2012/07/27 16:12:43 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{266E2BAF-40FF-4430-9A58-0DDD11A6206C}
[2012/07/26 15:26:07 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{ABF0A2AA-2FD5-4EAD-BD5E-908A6FB1DC15}
[2012/07/26 15:25:55 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{3A8DA619-77B9-440E-BEFD-306D51E51890}
[2012/07/25 17:51:30 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{BB2C99B4-0DFF-4595-B10C-298C1CD961FD}
[2012/07/25 17:51:18 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{E2E62682-F71E-4AE5-BFE5-0D4386DBE233}
[2012/07/24 10:28:49 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{6E82C6C5-BC10-4248-819A-35F92356430D}
[2012/07/24 10:28:35 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{8E702604-E04B-4F64-AE38-2509857805E8}
[2012/07/23 07:51:45 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{4CCAB141-44AF-4011-B4EC-3A16FA214F12}
[2012/07/23 07:51:33 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{B64CBA58-C2AA-49FE-BA96-C8669D0423EA}
[2012/07/22 16:21:17 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{6EBCCDE9-3723-4027-BFC6-287D3D2A9CF8}
[2012/07/22 16:21:00 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{928168D4-86DF-44DC-AD8A-637FDA11C0D0}
[2012/07/20 09:18:56 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{D1D48E29-4FFE-48AE-A4B9-77C914DC892D}
[2012/07/20 09:18:42 | 000,000,000 | ---D | C] -- C:\Users\RayVanTekk\AppData\Local\{0CE9587A-FCDD-40A5-9E4D-A24EBF96750B}
[2010/11/10 20:15:29 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\RayVanTekk\AppData\Roaming\pcouffin.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\RayVanTekk\AppData\Roaming\*.tmp files -> C:\Users\RayVanTekk\AppData\Roaming\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/08/17 16:34:53 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/17 16:34:53 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/17 16:28:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/17 16:26:12 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\RayVanTekk\Desktop\OTL.exe
[2012/08/17 16:21:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/17 14:54:48 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/17 14:54:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/17 14:53:59 | 2558,595,072 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/17 14:48:08 | 003,813,592 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/08/16 19:27:04 | 000,000,034 | ---- | M] () -- C:\Windows\cdplayer.ini
[2012/08/16 17:33:41 | 000,657,938 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012/08/16 17:33:41 | 000,619,184 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/08/16 17:33:41 | 000,131,296 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012/08/16 17:33:41 | 000,107,504 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/08/15 15:02:35 | 000,077,763 | ---- | M] () -- C:\Windows\FontData.fdb
[2012/08/09 22:44:27 | 105,944,494 | ---- | M] () -- C:\00_Rays_PARTY_Mix 3.mp3
[2012/07/18 18:04:42 | 000,137,928 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2012/07/18 18:04:42 | 000,083,392 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2012/07/18 18:04:42 | 000,036,000 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\RayVanTekk\AppData\Roaming\*.tmp files -> C:\Users\RayVanTekk\AppData\Roaming\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/08/11 13:12:38 | 105,944,494 | ---- | C] () -- C:\00_Rays_PARTY_Mix 3.mp3
[2012/04/13 11:09:23 | 000,000,016 | ---- | C] () -- C:\Users\RayVanTekk\AppData\Roaming\blckdom.res
[2011/08/09 13:07:49 | 000,000,132 | ---- | C] () -- C:\Users\RayVanTekk\AppData\Roaming\Adobe IllExport Filter CS5 Prefs
[2011/06/10 15:04:13 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2011/06/10 15:04:13 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2011/06/03 12:31:05 | 000,004,096 | -H-- | C] () -- C:\Users\RayVanTekk\AppData\Local\keyfile3.drm
[2011/04/08 16:20:33 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011/03/21 18:12:36 | 000,000,035 | ---- | C] () -- C:\Windows\Ulead32.INI
[2011/03/21 18:08:16 | 000,285,216 | ---- | C] () -- C:\Windows\System32\drivers\Onsio.sys
[2011/03/21 18:08:16 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\Onsreged.sys
[2011/02/11 19:10:50 | 000,874,048 | ---- | C] () -- C:\Windows\System32\igkrng575.bin
[2011/02/11 18:40:40 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2010/12/27 16:57:19 | 000,005,632 | ---- | C] () -- C:\Users\RayVanTekk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/18 19:20:28 | 000,195,360 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2010/11/10 20:15:29 | 000,087,608 | ---- | C] () -- C:\Users\RayVanTekk\AppData\Roaming\inst.exe
[2010/11/10 20:15:29 | 000,007,887 | ---- | C] () -- C:\Users\RayVanTekk\AppData\Roaming\pcouffin.cat
[2010/11/10 20:15:29 | 000,001,144 | ---- | C] () -- C:\Users\RayVanTekk\AppData\Roaming\pcouffin.inf
[2010/11/03 19:51:13 | 000,000,034 | ---- | C] () -- C:\Windows\cdplayer.ini
[2010/11/02 22:07:08 | 000,479,232 | ---- | C] () -- C:\Windows\ssndii.exe
[2010/10/31 17:09:12 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010/10/31 16:58:08 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/10/31 16:47:32 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
========== LOP Check ==========
[2011/09/20 13:20:23 | 000,000,000 | ---D | M] -- C:\Users\RayVanTekk\AppData\Roaming\Audacity
[2010/11/04 17:38:28 | 000,000,000 | ---D | M] -- C:\Users\RayVanTekk\AppData\Roaming\Auslogics
[2011/07/15 16:36:10 | 000,000,000 | ---D | M] -- C:\Users\RayVanTekk\AppData\Roaming\FreeAudioPack
[2012/04/13 11:09:15 | 000,000,000 | ---D | M] -- C:\Users\RayVanTekk\AppData\Roaming\kock
[2011/08/15 11:38:46 | 000,000,000 | ---D | M] -- C:\Users\RayVanTekk\AppData\Roaming\Publish Providers
[2011/12/28 21:21:33 | 000,000,000 | ---D | M] -- C:\Users\RayVanTekk\AppData\Roaming\redsn0w
[2011/06/10 15:46:57 | 000,000,000 | ---D | M] -- C:\Users\RayVanTekk\AppData\Roaming\Samsung
[2011/09/20 13:24:27 | 000,000,000 | ---D | M] -- C:\Users\RayVanTekk\AppData\Roaming\Software4u
[2010/11/09 19:07:13 | 000,000,000 | ---D | M] -- C:\Users\RayVanTekk\AppData\Roaming\Sony
[2012/06/05 19:59:27 | 000,000,000 | ---D | M] -- C:\Users\RayVanTekk\AppData\Roaming\Sony Creative Software
[2011/08/11 19:40:53 | 000,000,000 | ---D | M] -- C:\Users\RayVanTekk\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012/08/15 14:37:02 | 000,000,000 | ---D | M] -- C:\Users\RayVanTekk\AppData\Roaming\TeamViewer
[2012/04/13 11:09:16 | 000,000,000 | ---D | M] -- C:\Users\RayVanTekk\AppData\Roaming\UAs
[2011/11/07 19:26:49 | 000,000,000 | ---D | M] -- C:\Users\RayVanTekk\AppData\Roaming\Vso
[2011/02/10 17:41:23 | 000,000,000 | ---D | M] -- C:\Users\RayVanTekk\AppData\Roaming\Wi-Fi Sync
[2012/04/01 14:36:04 | 000,000,000 | ---D | M] -- C:\Users\RayVanTekk\AppData\Roaming\WinAVI
[2011/08/17 15:46:21 | 000,000,000 | ---D | M] -- C:\Users\RayVanTekk\AppData\Roaming\Xilisoft
[2012/04/13 11:09:24 | 000,000,000 | ---D | M] -- C:\Users\RayVanTekk\AppData\Roaming\xmldm
[2012/07/24 10:27:10 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2010/12/21 10:48:42 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2010/11/04 17:38:48 | 000,000,000 | ---D | M] -- C:\archive_db
[2012/08/17 14:45:31 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2010/10/31 14:43:26 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2010/08/09 05:44:54 | 000,000,000 | ---D | M] -- C:\Intel
[2012/04/13 14:41:49 | 000,000,000 | ---D | M] -- C:\Kaspersky Rescue Disk 10.0
[2010/10/31 16:54:19 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2012/08/14 18:05:51 | 000,000,000 | R--D | M] -- C:\Program Files
[2012/08/14 18:05:51 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2010/10/31 14:43:27 | 000,000,000 | -HSD | M] -- C:\Recovery
[2012/08/17 16:33:46 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2010/10/31 14:51:28 | 000,000,000 | R--D | M] -- C:\Users
[2012/08/15 15:02:35 | 000,000,000 | ---D | M] -- C:\Windows
[2012/08/17 16:29:15 | 000,000,000 | ---D | M] -- C:\XXX RayVanTekk XXX
< %PROGRAMFILES%\*.exe >
< %LOCALAPPDATA%\*.exe >
< %systemroot%\*. /mp /s >
< MD5 for: AGP440.SYS >
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
< MD5 for: EVENTLOG.DLL >
[2008/06/06 22:03:52 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\CyberLink\PowerDirector\EventLog.dll
< MD5 for: EXPLORER.EXE >
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009/08/03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
< MD5 for: IASTOR.SYS >
[2010/03/04 03:33:26 | 000,435,736 | ---- | M] (Intel Corporation) MD5=26541A068572F650A2FA490726FE81BE -- C:\Windows\System32\drivers\iaStor.sys
[2010/03/04 03:33:26 | 000,435,736 | ---- | M] (Intel Corporation) MD5=26541A068572F650A2FA490726FE81BE -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_x86_neutral_e8a55be84650e755\iaStor.sys
< MD5 for: IASTORV.SYS >
[2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011/03/11 06:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011/03/11 06:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010/11/20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010/11/20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011/03/11 06:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011/03/11 06:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011/03/11 06:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011/03/11 06:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010/11/20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
< MD5 for: USER32.DLL >
[2009/07/14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
[2010/11/20 13:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll
[2010/11/20 13:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
< MD5 for: USERINIT.EXE >
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2009/07/14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009/07/14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[2011/04/25 22:05:27 | 000,353,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll
[2011/04/25 22:05:27 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll
[2009/07/14 02:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\LocationApi.dll
< %USERPROFILE%\*.* >
[2012/08/17 16:35:21 | 003,407,872 | -HS- | M] () -- C:\Users\RayVanTekk\ntuser.dat
[2012/08/17 16:35:21 | 000,262,144 | -HS- | M] () -- C:\Users\RayVanTekk\ntuser.dat.LOG1
[2010/10/31 14:51:30 | 000,000,000 | -HS- | M] () -- C:\Users\RayVanTekk\ntuser.dat.LOG2
[2010/11/02 22:15:23 | 000,065,536 | -HS- | M] () -- C:\Users\RayVanTekk\ntuser.dat{1b0eb4ec-e6c3-11df-b1aa-74f06d0b72dc}.TM.blf
[2010/11/02 22:15:23 | 000,524,288 | -HS- | M] () -- C:\Users\RayVanTekk\ntuser.dat{1b0eb4ec-e6c3-11df-b1aa-74f06d0b72dc}.TMContainer00000000000000000001.regtrans-ms
[2010/11/02 22:15:23 | 000,524,288 | -HS- | M] () -- C:\Users\RayVanTekk\ntuser.dat{1b0eb4ec-e6c3-11df-b1aa-74f06d0b72dc}.TMContainer00000000000000000002.regtrans-ms
[2010/10/31 15:01:18 | 000,065,536 | -HS- | M] () -- C:\Users\RayVanTekk\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010/10/31 15:01:18 | 000,524,288 | -HS- | M] () -- C:\Users\RayVanTekk\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010/10/31 15:01:18 | 000,524,288 | -HS- | M] () -- C:\Users\RayVanTekk\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010/10/31 14:51:30 | 000,000,020 | -HS- | M] () -- C:\Users\RayVanTekk\ntuser.ini
[2012/03/15 17:30:21 | 000,063,624 | ---- | M] () -- C:\Users\RayVanTekk\umbrella0.log
< %USERPROFILE%\Local Settings\Temp\*.exe >
< %USERPROFILE%\Local Settings\Temp\*.dll >
< %USERPROFILE%\Application Data\*.exe >
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
< >
< End of report >
--- --- --- Extras.txt:OTL Logfile: Code:
OTL Extras logfile created on: 8/17/2012 4:29:57 PM - Run 1
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\RayVanTekk\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.18 Gb Total Physical Memory | 1.55 Gb Available Physical Memory | 48.76% Memory free
6.35 Gb Paging File | 4.25 Gb Available in Paging File | 66.88% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 565.07 Gb Total Space | 127.96 Gb Free Space | 22.65% Space Free | Partition Type: NTFS
Drive D: | 30.00 Gb Total Space | 9.61 Gb Free Space | 32.05% Space Free | Partition Type: NTFS
Computer Name: RAYVANTEKK-PC | User Name: RayVanTekk | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [CEWE FOTOSCHAU] -- "C:\Program Files\dm\dm-Fotowelt\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [dm-Fotowelt] -- "C:\Program Files\dm\dm-Fotowelt\dm-Fotowelt.exe" "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0359218B-078F-4CBD-969B-E6D2A8B8CB12}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{04B8C552-981D-499F-87B5-79B116FEAC91}" = lport=138 | protocol=17 | dir=in | app=system |
"{0F46953B-E6B2-4D3A-8427-C84BD905AFAA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{12436773-A56A-4D7B-A1F5-CFB0FAFB8AAD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{13F45054-9A91-4B78-920B-A10ACB722778}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{1B1A66A7-F669-446A-A991-642244D976D1}" = rport=139 | protocol=6 | dir=out | app=system |
"{20727FCA-26E0-4062-885E-DF071877BD35}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2723EC39-1647-42EA-AD73-F57296C6D01A}" = lport=35722 | protocol=6 | dir=in | name=photosync |
"{272F3FBE-D506-4685-B2CB-BCDFD8B8FEF8}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{314243FC-A871-4B3E-8C95-5FE767E497D0}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{37DF3654-8BC1-4E06-B28E-F2112741AB2D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3B3F0574-17BA-4479-A3EC-998826F8FA38}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{3C7AADAC-1A79-4DF0-82DF-4DC7F8075C8A}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{3D22229E-9D7C-4F83-B0E8-F7838F1EC209}" = rport=2869 | protocol=6 | dir=out | app=system |
"{45555F08-1FD3-4928-AE9C-9B614CB91B2B}" = rport=137 | protocol=17 | dir=out | app=system |
"{4564289D-9566-40DD-9888-EC861AD3912A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4B1D221A-18FB-4A3B-93FF-F8B372C1E487}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4E68A7CC-4664-4EC3-A5CD-A6E804895AD1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5343C218-A1A3-480F-97A8-85B64B9B5A4B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{562DB0FB-D8F4-46AB-AEEC-EC6BF63D8B69}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{56C1A1E4-8A7F-4F3E-B300-EE30CC8033CC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{57489817-5CEA-4D5E-8BF4-0565008931FA}" = rport=445 | protocol=6 | dir=out | app=system |
"{5A7B3AD8-CD33-4FE6-8320-7B0DB990BECE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5AA65412-0009-4793-9866-5FAE3609A7C7}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{5B090ADD-949B-4C54-A7F5-C81399504338}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{62D500E9-07F3-4A45-858C-3B46143263B5}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{6D09351C-BD3E-45A2-88DE-007FA95AF312}" = rport=138 | protocol=17 | dir=out | app=system |
"{77244E66-CDBC-44BE-AAD9-4F5D7260F8DE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{792EB366-DF4B-4177-870B-D3897BC2CABD}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{834CBD71-493A-493D-860C-FE4DFF3361DA}" = lport=137 | protocol=17 | dir=in | app=system |
"{83B48D1F-63CD-4282-A2F0-67ACE77491C2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8418D67E-8F51-48E2-8CEF-D4A6FC9FC7C5}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{9B09F2AC-2092-458F-A1C4-7C26826E01F0}" = rport=10243 | protocol=6 | dir=out | app=system |
"{9C2C2920-483A-4D80-8246-C28CF3FFE31F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AAC7B23B-B96C-43BB-9FD4-227D22E2BF3C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B7096E79-524C-4198-ADAA-96EFFD63A2C2}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{BD379AB5-E236-494B-8094-6541DC5D0C37}" = lport=10243 | protocol=6 | dir=in | app=system |
"{CF22324A-46B5-477D-B683-DD7A4A9CDD91}" = lport=445 | protocol=6 | dir=in | app=system |
"{E38E0DBC-04ED-4184-B067-0C5FF5B3582B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E3EE606A-A97F-4BE4-9C8A-40864FE751E2}" = lport=139 | protocol=6 | dir=in | app=system |
"{E6B77709-C81F-4426-B76A-83D815645014}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F55F5903-5F57-4422-9672-13AA2F2C54CA}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{F97EE74A-6397-4E4F-BAB2-B59F41AB5F1A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{FD297A89-C138-45A0-B98B-0B796553C1B0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09D39C60-1F2C-42F9-BB7F-0CF9F62C350D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{101694CC-978D-4204-AF2E-84C24C6CE28B}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd9.exe |
"{18162D81-2988-49BA-9A98-9936F50AFAFE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1CA26F20-472B-462D-B8C9-AA83A6227F19}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{1D696AE4-88CB-48F6-9734-716D6B54F587}" = protocol=6 | dir=in | app=c:\program files\software4u\iphone explorer\software4u.iphoneexplorer.exe |
"{1FD7AE8C-CF1C-4FC6-B910-7CFDD22A5610}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{31C13305-98C5-440D-8D16-D21B85CE07F9}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{358C0296-CBB3-4D71-ABA8-BC0F1C46DC1C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{359F6527-F378-4CD7-872D-2CCF04D20391}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{3DE496C8-BF14-4515-BC16-53E2568F221B}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{3E358556-5A35-46EB-B7B6-3C96AE5607B1}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{51D9E062-BC3E-460A-9DA1-EC00C0E61AFB}" = protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvidia updatus\daemonu.exe |
"{53AE13B9-711C-4EBC-8F48-AEB024E47E5B}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{58A771E3-64FB-4743-BFEF-BB106E0D6E51}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5C92C0C5-4812-4263-90BE-3E962A214C5C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{600AECBD-802A-4934-947B-715C31EA8BB6}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{625C91B8-0342-4013-A059-BC58F5ECF94B}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{6341517A-DE4C-413D-A1DB-A18D7416761C}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{700F8678-104F-4242-AEF2-947AA10DECC5}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{723B0637-366C-4656-A5FD-0C7A6C8C38EF}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe |
"{7322A46F-9BA8-4662-8F29-EB1C7D95FF44}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{776F6E94-BD5A-4FEE-BFFA-4EA366BEE05E}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{8AEB56C4-18E9-4828-8257-7533303A7B7B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9532341E-D6EE-43CA-B1A1-AF3EB5182E59}" = protocol=17 | dir=in | app=c:\program files\software4u\iphone explorer\software4u.iphoneexplorer.exe |
"{967BB4E1-1EEF-40B2-BBD8-BCA977DF6D74}" = protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvidia updatus\daemonu.exe |
"{A13F12D4-E5A6-4C77-B9BA-B412FA97305F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AEEBD893-C1B5-404B-9CD1-A21A2C307760}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{AFEFD93F-8C8C-4B7B-9773-CF1EBB58CEE4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B5168D38-E567-4C41-B36F-2BCE6A87304F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{BB9D324F-5EF6-4184-83DC-41E053EFB892}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{BDB1FC41-FC64-41AF-A5CB-603F92A6019C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{BFB8F565-09B7-4EB3-B44D-554FC8813B66}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C0319574-FD4D-42B5-81D3-E968388BE530}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{C8628917-B6BD-4547-B873-7E21E808434C}" = protocol=6 | dir=out | app=system |
"{C9857F4C-6FD6-4888-A7E1-B0B86B03FE70}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{D8DFEF60-8FA3-4C43-AE79-9B6773E144AB}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E530D2E1-94FB-4CDD-8DFB-FFBA9521F656}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E6827C26-CD5A-4771-9324-5662D282C931}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{F6B752EF-6C4F-4212-B809-3878E2A980F1}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F7CF2FA2-21D4-47A5-A799-0E374141D1C7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{01378D08-C8F1-4A14-9C87-D7FD5AEEA3C5}C:\program files\wi-fi sync\wifisync.exe" = protocol=6 | dir=in | app=c:\program files\wi-fi sync\wifisync.exe |
"TCP Query User{0F09D01D-279B-4830-96C7-BD3D2A57EA95}C:\xxx rayvantekk xxx\redsn0w_win_0.9.10b1\redsn0w.exe" = protocol=6 | dir=in | app=c:\xxx rayvantekk xxx\redsn0w_win_0.9.10b1\redsn0w.exe |
"TCP Query User{0F699AC0-0EB0-4AF7-B814-EA4E9CC4666F}C:\program files\cue.play.setlist\cue.play.setlist.exe" = protocol=6 | dir=in | app=c:\program files\cue.play.setlist\cue.play.setlist.exe |
"TCP Query User{55591D95-7D1C-45C0-821D-938E0A0FD78A}C:\xxx rayvantekk xxx\ralf\iphone 4\jailbreak\tinyumbrella-5.10.03.exe" = protocol=6 | dir=in | app=c:\xxx rayvantekk xxx\ralf\iphone 4\jailbreak\tinyumbrella-5.10.03.exe |
"TCP Query User{63EB6C82-BD21-4E6F-9615-C319D1E126BE}F:\iphone\jailbreak-tools\tinyumbrella\tinyumbrella-5.00.06.exe" = protocol=6 | dir=in | app=f:\iphone\jailbreak-tools\tinyumbrella\tinyumbrella-5.00.06.exe |
"TCP Query User{6DD30AF9-F0B5-432B-811D-BDA29C869C8F}C:\xxx rayvantekk xxx\tinyumbrella-4.1.12.exe" = protocol=6 | dir=in | app=c:\xxx rayvantekk xxx\tinyumbrella-4.1.12.exe |
"TCP Query User{97B7E3F5-B90A-4C98-B47F-CCD4734B6750}C:\xxx rayvantekk xxx\ralf\iphone 4\jailbreak\umbrella-4.1.6.exe" = protocol=6 | dir=in | app=c:\xxx rayvantekk xxx\ralf\iphone 4\jailbreak\umbrella-4.1.6.exe |
"TCP Query User{9B197FF4-D071-4DD4-8692-E951C1FB2F3B}C:\xxx rayvantekk xxx\tinyumbrella-5.10.03.exe" = protocol=6 | dir=in | app=c:\xxx rayvantekk xxx\tinyumbrella-5.10.03.exe |
"TCP Query User{CCDFF50F-221F-45F7-94AE-502D553C40F0}C:\program files\wi-fi sync\wifisync.exe" = protocol=6 | dir=in | app=c:\program files\wi-fi sync\wifisync.exe |
"TCP Query User{ED5D97FC-C563-4AAD-AD29-A97C1E9A7780}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{0E6F33F3-B216-43DE-84F5-C4CCA5BB07CF}C:\xxx rayvantekk xxx\tinyumbrella-5.10.03.exe" = protocol=17 | dir=in | app=c:\xxx rayvantekk xxx\tinyumbrella-5.10.03.exe |
"UDP Query User{1773EB93-55DC-4440-90ED-61BC052639BF}C:\xxx rayvantekk xxx\redsn0w_win_0.9.10b1\redsn0w.exe" = protocol=17 | dir=in | app=c:\xxx rayvantekk xxx\redsn0w_win_0.9.10b1\redsn0w.exe |
"UDP Query User{2C548110-CBEC-4089-9864-0F8A80C591C1}C:\xxx rayvantekk xxx\ralf\iphone 4\jailbreak\tinyumbrella-5.10.03.exe" = protocol=17 | dir=in | app=c:\xxx rayvantekk xxx\ralf\iphone 4\jailbreak\tinyumbrella-5.10.03.exe |
"UDP Query User{31FBBDEC-6A31-46A1-B799-00C57F2796BE}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{4FD00C57-465A-4AEB-9858-88B4A90C4DC8}C:\program files\cue.play.setlist\cue.play.setlist.exe" = protocol=17 | dir=in | app=c:\program files\cue.play.setlist\cue.play.setlist.exe |
"UDP Query User{5002EC72-B65D-4C34-991B-8E28C995DBEF}C:\program files\wi-fi sync\wifisync.exe" = protocol=17 | dir=in | app=c:\program files\wi-fi sync\wifisync.exe |
"UDP Query User{56A0DA74-BA61-4170-A158-4AE9E55A32CE}C:\xxx rayvantekk xxx\ralf\iphone 4\jailbreak\umbrella-4.1.6.exe" = protocol=17 | dir=in | app=c:\xxx rayvantekk xxx\ralf\iphone 4\jailbreak\umbrella-4.1.6.exe |
"UDP Query User{77E5C598-B7A5-4D09-99B6-139C57A99F7F}F:\iphone\jailbreak-tools\tinyumbrella\tinyumbrella-5.00.06.exe" = protocol=17 | dir=in | app=f:\iphone\jailbreak-tools\tinyumbrella\tinyumbrella-5.00.06.exe |
"UDP Query User{9C944177-C2CC-45D5-B534-F4C2B3112330}C:\program files\wi-fi sync\wifisync.exe" = protocol=17 | dir=in | app=c:\program files\wi-fi sync\wifisync.exe |
"UDP Query User{D0034422-5236-4F84-9310-6CE42FEE8771}C:\xxx rayvantekk xxx\tinyumbrella-4.1.12.exe" = protocol=17 | dir=in | app=c:\xxx rayvantekk xxx\tinyumbrella-4.1.12.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}" = CorelDRAW Essentials 4
"_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW(R) Graphics Suite X5
"_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}" = CorelDRAW Essentials 4 - Windows Shell Extension
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{06A1BE8A-4CA4-4A39-B9E4-E815AA8FE05C}" = Sony Noise Reduction Plug-In 2.0h
"{07B62101-7EBD-434A-94B1-B38063BE5516}" = CorelDRAW Essentials 4 - PHOTO-PAINT
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0ED4216F-3540-4D6B-8199-1C8DDEA3924B}" = CorelDRAW Essentials 4 - Lang DE
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19AC095C-3520-4999-AA15-93B6D0248A50}" = CorelDRAW Essentials 4 - Content
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}" = CorelDRAW Graphics Suite X5 - Custom Data
"{260ED378-2B8C-4831-ADAE-D0712D119AC5}" = CorelDRAW Graphics Suite X5 - VSTA
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 29
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2CCBABCB-6427-4A55-B091-49864623C43F}" = Google Toolbar for Firefox
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{31a52f2e-32e8-4c8f-9d99-6fd0c37c99ef}" = Gigaset QuickSync
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{345C90FB-FA10-11D5-9C2A-0080C85A0C2D}" = ABBYY FineReader OCR Engine für ScanWizard
"{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}" = CorelDRAW Graphics Suite X5 - Filters
"{34A9406E-1994-4C20-AC72-04CFA2B24545}" = CorelDRAW Essentials 4 - Lang EN
"{3576C335-958D-4D60-A812-F68F9A2796AF}" = CorelDRAW Essentials 4 - Lang IT
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F9170C9-A7C2-408F-A4D8-EC77250040BF}" = Sound Forge Pro 10.0
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}" = CorelDRAW Graphics Suite X5 - Connect
"{5500BB35-1C21-4328-9F16-F894B860FADE}" = CorelDRAW Essentials 4 - Lang NL
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}" = CorelDRAW Graphics Suite X5 - VBA
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{59123CCF-FED2-46FF-9293-D1DC80042219}" = CorelDRAW Graphics Suite X5 - Redist
"{5F548A02-80BC-404D-BAE6-F05F9BF6B449}" = Nero DiscCopyGadget 10 Help (CHM)
"{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}" = CorelDRAW Graphics Suite X5 - Draw
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76E852ED-1B06-4BC8-9D6A-625DB95FB7E5}" = CorelDRAW Essentials 4 - IPM - No VBA
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9043B9A0-9505-405B-8202-E7167A38A89C}" = CorelDRAW Essentials 4
"{9244E956-5939-4B88-930C-0699D4AB2B95}" = CorelDRAW Graphics Suite X5 - WT
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 4.1.2
"{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}" = CorelDRAW Graphics Suite X5 - FontNav
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3D8C60-A55F-4fed-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}" = CorelDRAW Graphics Suite X5 - PHOTO-PAINT
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{ABD8B955-1C69-4AF3-949B-13CD587C175F}" = CorelDRAW Essentials 4 - Lang BR
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.1 - Deutsch
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B08D262E-D902-11D5-9C28-0080C85A0C2D}" = ScanWizard 5
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B399C91E-96F2-4265-9884-1C9A10E9FCF4}" = CorelDRAW Graphics Suite X5
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F}" = iTunes
"{B9FA9F15-A1F3-4DB1-AD49-0B9351843FAA}" = CorelDRAW Essentials 4 - Draw
"{BA9319FE-BCEF-4C99-8039-F464648D046E}" = CorelDRAW Essentials 4 - Lang FR
"{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}" = Microsoft SQL Server 2005 Compact Edition [DEU]
"{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}" = CorelDRAW Essentials 4 - ICA
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C682F3F0-00A6-4379-B083-4F3273624D7B}" = CorelDRAW Essentials 4 - Lang ES
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CA3861BA-1D96-4D66-B577-318E1602C4F3}" = CorelDRAW Graphics Suite X5 - Common
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW Graphics Suite X5 - Setup Files
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}" = CorelDRAW Essentials 4 - Windows Shell Extension
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D0846526-66DD-4DC9-A02C-98F9A2806812}" = Launch Manager
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}" = CorelDRAW Graphics Suite X5 - Photozoom Plugin
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DAE541BB-A2D0-4034-A024-96197B356040}" = Cue.Play.SetList
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{DCF22E37-A8B6-4F78-9D61-3BCB5ED38A50}" = CorelDRAW Graphics Suite X5 - DE
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DE6CBC04-8673-4DBA-BA81-07F1639CEB5F}" = CorelDRAW Graphics Suite X5 - IPM
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaShow Espresso
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}" = CorelDRAW Graphics Suite X5 - Capture
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F16841F6-5F0F-4DBE-B318-63CEB916F21D}" = CorelDRAW Essentials 4 - Filters
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FDB5E0F3-86EA-4379-8A2F-1BC2436543E9}" = iCloud
"{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}" = CorelDRAW Graphics Suite X5 - VideoBrowser
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Audiograbber" = Audiograbber 1.83 SE
"Avira AntiVir Desktop" = Avira Free Antivirus
"CDex" = CDex - Open Source Digital Audio CD Extractor
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"conduitEngine" = Conduit Engine
"dm-Fotowelt" = dm-Fotowelt
"DVDFab 8 Qt_is1" = DVDFab 8.1.3.2 (31/10/2011) Qt
"Font Xplorer" = Font Xplorer 1.2.2
"HaaliMkx" = Haali Media Splitter
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaShow Espresso
"InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MOBackup-DatensicherungfürOutlook" = MOBackup - Datensicherung für Outlook (Testversion)
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA.Updatus" = NVIDIA Updatus
"PC Wizard 2010_is1" = PC Wizard 2010.1.95
"Samsung CLP-310 Series" = Samsung CLP-310 Series
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 1.1.4
"Winamp" = Winamp
"WinAVI All in One Converter" = WinAVI All in One Converter
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite" = Windows Live Essentials
"Winload Toolbar" = Winload Toolbar
"X10Hardware" = X10 Hardware(TM)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Erkennungs-Plug-in
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 2/26/2012 2:48:30 PM | Computer Name = RayVanTekk-PC | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 17
Error - 2/26/2012 2:48:30 PM | Computer Name = RayVanTekk-PC | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 18
Error - 2/26/2012 2:48:30 PM | Computer Name = RayVanTekk-PC | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 19
Error - 2/26/2012 2:48:30 PM | Computer Name = RayVanTekk-PC | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 20
Error - 2/26/2012 2:48:30 PM | Computer Name = RayVanTekk-PC | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 21
Error - 2/26/2012 2:48:30 PM | Computer Name = RayVanTekk-PC | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 22
Error - 2/26/2012 2:48:30 PM | Computer Name = RayVanTekk-PC | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 23
Error - 2/26/2012 2:48:30 PM | Computer Name = RayVanTekk-PC | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 24
Error - 2/26/2012 2:50:52 PM | Computer Name = RayVanTekk-PC | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(7c:c5:37:78:de:c1@fe80::7ec5:37ff:fe78:dec1._apple-mobdev._tcp.local.)
active for over two minutes. This places considerable burden on the network.
Error - 2/27/2012 2:25:52 PM | Computer Name = RayVanTekk-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei
"C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3.
Der
Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs
im assemblyIdentity-Element ist ungültig.
Error - 2/29/2012 1:04:41 PM | Computer Name = RayVanTekk-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei
"C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3.
Der
Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs
im assemblyIdentity-Element ist ungültig.
[ System Events ]
Error - 8/17/2012 9:46:23 AM | Computer Name = RayVanTekk-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1000
Description = Fehler bei der CBS-Clientinitialisierung. Letzter Fehler: 0x8007045b
Error - 8/17/2012 9:48:14 AM | Computer Name = RayVanTekk-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 8/17/2012 9:48:27 AM | Computer Name = RayVanTekk-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UimBus Uim_IM
Error - 8/17/2012 9:48:30 AM | Computer Name = RayVanTekk-PC | Source = ipnathlp | ID = 34001
Description =
Error - 8/17/2012 9:48:30 AM | Computer Name = RayVanTekk-PC | Source = ipnathlp | ID = 30013
Description =
Error - 8/17/2012 9:49:44 AM | Computer Name = RayVanTekk-PC | Source = ipnathlp | ID = 31004
Description =
Error - 8/17/2012 9:54:47 AM | Computer Name = RayVanTekk-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 8/17/2012 9:55:30 AM | Computer Name = RayVanTekk-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UimBus Uim_IM
Error - 8/17/2012 9:56:01 AM | Computer Name = RayVanTekk-PC | Source = ipnathlp | ID = 34001
Description =
Error - 8/17/2012 9:56:01 AM | Computer Name = RayVanTekk-PC | Source = ipnathlp | ID = 30013
Description =
< End of report >
--- --- ---
Danke und Gruss
Ralf |
