Hier sind die Logs:
OTL Logfile: Code:
OTL logfile created on: 15.05.2013 18:54:28 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lea2\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,75 Gb Total Physical Memory | 0,95 Gb Available Physical Memory | 34,63% Memory free
5,50 Gb Paging File | 3,13 Gb Available in Paging File | 56,91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 919,41 Gb Total Space | 815,01 Gb Free Space | 88,64% Space Free | Partition Type: NTFS
Drive E: | 4,17 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: LEA-PC | User Name: Lea2 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Lea2\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ccsvchst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files (x86)\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
PRC - C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe ()
PRC - C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
PRC - C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe (Acer Incorporated)
PRC - C:\Programme\eMachines\eMachines Updater\UpdaterService.exe (Acer)
PRC - C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (Electronic Arts)
PRC - C:\Users\Lea2\AppData\Local\Temp\{22B2EF27-260B-45CD-8F84-8EFB35D617F2}\Bottom TB Shadow.exe ()
PRC - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
========== Modules (No Company Name) ==========
MOD - C:\Users\Lea2\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.202\pepflashplayer.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppgooglenaclpluginchrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\program\libxml2.dll ()
MOD - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\wincfi39.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Users\Lea2\AppData\Local\Temp\{22B2EF27-260B-45CD-8F84-8EFB35D617F2}\Bottom TB Shadow.exe ()
========== Services (SafeList) ==========
SRV:64bit: - (WTService) -- C:\Windows\SysNative\atwtusb.exe ()
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (N360) -- C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ccSvcHst.exe (Symantec Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (!SASCORE) -- C:\Programme\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com)
SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe ()
SRV - (Greg_Service) -- C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe (Acer Incorporated)
SRV - (Updater Service) -- C:\Programme\eMachines\eMachines Updater\UpdaterService.exe (Acer)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ForceWare Intelligent Application Manager (IAM) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe ()
SRV - (nSvcIp) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe ()
SRV - (PSI_SVC_2) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
========== Driver Services (SafeList) ==========
DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation)
DRV:64bit: - (SymNetS) -- C:\Windows\SysNative\drivers\N360x64\1403010.016\symnets.sys (Symantec Corporation)
DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\N360x64\1403010.016\symefa64.sys (Symantec Corporation)
DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\N360x64\1403010.016\srtsp64.sys (Symantec Corporation)
DRV:64bit: - (SRTSPX) -- C:\Windows\SysNative\drivers\N360x64\1403010.016\srtspx64.sys (Symantec Corporation)
DRV:64bit: - (SymDS) -- C:\Windows\SysNative\drivers\N360x64\1403010.016\symds64.sys (Symantec Corporation)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\N360x64\1403010.016\ironx64.sys (Symantec Corporation)
DRV:64bit: - (ccSet_N360) -- C:\Windows\SysNative\drivers\N360x64\1403010.016\ccsetx64.sys (Symantec Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (netr7364) -- C:\Windows\SysNative\drivers\netr7364.sys (Ralink Technology, Corp.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (NVNET) -- C:\Windows\SysNative\drivers\nvmf6264.sys (NVIDIA Corporation)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (vhidmini) -- C:\Windows\SysNative\drivers\walvhid.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (moufiltr) -- C:\Windows\SysNative\drivers\moufiltr.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (BHDrvx64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130502.001\BHDrvx64.sys (Symantec Corporation)
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130515.003\ex64.sys (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130515.003\eng64.sys (Symantec Corporation)
DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130514.001\IDSviA64.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (AFS) -- C:\Windows\SysWow64\drivers\AFS.SYS (Oak Technology Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (ASPI) -- C:\Windows\SysWOW64\drivers\ASPI32.SYS (Adaptec)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACEW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\zbani: "URL" = hxxp://home.zbani.com/en/get/{searchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2364204294-1336410954-2551016912-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0407&m=el1332&r=17360410sn06973954si58h9i2733n
IE - HKU\S-1-5-21-2364204294-1336410954-2551016912-1005\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-2364204294-1336410954-2551016912-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-2364204294-1336410954-2551016912-1005\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACEW_deDE375
IE - HKU\S-1-5-21-2364204294-1336410954-2551016912-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledAddons: firefox@ghostery.com:2.9.3
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\ [2013.05.15 17:29:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFFPlgn\ [2013.03.07 11:58:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.11.21 20:23:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.03.02 11:48:59 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.11.21 20:23:43 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.03.02 11:48:59 | 000,000,000 | ---D | M]
[2012.02.04 20:17:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lea\AppData\Roaming\Mozilla\Extensions
[2013.03.26 16:15:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lea2\AppData\Roaming\mozilla\Firefox\Profiles\fjd5fgsl.default\extensions
[2013.03.26 16:15:26 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\Lea2\AppData\Roaming\mozilla\Firefox\Profiles\fjd5fgsl.default\extensions\firefox@ghostery.com
[2012.12.19 17:37:29 | 000,036,139 | ---- | M] () (No name found) -- C:\Users\Lea2\AppData\Roaming\mozilla\firefox\profiles\fjd5fgsl.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
[2013.02.17 21:28:44 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Lea2\AppData\Roaming\mozilla\firefox\profiles\fjd5fgsl.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.10.27 20:05:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.10.27 20:05:59 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.06.17 09:16:59 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.18 19:28:19 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.17 09:16:59 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.03.28 19:11:11 | 000,002,046 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchddr.xml
[2010.09.28 18:14:06 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchstonicde.xml
[2012.06.17 09:16:59 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.17 09:16:59 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.17 09:16:59 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: hxxp://search.babylon.com/?babsrc=HP_ss&mntrId=a8f6ee7b00000000000000236902e81c&tlver=1.4.19.19&affID=17159
O1 HOSTS File: ([2012.07.16 20:16:27 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Programme\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\coieplg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-2364204294-1336410954-2551016912-1005\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [MacroKeyManager] WTMKM.exe File not found
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
O4 - HKU\S-1-5-21-2364204294-1336410954-2551016912-1005..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2364204294-1336410954-2551016912-1005..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (Electronic Arts)
O4 - HKU\S-1-5-21-2364204294-1336410954-2551016912-1005..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-21-2364204294-1336410954-2551016912-1006..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2364204294-1336410954-2551016912-1006..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2364204294-1336410954-2551016912-1006..\RunOnce: [ScrSav] C:\Program Files (x86)\eMachines\Screensaver\run_eMachines.exe ()
O4 - Startup: C:\Users\Lea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = File not found
O4 - Startup: C:\Users\Lea2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\program\quickstart.exe ()
O4 - Startup: C:\Users\Lea2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = File not found
O4 - Startup: C:\Users\Lea2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TB Shadow.lnk = C:\Users\Lea2\Documents\Styles\Bottom TB Shadow.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2364204294-1336410954-2551016912-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2364204294-1336410954-2551016912-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-2364204294-1336410954-2551016912-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9:64bit: - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found
O9:64bit: - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found
O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://myoffice.suedleasing.de/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.191.74.19 62.109.123.197
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3ED23980-5D4A-47C4-A4E1-E7115121792E}: DhcpNameServer = 213.191.74.19 62.109.123.197
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-2364204294-1336410954-2551016912-1005 Winlogon: Shell - (expstart.exe) - C:\Windows\expstart.exe ()
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.05.26 09:00:09 | 000,122,880 | R--- | M] (VisualArt's) - E:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2009.12.10 08:42:46 | 000,000,055 | R--- | M] () - E:\Autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.05.15 18:52:48 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Lea2\Desktop\OTL.exe
[2013.05.15 18:44:28 | 017,613,192 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2013.04.29 12:30:27 | 000,000,000 | ---D | C] -- C:\Users\Lea2\Documents\Key
[2013.04.29 12:09:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Key
[2013.04.23 17:35:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.04.23 17:35:35 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.04.23 17:35:35 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.04.23 17:35:35 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.04.22 20:39:06 | 000,000,000 | ---D | C] -- C:\Users\Lea2\Documents\99% Probability English ver
[2013.04.20 10:09:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013.04.18 14:39:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2013.04.18 14:39:14 | 000,000,000 | ---D | C] -- C:\Users\Lea2\Documents\Electronic Arts
[2013.04.18 14:38:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft WSE
[2013.04.18 14:23:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2013.04.17 18:38:09 | 000,000,000 | ---D | C] -- C:\Users\Lea2\AppData\Roaming\Gensokyo.org
[2013.04.17 18:37:55 | 000,000,000 | ---D | C] -- C:\Users\Lea2\AppData\Roaming\ShanghaiAlice
[2013.04.17 18:37:13 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2013.04.17 18:37:13 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2013.04.17 18:37:13 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2013.04.17 18:37:13 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2013.04.17 18:37:12 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2013.04.17 18:37:12 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2013.04.17 18:37:12 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2013.04.17 18:37:12 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2013.04.17 18:37:10 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2013.04.17 18:37:10 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2013.04.17 18:37:10 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2013.04.17 18:37:10 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2013.04.17 18:37:09 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2013.04.17 18:37:09 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2013.04.17 18:37:09 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2013.04.17 18:37:09 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2013.04.17 18:37:08 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2013.04.17 18:37:08 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2013.04.17 18:37:08 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2013.04.17 18:37:08 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2013.04.17 18:37:00 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2013.04.17 18:37:00 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2013.04.17 18:36:59 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2013.04.17 18:36:59 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2013.04.17 18:36:54 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2013.04.17 18:36:54 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2013.04.17 18:36:51 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2013.04.17 18:36:51 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2013.04.17 18:36:50 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2013.04.17 18:36:50 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2013.04.17 18:36:49 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2013.04.17 18:36:49 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2013.04.17 18:36:48 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2013.04.17 18:36:48 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2013.04.17 18:36:48 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2013.04.17 18:36:48 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2013.04.17 18:36:47 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2013.04.17 18:36:47 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2013.04.17 18:36:47 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2013.04.17 18:36:47 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2013.04.17 18:36:46 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2013.04.17 18:36:46 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2013.04.17 18:36:45 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2013.04.17 18:36:45 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2013.04.17 18:36:45 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2013.04.17 18:36:45 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2013.04.17 18:36:44 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2013.04.17 18:36:44 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2013.04.17 18:36:43 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2013.04.17 18:36:43 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2013.04.17 18:36:43 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2013.04.17 18:36:43 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2013.04.17 18:36:42 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2013.04.17 18:36:42 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2013.04.17 18:36:42 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2013.04.17 18:36:42 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2013.04.17 18:36:41 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2013.04.17 18:36:41 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2013.04.17 18:36:41 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2013.04.17 18:36:41 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2013.04.17 18:36:40 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2013.04.17 18:36:40 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2013.04.17 18:36:39 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2013.04.17 18:36:39 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2013.04.17 18:36:38 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2013.04.17 18:36:38 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2013.04.17 18:36:37 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2013.04.17 18:36:37 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2013.04.17 18:36:37 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2013.04.17 18:36:37 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2013.04.17 18:36:36 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2013.04.17 18:36:34 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2013.04.17 18:36:34 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2013.04.17 18:36:34 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2013.04.17 18:36:34 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2013.04.17 18:36:33 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2013.04.17 18:36:33 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2013.04.17 18:36:33 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2013.04.17 18:36:33 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2013.04.17 18:36:32 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2013.04.17 18:36:32 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2013.04.17 18:36:32 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2013.04.17 18:36:32 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2013.04.17 18:36:31 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2013.04.17 18:36:31 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2013.04.17 18:36:30 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2013.04.17 18:36:30 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2013.04.17 18:36:28 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2013.04.17 18:36:28 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2013.04.17 18:36:28 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2013.04.17 18:36:28 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2013.04.17 18:36:28 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2013.04.17 18:36:28 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2013.04.17 18:36:27 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2013.04.17 18:36:27 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2013.04.17 18:36:27 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2013.04.17 18:36:27 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2013.04.17 18:36:26 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2013.04.17 18:36:26 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2013.04.17 18:36:24 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2013.04.17 18:36:24 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2013.04.17 18:36:24 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2013.04.17 18:36:24 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2013.04.17 18:36:22 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2013.04.17 18:36:22 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2013.04.17 18:36:21 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2013.04.17 18:36:21 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2013.04.17 18:36:20 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2013.04.17 18:36:20 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2013.04.17 18:36:20 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2013.04.17 18:36:20 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2013.04.17 18:36:20 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2013.04.17 18:36:20 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2013.04.17 18:36:19 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2013.04.17 18:36:19 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2013.04.17 18:36:19 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2013.04.17 18:36:19 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2013.04.17 18:36:18 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2013.04.17 18:36:18 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2013.04.17 18:36:18 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2013.04.17 18:36:18 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2013.04.17 18:36:18 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2013.04.17 18:36:18 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2013.04.17 18:36:17 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2013.04.17 18:36:17 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2013.04.17 18:36:16 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2013.04.17 18:36:16 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2013.04.17 18:36:16 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2013.04.17 18:36:16 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2013.04.17 18:36:16 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2013.04.17 18:36:16 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2013.04.17 18:36:15 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2013.04.17 18:36:15 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2013.04.17 18:36:14 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2013.04.17 18:36:14 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2013.04.17 18:36:13 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2013.04.17 18:36:13 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2013.04.17 18:36:12 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2013.04.17 18:36:12 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2013.04.17 18:36:12 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2013.04.17 18:36:12 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2013.04.17 18:36:12 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2013.04.17 18:36:12 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2013.04.17 18:36:11 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2013.04.17 18:36:11 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2013.04.17 18:36:10 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2013.04.17 18:36:10 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2013.04.17 18:36:09 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2013.04.17 18:36:09 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2013.04.17 18:36:08 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2013.04.17 18:36:08 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2013.04.17 18:36:07 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2013.04.17 18:36:07 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2013.04.17 18:36:04 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2013.04.17 18:36:04 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2013.04.17 18:35:59 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2013.04.17 18:35:59 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2013.04.17 18:35:57 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2013.04.17 18:35:57 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2013.04.17 18:35:57 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2013.04.17 18:35:57 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2013.04.17 18:35:56 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2013.04.17 18:35:56 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2013.04.17 18:35:55 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2013.04.17 18:35:55 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2013.04.17 18:35:54 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2013.04.17 18:35:54 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2013.04.17 18:35:53 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2013.04.17 18:35:53 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2013.04.17 18:35:52 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2013.04.17 18:35:52 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2013.04.17 18:35:51 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2013.04.17 18:35:51 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2013.04.17 18:30:34 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2010.06.02 06:22:02 | 000,089,944 | ---- | C] (Microsoft Corporation) -- C:\Users\Lea2\DSETUP.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.05.15 18:52:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lea2\Desktop\OTL.exe
[2013.05.15 18:45:30 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.05.15 18:45:19 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.05.15 18:45:18 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.05.15 18:44:28 | 017,613,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2013.05.15 18:25:21 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.05.15 17:33:52 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.05.15 17:33:52 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.15 17:26:49 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.05.15 17:26:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.05.15 17:25:52 | 001,930,217 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\Cat.DB
[2013.05.15 17:25:50 | 2213,404,672 | -HS- | M] () -- C:\hiberfil.sys
[2013.05.14 23:28:59 | 000,004,720 | ---- | M] () -- C:\Users\Lea2\Documents\cc_20130514_232850.reg
[2013.05.12 10:43:48 | 000,013,248 | ---- | M] () -- C:\Users\Lea2\Documents\Manga.odt
[2013.05.11 01:26:01 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.05.11 01:26:01 | 000,633,338 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.05.11 01:26:01 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.05.11 01:26:01 | 000,125,730 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.05.11 01:26:01 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.05.04 10:44:58 | 000,000,290 | ---- | M] () -- C:\Windows\wininit.ini
[2013.05.02 23:03:35 | 000,002,650 | ---- | M] () -- C:\Users\Lea2\.recently-used.xbel
[2013.04.29 19:26:15 | 000,002,414 | ---- | M] () -- C:\Users\Lea2\Documents\Rewrite.lnk
[2013.04.27 13:43:46 | 000,043,042 | ---- | M] () -- C:\Users\Lea2\Documents\cc_20130427_134340.reg
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.05.14 23:28:56 | 000,004,720 | ---- | C] () -- C:\Users\Lea2\Documents\cc_20130514_232850.reg
[2013.05.02 23:03:35 | 000,002,650 | ---- | C] () -- C:\Users\Lea2\.recently-used.xbel
[2013.04.29 19:25:18 | 000,002,414 | ---- | C] () -- C:\Users\Lea2\Documents\Rewrite.lnk
[2013.04.27 13:43:44 | 000,043,042 | ---- | C] () -- C:\Users\Lea2\Documents\cc_20130427_134340.reg
[2013.04.18 14:38:40 | 000,001,116 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Download Manager.lnk
[2013.03.29 15:43:30 | 000,008,229 | ---- | C] () -- C:\Windows\aiptbl.ini
[2013.03.29 14:36:27 | 000,000,848 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2012.08.13 12:08:08 | 000,014,217 | ---- | C] () -- C:\Program Files (x86)\readme.html
[2012.07.16 20:01:54 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.07.16 20:01:54 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.07.16 20:01:54 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.07.16 20:01:54 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.07.16 20:01:54 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.05.08 15:15:36 | 000,000,005 | ---- | C] () -- C:\Program Files (x86)\basis-link
[2011.08.23 07:38:19 | 000,000,290 | ---- | C] () -- C:\Windows\wininit.ini
[2011.07.28 12:06:41 | 000,925,184 | ---- | C] () -- C:\Windows\expstart.exe
[2011.01.04 00:51:05 | 000,000,140 | ---- | C] () -- C:\ProgramData\xlink.sys
[2010.06.02 06:22:54 | 001,412,902 | ---- | C] () -- C:\Users\Lea2\OCT2006_d3dx9_31_x64.cab
[2010.06.02 06:22:54 | 001,127,217 | ---- | C] () -- C:\Users\Lea2\OCT2006_d3dx9_31_x86.cab
[2010.06.02 06:22:54 | 000,273,960 | ---- | C] () -- C:\Users\Lea2\Nov2008_XAudio_x64.cab
[2010.06.02 06:22:54 | 000,272,611 | ---- | C] () -- C:\Users\Lea2\Nov2008_XAudio_x86.cab
[2010.06.02 06:22:54 | 000,182,361 | ---- | C] () -- C:\Users\Lea2\OCT2006_XACT_x64.cab
[2010.06.02 06:22:54 | 000,138,017 | ---- | C] () -- C:\Users\Lea2\OCT2006_XACT_x86.cab
[2010.06.02 06:22:54 | 000,086,037 | ---- | C] () -- C:\Users\Lea2\Oct2005_xinput_x64.cab
[2010.06.02 06:22:54 | 000,045,359 | ---- | C] () -- C:\Users\Lea2\Oct2005_xinput_x86.cab
[2010.06.02 06:22:52 | 001,906,878 | ---- | C] () -- C:\Users\Lea2\Nov2008_d3dx9_40_x64.cab
[2010.06.02 06:22:52 | 001,550,796 | ---- | C] () -- C:\Users\Lea2\Nov2008_d3dx9_40_x86.cab
[2010.06.02 06:22:52 | 000,965,421 | ---- | C] () -- C:\Users\Lea2\Nov2008_d3dx10_40_x86.cab
[2010.06.02 06:22:52 | 000,121,794 | ---- | C] () -- C:\Users\Lea2\Nov2008_XACT_x64.cab
[2010.06.02 06:22:52 | 000,092,684 | ---- | C] () -- C:\Users\Lea2\Nov2008_XACT_x86.cab
[2010.06.02 06:22:52 | 000,054,522 | ---- | C] () -- C:\Users\Lea2\Nov2008_X3DAudio_x64.cab
[2010.06.02 06:22:52 | 000,021,851 | ---- | C] () -- C:\Users\Lea2\Nov2008_X3DAudio_x86.cab
[2010.06.02 06:22:50 | 000,994,154 | ---- | C] () -- C:\Users\Lea2\Nov2008_d3dx10_40_x64.cab
[2010.06.02 06:22:50 | 000,196,762 | ---- | C] () -- C:\Users\Lea2\NOV2007_XACT_x64.cab
[2010.06.02 06:22:50 | 000,148,264 | ---- | C] () -- C:\Users\Lea2\NOV2007_XACT_x86.cab
[2010.06.02 06:22:50 | 000,046,144 | ---- | C] () -- C:\Users\Lea2\NOV2007_X3DAudio_x64.cab
[2010.06.02 06:22:50 | 000,018,496 | ---- | C] () -- C:\Users\Lea2\NOV2007_X3DAudio_x86.cab
[2010.06.02 06:22:48 | 001,802,058 | ---- | C] () -- C:\Users\Lea2\Nov2007_d3dx9_36_x64.cab
[2010.06.02 06:22:48 | 001,709,360 | ---- | C] () -- C:\Users\Lea2\Nov2007_d3dx9_36_x86.cab
[2010.06.02 06:22:48 | 000,864,600 | ---- | C] () -- C:\Users\Lea2\Nov2007_d3dx10_36_x64.cab
[2010.06.02 06:22:48 | 000,803,884 | ---- | C] () -- C:\Users\Lea2\Nov2007_d3dx10_36_x86.cab
[2010.06.02 06:22:48 | 000,273,018 | ---- | C] () -- C:\Users\Lea2\Mar2009_XAudio_x86.cab
[2010.06.02 06:22:46 | 000,275,044 | ---- | C] () -- C:\Users\Lea2\Mar2009_XAudio_x64.cab
[2010.06.02 06:22:46 | 000,121,506 | ---- | C] () -- C:\Users\Lea2\Mar2009_XACT_x64.cab
[2010.06.02 06:22:46 | 000,092,740 | ---- | C] () -- C:\Users\Lea2\Mar2009_XACT_x86.cab
[2010.06.02 06:22:38 | 000,054,600 | ---- | C] () -- C:\Users\Lea2\Mar2009_X3DAudio_x64.cab
[2010.06.02 06:22:38 | 000,021,298 | ---- | C] () -- C:\Users\Lea2\Mar2009_X3DAudio_x86.cab
[2010.06.02 06:22:36 | 001,973,702 | ---- | C] () -- C:\Users\Lea2\Mar2009_d3dx9_41_x64.cab
[2010.06.02 06:22:36 | 001,612,446 | ---- | C] () -- C:\Users\Lea2\Mar2009_d3dx9_41_x86.cab
[2010.06.02 06:22:36 | 001,067,160 | ---- | C] () -- C:\Users\Lea2\Mar2009_d3dx10_41_x64.cab
[2010.06.02 06:22:36 | 001,040,745 | ---- | C] () -- C:\Users\Lea2\Mar2009_d3dx10_41_x86.cab
[2010.06.02 06:22:36 | 000,251,194 | ---- | C] () -- C:\Users\Lea2\Mar2008_XAudio_x64.cab
[2010.06.02 06:22:36 | 000,226,250 | ---- | C] () -- C:\Users\Lea2\Mar2008_XAudio_x86.cab
[2010.06.02 06:22:36 | 000,122,336 | ---- | C] () -- C:\Users\Lea2\Mar2008_XACT_x64.cab
[2010.06.02 06:22:36 | 000,093,734 | ---- | C] () -- C:\Users\Lea2\Mar2008_XACT_x86.cab
[2010.06.02 06:22:34 | 001,769,862 | ---- | C] () -- C:\Users\Lea2\Mar2008_d3dx9_37_x64.cab
[2010.06.02 06:22:34 | 001,443,282 | ---- | C] () -- C:\Users\Lea2\Mar2008_d3dx9_37_x86.cab
[2010.06.02 06:22:34 | 000,818,260 | ---- | C] () -- C:\Users\Lea2\Mar2008_d3dx10_37_x86.cab
[2010.06.02 06:22:34 | 000,055,058 | ---- | C] () -- C:\Users\Lea2\Mar2008_X3DAudio_x64.cab
[2010.06.02 06:22:34 | 000,021,867 | ---- | C] () -- C:\Users\Lea2\Mar2008_X3DAudio_x86.cab
[2010.06.02 06:22:32 | 000,937,246 | ---- | C] () -- C:\Users\Lea2\Jun2010_d3dx9_43_x64.cab
[2010.06.02 06:22:32 | 000,844,884 | ---- | C] () -- C:\Users\Lea2\Mar2008_d3dx10_37_x64.cab
[2010.06.02 06:22:32 | 000,768,036 | ---- | C] () -- C:\Users\Lea2\Jun2010_d3dx9_43_x86.cab
[2010.06.02 06:22:32 | 000,278,060 | ---- | C] () -- C:\Users\Lea2\Jun2010_XAudio_x86.cab
[2010.06.02 06:22:32 | 000,277,338 | ---- | C] () -- C:\Users\Lea2\Jun2010_XAudio_x64.cab
[2010.06.02 06:22:32 | 000,124,596 | ---- | C] () -- C:\Users\Lea2\Jun2010_XACT_x64.cab
[2010.06.02 06:22:32 | 000,093,686 | ---- | C] () -- C:\Users\Lea2\Jun2010_XACT_x86.cab
[2010.06.02 06:22:30 | 000,762,188 | ---- | C] () -- C:\Users\Lea2\Jun2010_d3dcsx_43_x86.cab
[2010.06.02 06:22:30 | 000,235,955 | ---- | C] () -- C:\Users\Lea2\Jun2010_d3dx10_43_x64.cab
[2010.06.02 06:22:30 | 000,197,283 | ---- | C] () -- C:\Users\Lea2\Jun2010_d3dx10_43_x86.cab
[2010.06.02 06:22:30 | 000,138,205 | ---- | C] () -- C:\Users\Lea2\Jun2010_d3dx11_43_x64.cab
[2010.06.02 06:22:30 | 000,109,445 | ---- | C] () -- C:\Users\Lea2\Jun2010_d3dx11_43_x86.cab
[2010.06.02 06:22:28 | 000,944,460 | ---- | C] () -- C:\Users\Lea2\Jun2010_D3DCompiler_43_x64.cab
[2010.06.02 06:22:28 | 000,931,471 | ---- | C] () -- C:\Users\Lea2\Jun2010_D3DCompiler_43_x86.cab
[2010.06.02 06:22:28 | 000,752,783 | ---- | C] () -- C:\Users\Lea2\Jun2010_d3dcsx_43_x64.cab
[2010.06.02 06:22:20 | 000,269,024 | ---- | C] () -- C:\Users\Lea2\JUN2008_XAudio_x86.cab
[2010.06.02 06:22:18 | 001,792,608 | ---- | C] () -- C:\Users\Lea2\JUN2008_d3dx9_38_x64.cab
[2010.06.02 06:22:18 | 001,463,878 | ---- | C] () -- C:\Users\Lea2\JUN2008_d3dx9_38_x86.cab
[2010.06.02 06:22:18 | 000,867,828 | ---- | C] () -- C:\Users\Lea2\JUN2008_d3dx10_38_x64.cab
[2010.06.02 06:22:18 | 000,849,919 | ---- | C] () -- C:\Users\Lea2\JUN2008_d3dx10_38_x86.cab
[2010.06.02 06:22:18 | 000,269,628 | ---- | C] () -- C:\Users\Lea2\JUN2008_XAudio_x64.cab
[2010.06.02 06:22:18 | 000,152,909 | ---- | C] () -- C:\Users\Lea2\JUN2007_XACT_x86.cab
[2010.06.02 06:22:18 | 000,121,054 | ---- | C] () -- C:\Users\Lea2\JUN2008_XACT_x64.cab
[2010.06.02 06:22:18 | 000,093,128 | ---- | C] () -- C:\Users\Lea2\JUN2008_XACT_x86.cab
[2010.06.02 06:22:18 | 000,055,154 | ---- | C] () -- C:\Users\Lea2\JUN2008_X3DAudio_x64.cab
[2010.06.02 06:22:18 | 000,021,905 | ---- | C] () -- C:\Users\Lea2\JUN2008_X3DAudio_x86.cab
[2010.06.02 06:22:16 | 001,607,774 | ---- | C] () -- C:\Users\Lea2\JUN2007_d3dx9_34_x64.cab
[2010.06.02 06:22:16 | 001,607,286 | ---- | C] () -- C:\Users\Lea2\JUN2007_d3dx9_34_x86.cab
[2010.06.02 06:22:16 | 001,064,925 | ---- | C] () -- C:\Users\Lea2\Jun2005_d3dx9_26_x86.cab
[2010.06.02 06:22:16 | 000,699,044 | ---- | C] () -- C:\Users\Lea2\JUN2007_d3dx10_34_x64.cab
[2010.06.02 06:22:16 | 000,698,472 | ---- | C] () -- C:\Users\Lea2\JUN2007_d3dx10_34_x86.cab
[2010.06.02 06:22:16 | 000,197,122 | ---- | C] () -- C:\Users\Lea2\JUN2007_XACT_x64.cab
[2010.06.02 06:22:16 | 000,180,785 | ---- | C] () -- C:\Users\Lea2\JUN2006_XACT_x64.cab
[2010.06.02 06:22:16 | 000,133,671 | ---- | C] () -- C:\Users\Lea2\JUN2006_XACT_x86.cab
[2010.06.02 06:22:14 | 001,336,002 | ---- | C] () -- C:\Users\Lea2\Jun2005_d3dx9_26_x64.cab
[2010.06.02 06:22:14 | 000,277,191 | ---- | C] () -- C:\Users\Lea2\Feb2010_XAudio_x86.cab
[2010.06.02 06:22:14 | 000,276,960 | ---- | C] () -- C:\Users\Lea2\Feb2010_XAudio_x64.cab
[2010.06.02 06:22:14 | 000,122,446 | ---- | C] () -- C:\Users\Lea2\Feb2010_XACT_x64.cab
[2010.06.02 06:22:14 | 000,093,180 | ---- | C] () -- C:\Users\Lea2\Feb2010_XACT_x86.cab
[2010.06.02 06:22:12 | 000,194,675 | ---- | C] () -- C:\Users\Lea2\FEB2007_XACT_x64.cab
[2010.06.02 06:22:12 | 000,147,983 | ---- | C] () -- C:\Users\Lea2\FEB2007_XACT_x86.cab
[2010.06.02 06:22:12 | 000,054,678 | ---- | C] () -- C:\Users\Lea2\Feb2010_X3DAudio_x64.cab
[2010.06.02 06:22:12 | 000,020,713 | ---- | C] () -- C:\Users\Lea2\Feb2010_X3DAudio_x86.cab
[2010.06.02 06:22:10 | 000,178,359 | ---- | C] () -- C:\Users\Lea2\Feb2006_XACT_x64.cab
[2010.06.02 06:22:10 | 000,132,409 | ---- | C] () -- C:\Users\Lea2\Feb2006_XACT_x86.cab
[2010.06.02 06:22:04 | 001,084,720 | ---- | C] () -- C:\Users\Lea2\Feb2006_d3dx9_29_x86.cab
[2010.06.02 06:22:02 | 001,801,048 | ---- | C] () -- C:\Users\Lea2\dsetup32.dll
[2010.06.02 06:22:02 | 001,574,376 | ---- | C] () -- C:\Users\Lea2\DEC2006_d3dx9_32_x86.cab
[2010.06.02 06:22:02 | 001,362,796 | ---- | C] () -- C:\Users\Lea2\Feb2006_d3dx9_29_x64.cab
[2010.06.02 06:22:02 | 001,247,499 | ---- | C] () -- C:\Users\Lea2\Feb2005_d3dx9_24_x64.cab
[2010.06.02 06:22:02 | 001,013,225 | ---- | C] () -- C:\Users\Lea2\Feb2005_d3dx9_24_x86.cab
[2010.06.02 06:22:02 | 000,537,432 | ---- | C] () -- C:\Users\Lea2\DXSETUP.exe
[2010.06.02 06:22:02 | 000,192,475 | ---- | C] () -- C:\Users\Lea2\DEC2006_XACT_x64.cab
[2010.06.02 06:22:02 | 000,145,599 | ---- | C] () -- C:\Users\Lea2\DEC2006_XACT_x86.cab
[2010.06.02 06:22:02 | 000,094,011 | ---- | C] () -- C:\Users\Lea2\dxupdate.cab
[2010.06.02 06:22:02 | 000,042,410 | ---- | C] () -- C:\Users\Lea2\dxdllreg_x86.cab
[2010.06.02 06:22:00 | 001,571,154 | ---- | C] () -- C:\Users\Lea2\DEC2006_d3dx9_32_x64.cab
[2010.06.02 06:22:00 | 001,357,976 | ---- | C] () -- C:\Users\Lea2\Dec2005_d3dx9_28_x64.cab
[2010.06.02 06:22:00 | 001,079,456 | ---- | C] () -- C:\Users\Lea2\Dec2005_d3dx9_28_x86.cab
[2010.06.02 06:22:00 | 000,273,264 | ---- | C] () -- C:\Users\Lea2\Aug2009_XAudio_x64.cab
[2010.06.02 06:22:00 | 000,272,642 | ---- | C] () -- C:\Users\Lea2\Aug2009_XAudio_x86.cab
[2010.06.02 06:22:00 | 000,212,807 | ---- | C] () -- C:\Users\Lea2\DEC2006_d3dx10_00_x64.cab
[2010.06.02 06:22:00 | 000,191,720 | ---- | C] () -- C:\Users\Lea2\DEC2006_d3dx10_00_x86.cab
[2010.06.02 06:22:00 | 000,122,408 | ---- | C] () -- C:\Users\Lea2\Aug2009_XACT_x64.cab
[2010.06.02 06:22:00 | 000,093,106 | ---- | C] () -- C:\Users\Lea2\Aug2009_XACT_x86.cab
[2010.06.02 06:21:58 | 000,930,116 | ---- | C] () -- C:\Users\Lea2\Aug2009_d3dx9_42_x64.cab
[2010.06.02 06:21:58 | 000,728,456 | ---- | C] () -- C:\Users\Lea2\Aug2009_d3dx9_42_x86.cab
[2010.06.02 06:21:58 | 000,232,635 | ---- | C] () -- C:\Users\Lea2\Aug2009_d3dx10_42_x64.cab
[2010.06.02 06:21:58 | 000,192,131 | ---- | C] () -- C:\Users\Lea2\Aug2009_d3dx10_42_x86.cab
[2010.06.02 06:21:58 | 000,136,301 | ---- | C] () -- C:\Users\Lea2\Aug2009_d3dx11_42_x64.cab
[2010.06.02 06:21:58 | 000,105,044 | ---- | C] () -- C:\Users\Lea2\Aug2009_d3dx11_42_x86.cab
[2010.06.02 06:21:56 | 003,319,740 | ---- | C] () -- C:\Users\Lea2\Aug2009_d3dcsx_42_x86.cab
[2010.06.02 06:21:56 | 003,112,111 | ---- | C] () -- C:\Users\Lea2\Aug2009_d3dcsx_42_x64.cab
[2010.06.02 06:21:56 | 000,900,598 | ---- | C] () -- C:\Users\Lea2\Aug2009_D3DCompiler_42_x86.cab
[2010.06.02 06:21:46 | 000,919,044 | ---- | C] () -- C:\Users\Lea2\Aug2009_D3DCompiler_42_x64.cab
[2010.06.02 06:21:46 | 000,271,412 | ---- | C] () -- C:\Users\Lea2\Aug2008_XAudio_x64.cab
[2010.06.02 06:21:46 | 000,271,038 | ---- | C] () -- C:\Users\Lea2\Aug2008_XAudio_x86.cab
[2010.06.02 06:21:44 | 001,794,084 | ---- | C] () -- C:\Users\Lea2\Aug2008_d3dx9_39_x64.cab
[2010.06.02 06:21:44 | 001,464,672 | ---- | C] () -- C:\Users\Lea2\Aug2008_d3dx9_39_x86.cab
[2010.06.02 06:21:44 | 000,849,167 | ---- | C] () -- C:\Users\Lea2\Aug2008_d3dx10_39_x86.cab
[2010.06.02 06:21:44 | 000,198,096 | ---- | C] () -- C:\Users\Lea2\AUG2007_XACT_x64.cab
[2010.06.02 06:21:44 | 000,153,012 | ---- | C] () -- C:\Users\Lea2\AUG2007_XACT_x86.cab
[2010.06.02 06:21:44 | 000,121,772 | ---- | C] () -- C:\Users\Lea2\Aug2008_XACT_x64.cab
[2010.06.02 06:21:44 | 000,092,996 | ---- | C] () -- C:\Users\Lea2\Aug2008_XACT_x86.cab
[2010.06.02 06:21:42 | 001,800,160 | ---- | C] () -- C:\Users\Lea2\AUG2007_d3dx9_35_x64.cab
[2010.06.02 06:21:42 | 001,708,152 | ---- | C] () -- C:\Users\Lea2\AUG2007_d3dx9_35_x86.cab
[2010.06.02 06:21:42 | 000,867,612 | ---- | C] () -- C:\Users\Lea2\Aug2008_d3dx10_39_x64.cab
[2010.06.02 06:21:42 | 000,852,286 | ---- | C] () -- C:\Users\Lea2\AUG2007_d3dx10_35_x64.cab
[2010.06.02 06:21:42 | 000,796,867 | ---- | C] () -- C:\Users\Lea2\AUG2007_d3dx10_35_x86.cab
[2010.06.02 06:21:40 | 001,350,542 | ---- | C] () -- C:\Users\Lea2\Aug2005_d3dx9_27_x64.cab
[2010.06.02 06:21:40 | 001,077,644 | ---- | C] () -- C:\Users\Lea2\Aug2005_d3dx9_27_x86.cab
[2010.06.02 06:21:40 | 000,182,903 | ---- | C] () -- C:\Users\Lea2\AUG2006_XACT_x64.cab
[2010.06.02 06:21:40 | 000,137,235 | ---- | C] () -- C:\Users\Lea2\AUG2006_XACT_x86.cab
[2010.06.02 06:21:40 | 000,087,142 | ---- | C] () -- C:\Users\Lea2\AUG2006_xinput_x64.cab
[2010.06.02 06:21:40 | 000,053,302 | ---- | C] () -- C:\Users\Lea2\APR2007_xinput_x86.cab
[2010.06.02 06:21:40 | 000,046,058 | ---- | C] () -- C:\Users\Lea2\AUG2006_xinput_x86.cab
[2010.06.02 06:21:38 | 001,606,039 | ---- | C] () -- C:\Users\Lea2\APR2007_d3dx9_33_x86.cab
[2010.06.02 06:21:38 | 000,195,766 | ---- | C] () -- C:\Users\Lea2\APR2007_XACT_x64.cab
[2010.06.02 06:21:38 | 000,151,225 | ---- | C] () -- C:\Users\Lea2\APR2007_XACT_x86.cab
[2010.06.02 06:21:38 | 000,096,817 | ---- | C] () -- C:\Users\Lea2\APR2007_xinput_x64.cab
[2010.06.02 06:21:36 | 001,607,358 | ---- | C] () -- C:\Users\Lea2\APR2007_d3dx9_33_x64.cab
[2010.06.02 06:21:36 | 000,698,612 | ---- | C] () -- C:\Users\Lea2\APR2007_d3dx10_33_x64.cab
[2010.06.02 06:21:36 | 000,695,865 | ---- | C] () -- C:\Users\Lea2\APR2007_d3dx10_33_x86.cab
[2010.06.02 06:21:34 | 000,046,010 | ---- | C] () -- C:\Users\Lea2\Apr2006_xinput_x86.cab
[2010.06.02 06:21:20 | 000,087,101 | ---- | C] () -- C:\Users\Lea2\Apr2006_xinput_x64.cab
[2010.06.02 06:21:18 | 004,162,630 | ---- | C] () -- C:\Users\Lea2\Apr2006_MDX1_x86_Archive.cab
[2010.06.02 06:21:18 | 000,916,430 | ---- | C] () -- C:\Users\Lea2\Apr2006_MDX1_x86.cab
[2010.06.02 06:21:18 | 000,179,133 | ---- | C] () -- C:\Users\Lea2\Apr2006_XACT_x64.cab
[2010.06.02 06:21:18 | 000,133,103 | ---- | C] () -- C:\Users\Lea2\Apr2006_XACT_x86.cab
[2010.06.02 06:21:16 | 001,397,830 | ---- | C] () -- C:\Users\Lea2\Apr2006_d3dx9_30_x64.cab
[2010.06.02 06:21:16 | 001,347,354 | ---- | C] () -- C:\Users\Lea2\Apr2005_d3dx9_25_x64.cab
[2010.06.02 06:21:16 | 001,115,221 | ---- | C] () -- C:\Users\Lea2\Apr2006_d3dx9_30_x86.cab
[2010.06.02 06:21:16 | 001,078,962 | ---- | C] () -- C:\Users\Lea2\Apr2005_d3dx9_25_x86.cab
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2010.06.27 15:02:40 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\Ahnenblatt
[2011.01.08 14:55:56 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\Anvil Studio
[2010.08.15 15:33:02 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\Artweaver
[2012.01.01 16:30:25 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\Canon
[2011.07.26 13:44:06 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\DVDVideoSoft
[2011.08.04 22:10:30 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.02.18 21:07:42 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\FreeAudioPack
[2011.12.29 22:30:26 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\gtk-2.0
[2011.01.14 11:08:05 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\Juniper Networks
[2010.04.21 06:21:21 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\OpenOffice.org
[2011.06.08 19:54:45 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\Openworld Learning
[2011.07.03 00:25:39 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\Papyrus Autor
[2010.04.18 22:01:12 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\PlayFirst
[2011.10.04 21:33:19 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\RenPy
[2010.11.14 17:13:29 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\Smith Micro
[2010.12.18 18:47:49 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\Sony
[2010.08.29 16:24:42 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\Synthesia
[2010.04.22 18:55:32 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\SYSTEMAX Software Development
[2011.07.03 18:31:13 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\TIPP10
[2011.06.20 12:02:34 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\uTorrent
[2012.02.27 20:41:19 | 000,000,000 | ---D | M] -- C:\Users\Lea2\AppData\Roaming\.minecraft
[2012.12.05 17:26:57 | 000,000,000 | ---D | M] -- C:\Users\Lea2\AppData\Roaming\Audacity
[2012.02.10 20:06:42 | 000,000,000 | ---D | M] -- C:\Users\Lea2\AppData\Roaming\Canon
[2013.05.14 23:26:33 | 000,000,000 | ---D | M] -- C:\Users\Lea2\AppData\Roaming\DAEMON Tools Lite
[2013.05.15 17:23:56 | 000,000,000 | ---D | M] -- C:\Users\Lea2\AppData\Roaming\DesktopIconForAmazon
[2013.02.13 17:53:29 | 000,000,000 | ---D | M] -- C:\Users\Lea2\AppData\Roaming\DVDVideoSoft
[2012.02.04 20:08:53 | 000,000,000 | ---D | M] -- C:\Users\Lea2\AppData\Roaming\GameConsole
[2013.04.17 18:38:09 | 000,000,000 | ---D | M] -- C:\Users\Lea2\AppData\Roaming\Gensokyo.org
[2013.05.02 23:03:36 | 000,000,000 | ---D | M] -- C:\Users\Lea2\AppData\Roaming\gtk-2.0
[2012.06.12 21:43:54 | 000,000,000 | ---D | M] -- C:\Users\Lea2\AppData\Roaming\hdbADS
[2012.09.02 19:36:12 | 000,000,000 | ---D | M] -- C:\Users\Lea2\AppData\Roaming\LibrariIcon
[2012.03.10 20:41:01 | 000,000,000 | ---D | M] -- C:\Users\Lea2\AppData\Roaming\LolClient
[2012.06.12 21:44:27 | 000,000,000 | ---D | M] -- C:\Users\Lea2\AppData\Roaming\MrJobs
[2013.02.17 21:44:25 | 000,000,000 | ---D | M] -- C:\Users\Lea2\AppData\Roaming\ONScripter-EN
[2012.02.12 23:39:43 | 000,000,000 | ---D | M] -- C:\Users\Lea2\AppData\Roaming\OpenOffice.org
[2012.02.18 19:17:40 | 000,000,000 | ---D | M] -- C:\Users\Lea2\AppData\Roaming\POV-Ray
[2013.02.21 23:27:41 | 000,000,000 | ---D | M] -- C:\Users\Lea2\AppData\Roaming\RenPy
[2013.04.17 18:37:55 | 000,000,000 | ---D | M] -- C:\Users\Lea2\AppData\Roaming\ShanghaiAlice
[2012.12.16 16:20:38 | 000,000,000 | ---D | M] -- C:\Users\Lea2\AppData\Roaming\Stardock
[2012.12.04 21:00:12 | 000,000,000 | ---D | M] -- C:\Users\Lea2\AppData\Roaming\Synthesia
[2012.02.04 22:53:15 | 000,000,000 | ---D | M] -- C:\Users\Lea2\AppData\Roaming\SYSTEMAX Software Development
[2012.03.13 11:12:19 | 000,000,000 | ---D | M] -- C:\Users\Lea2\AppData\Roaming\Tific
[2013.04.21 15:30:14 | 000,000,000 | ---D | M] -- C:\Users\Lea2\AppData\Roaming\Umineko4final
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:4D066AD2
< End of report >
--- --- ---
OTL Logfile: Code:
OTL Extras logfile created on: 15.05.2013 18:54:28 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lea2\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,75 Gb Total Physical Memory | 0,95 Gb Available Physical Memory | 34,63% Memory free
5,50 Gb Paging File | 3,13 Gb Available in Paging File | 56,91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 919,41 Gb Total Space | 815,01 Gb Free Space | 88,64% Space Free | Partition Type: NTFS
Drive E: | 4,17 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: LEA-PC | User Name: Lea2 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-2364204294-1336410954-2551016912-1005\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0294BB2F-6178-459D-8C46-8D1C40D6AD6B}" = rport=445 | protocol=6 | dir=out | app=system |
"{057550CC-1C7E-4C7B-A2F8-3A8DDC978C8C}" = lport=138 | protocol=17 | dir=in | app=system |
"{0613236B-36E4-4B6C-85F5-1966ABE10714}" = lport=445 | protocol=6 | dir=in | app=system |
"{08E024BB-596A-4DFF-A430-159062EB67CE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{19A5737B-0BEE-43C8-BCD3-3CC714AA4FD3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1BBCDEDF-01E1-4C2F-AA6C-4E60184D32BE}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{20B0BB91-56BC-4D93-9565-C88B181DD408}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{25609BD0-B875-4560-A9D6-13400FC0A76A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{25B9D31D-64EC-44F5-900B-17177C3E5D3C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{295EF879-34FC-4A05-A484-51AA1443280E}" = lport=445 | protocol=6 | dir=in | app=system |
"{2DB4DF28-30B1-4148-9911-880CB5704F25}" = rport=10243 | protocol=6 | dir=out | app=system |
"{2FA65B31-3A9D-4C20-AFC6-469495F0EF44}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4084E937-EAAA-47EE-9520-7BE7CE434C09}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{41C182EF-4F5E-4D31-AFF5-390F0B3337F0}" = lport=10243 | protocol=6 | dir=in | app=system |
"{4588598D-3C3D-448B-A939-036DDEB3101C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{469EE121-3CA3-4452-BF1B-EE7A6409979B}" = lport=139 | protocol=6 | dir=in | app=system |
"{4BF5EB07-06A2-40E2-B5B6-244EF5C49A0F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5456EA1E-AF45-48BD-9C96-AB99A6CCF1D9}" = lport=139 | protocol=6 | dir=in | app=system |
"{55E1BBBA-D763-47DB-AA9C-41D4DDD6032E}" = rport=138 | protocol=17 | dir=out | app=system |
"{6364B77A-8796-4078-B3CC-5963A3E70B4F}" = rport=139 | protocol=6 | dir=out | app=system |
"{6E74A779-C837-4C3E-8D9C-193291C4FA9A}" = rport=139 | protocol=6 | dir=out | app=system |
"{6EFD3216-D4DB-448C-81DA-E8838C66FFD2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{70BBD11C-5DBF-4CAF-A15F-698A9B551F43}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{754E48D5-CA54-4151-8161-EF16DE2FF568}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7C7BD74E-D59D-40F9-8481-A74C4729E9DD}" = rport=138 | protocol=17 | dir=out | app=system |
"{83BF7AAB-2EF4-49C5-8CF5-1509C3C65B54}" = rport=137 | protocol=17 | dir=out | app=system |
"{86444BB3-291D-4D31-A046-BB4AA3243C28}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8AA15C73-0EC5-43C6-A245-3C37CBF856C2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8F4B5766-E338-41BB-AB09-5BD80CD954C1}" = rport=445 | protocol=6 | dir=out | app=system |
"{90006C3B-5822-4D70-B70E-323715284BD3}" = lport=137 | protocol=17 | dir=in | app=system |
"{926F8C61-9549-44F3-B1A0-69CF938678A9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AC5179E9-9DBD-4E9D-B199-CB37E3575876}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AF8150A9-8B4A-4262-900E-D368942052B3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BE10AB93-C4A6-464B-BE93-069E778BFF99}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C232D951-55E7-4D04-9346-F88A07FC0B22}" = lport=137 | protocol=17 | dir=in | app=system |
"{C3AA671D-6DEB-413D-ABD2-6959DBF6BD4F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C428A183-FD79-40B5-990D-895328F43AC8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CF0676E6-E2EC-438A-9741-7029DEBD00CE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D4C095E8-36ED-4B8D-BD91-BB6B85E1CF5C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E515255D-F64D-4D70-BFA8-32FC9B1D36E7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{E5A37E60-5D83-4715-803F-3B6931DFE6A4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F3F72F86-7CD5-4981-9975-63223712B6DA}" = lport=138 | protocol=17 | dir=in | app=system |
"{F50429BE-C242-4870-A750-B5F56E14641F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F534D21D-02A4-4E48-A237-A3745ED5E6D3}" = rport=137 | protocol=17 | dir=out | app=system |
"{F9C1EEE5-72B7-40C6-BC7C-64E9DF7DEB39}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FA0B5520-0CA9-401C-A14D-4A4E83D737D4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{FD636060-4B59-4CDA-BE59-7209006DA00E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{003C7A18-60D9-4C89-94D8-DE42C1AA1D76}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{00BD00B1-35C6-4F4F-8C72-E7E06B312B25}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{02A4D600-582A-4C14-ADFE-C125CF0CB18F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0653B468-413B-4F29-B741-89684331DE13}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{1473D86F-6F04-46A3-9153-CD04272511DC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1966D42D-FA86-4ED2-B1FC-08580DE528E1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1F88E1B2-7F2D-4D2B-B23B-23EA0FFA0E61}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{2E3C044E-C395-4E60-B510-468DF5042955}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{2FE7C7E2-BD44-4A57-A0A7-243CEACCECCD}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{36F5123F-807A-4F7D-9E7C-94DE166578B5}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{4849799C-D8E9-4360-8F9A-6B5F2BCC7EA4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{4F874D69-EBCA-42FA-B20A-6D59959C8B4E}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{56E808A1-BFD0-4B79-B567-B9FA848D697F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{59FE3230-15F7-4F26-8B8C-9A61587B3E0F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5B8C1DA1-1A34-49A4-A6FF-407994C4A217}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{61FB8AD2-C831-45AB-9DFB-D685C3A8300D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{62F27534-2769-4D2F-B42F-E96E62F64F44}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{65901CFC-D156-4C8F-90EA-C26D256CA195}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{68F6992D-6E9D-4F14-88EC-3E0B8BEC7EFF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{70F96BB5-809B-42FD-88FB-50B7744928C7}" = protocol=17 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{71A4A64C-B9AD-490C-9CCF-8D38DF2946D0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7B55684A-2859-4B44-9D06-CA505299F94C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{80644185-CF36-43F2-B8F7-81D57653F9CB}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8642AF85-31DC-4BB3-8E9D-1E478C224084}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8CA1FF49-B531-4DD7-A259-D91C6CF1A395}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8F05B38B-B077-4C87-8155-0650788A04F9}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{9820586C-2173-41C8-85F8-BE730EDE1F39}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{9AD66F1F-AB1C-4D63-847A-A1B7F4127B9D}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{9BE920BF-45B9-4F03-AB53-227209ACC0B0}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{9D24D13D-36C2-48B9-8055-90523D1CE6FD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{9DDA9A7F-D269-4527-93B3-A7C86D8D5F6D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A5589677-56C4-46C1-A86B-1F0B5425786F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A655C6EB-E737-42D0-BDD1-FC943E1EA331}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AB3FBA72-52C3-4476-9A38-230DBE05659B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B7A3C8EE-6B4A-4F91-A056-FF2CD871F46F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{BB569A5C-C1DD-4195-B9CA-6A329B72640B}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{BBA4429F-B7BF-4495-9F14-87CE282C31AA}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{BBC6EA30-74FD-4767-88CA-4078D045C8D6}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{BC7833D1-AE4B-4CAB-BDD5-6EA587E5C763}" = protocol=6 | dir=out | app=system |
"{C73D4B5A-42B6-4023-9111-71ACF94F0191}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C828B6DD-939F-4250-99D0-46550EFA180A}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{C8B3CE8F-D863-400F-984E-A54C5F195538}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{CB4BAF93-E667-4F23-AA2A-325F80C53D15}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CD511443-60C1-4E37-AFF4-48C0FD414639}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{CE504808-152F-4073-8BB9-0F8E7C4D30C6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D3648D1D-2BA3-4973-9B7E-EDC907B6E342}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D8F49691-0AE0-4E08-8910-96ADF70F57B3}" = protocol=6 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{DE1FAA60-AE5F-4372-84A8-4B7CE513F2DF}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{E362E273-6F05-485B-BF11-19BF83D9432E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E8715BB0-E132-4617-B344-62E03BFE2C1C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E926E57D-011D-4F63-BCC5-FFCFDC28D091}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EB2D4D31-2D3F-4A85-A126-4E7686EDBDE0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EDEDDB28-AF33-44C0-8F4E-7CF070EFA8FC}" = protocol=6 | dir=out | app=system |
"{EFA98652-B437-42AA-B7D3-EFFD71ED4ECD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F7DCF881-DB9D-4779-8D1C-CCCBAC7C73FF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{1773F251-1405-4AE7-987B-12C8068F8DC7}C:\users\lea\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\lea\appdata\local\akamai\netsession_win.exe |
"TCP Query User{22F28E01-78C8-426B-A8CA-1290115D0E7B}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"TCP Query User{CE9076E4-DB64-47BD-8BC6-37A87F38FBC5}C:\users\lea\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\lea\appdata\local\akamai\netsession_win.exe |
"UDP Query User{2B16CD88-FBC4-4B3F-B1DC-E2FE5956BABA}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"UDP Query User{395C9460-2B5E-4381-B84E-46B9A75E0D05}C:\users\lea\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\lea\appdata\local\akamai\netsession_win.exe |
"UDP Query User{CF02993F-9335-40D8-9798-9638DE09C7B9}C:\users\lea\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\lea\appdata\local\akamai\netsession_win.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0225AD21-F3E2-4916-BFF3-65D3F9052582}" = iTunes
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3100_series" = Canon MG3100 series MP Drivers
"{17B77355-3934-4D0E-8FAC-C420482C8E7D}" = Windows Live Family Safety
"{19DCDC0D-9D87-46DB-A4B0-08B35AA333A3}" = Corel Shell Extension - 64Bit
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86417007FF}" = Java 7 Update 7 (64-bit)
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{66A4349A-AA55-43E5-A781-62867A701A90}" = MacroKey Manager
"{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}" = MobileMe Control Panel
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 307.83
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 307.83
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"CCleaner" = CCleaner
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Recuva" = Recuva
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}" = CorelDRAW Essentials 4 - Windows Shell Extension
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0F022A2E-7022-497D-90A5-0F46746D8275}" = Macromedia Extension Manager
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20B1B020-DEAE-48D1-9960-D4C3185D758B}" = Phase 5 HTML-Editor
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2D37F6AE-D201-4580-B91A-6BF9BB93ED2D}" = Die Sims™ 2 Super Deluxe
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{31D611A1-03B5-4018-BC6F-DDB5B5616478}_is1" = eMachines GameZone Console
"{40719211-D09A-11DF-BA30-0013D3D69929}" = MSVCRT Redists
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{63C16E81-327C-49B6-9643-4F5EFD8A6B2D}" = winLAME 2010 beta 2
"{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}" = VoiceOver Kit
"{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = HP Foto- und Bildbearbeitung 2.0 All-in-One Treiber
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = eMachines Recovery Management
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 3.5.3
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}" = Die Sims™ 2 Freizeit-Spaß
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_PROR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_PROR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9867A917-5D17-40DE-83BA-BEA5293194B1}" = HP Foto- und Bildbearbeitung 2.0 - All-in-One
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B376402D-58EA-45EA-BD50-DD924EB67A70}" = HP Speicher-Disc
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims・3
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}" = CorelDRAW Essentials 4 - Windows Shell Extension
"{D0CE053E-0E5E-4C12-9BAE-D0F36021E911}" = POV-Ray for Windows v3.62
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = eMachines Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AnvSoft Photo Flash Maker Free" = AnvSoft Photo Flash Maker Free 5.18
"Canon MG3100 series Benutzerregistrierung" = Canon MG3100 series Benutzerregistrierung
"Canon MG3100 series On-screen Manual" = Canon MG3100 series On-screen Manual
"Canon_IJ_Network_Scanner_Selector_EX" = Canon IJ Network Scanner Selector EX
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"CEP - Colour Enable Packages_is1" = CEP - Color Enable Package
"DAEMON Tools Lite" = DAEMON Tools Lite
"EADM" = EA Download Manager
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"eMachines Registration" = eMachines Registration
"eMachines Screensaver" = eMachines ScreenSaver
"eMachines Welcome Center" = Welcome Center
"ESET Online Scanner" = ESET Online Scanner v3
"Google Chrome" = Google Chrome
"Identity Card" = Identity Card
"InstallShield_{66A4349A-AA55-43E5-A781-62867A701A90}" = MacroKey Manager
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 5.0" = Canon MP Navigator EX 5.0
"N360" = Norton 360
"PROR" = Microsoft Office Professional 2007
"Sims2Pack Clean Installer " = Sims2Pack Clean Installer
"thoosje logon editor" = thoosje logon editor
"Toolbar Cleaner" = Toolbar Cleaner 1.0
"tv_enua" = Lernout & Hauspie TruVoice American English TTS Engine
"UnderCoverXP_is1" = UnderCoverXP 1.23
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2364204294-1336410954-2551016912-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{F552CAC7-083C-4370-87B1-78677A764EE6}" = Starry☆Sky~in Spring~
"Umineko no Naku Koro ni English" = Umineko no Naku Koro ni English v4.4
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 14.05.2013 14:50:50 | Computer Name = Lea-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 8798
Error - 14.05.2013 14:50:51 | Computer Name = Lea-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 14.05.2013 14:50:51 | Computer Name = Lea-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9797
Error - 14.05.2013 14:50:51 | Computer Name = Lea-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9797
Error - 14.05.2013 14:50:52 | Computer Name = Lea-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 14.05.2013 14:50:52 | Computer Name = Lea-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 10795
Error - 14.05.2013 14:50:52 | Computer Name = Lea-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 10795
Error - 14.05.2013 14:50:54 | Computer Name = Lea-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 14.05.2013 14:50:54 | Computer Name = Lea-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 12418
Error - 14.05.2013 14:50:54 | Computer Name = Lea-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 12418
[ Media Center Events ]
Error - 01.02.2011 09:21:21 | Computer Name = Lea-PC | Source = MCUpdate | ID = 0
Description = 14:21:21 - Fehler beim Herstellen der Internetverbindung. 14:21:21
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 03.05.2013 04:09:58 | Computer Name = Lea-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
AFS
Error - 04.05.2013 04:43:16 | Computer Name = Lea-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
AFS
Error - 10.05.2013 08:53:55 | Computer Name = Lea-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
AFS
Error - 11.05.2013 04:12:09 | Computer Name = Lea-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
AFS
Error - 12.05.2013 03:55:39 | Computer Name = Lea-PC | Source = Microsoft-Windows-Application-Experience | ID = 205
Description = Der Dienst "Programmkompatibilitats-Assistent" konnte Phase 2 nicht
initialisieren.
Error - 12.05.2013 03:55:49 | Computer Name = Lea-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
AFS
Error - 13.05.2013 10:23:52 | Computer Name = Lea-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
AFS
Error - 14.05.2013 08:21:03 | Computer Name = Lea-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
AFS
Error - 15.05.2013 10:08:45 | Computer Name = Lea-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
AFS
Error - 15.05.2013 11:26:40 | Computer Name = Lea-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
AFS
< End of report >
--- --- --- |
Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
SecurityCheck und: