| glueckskind | 09.09.2011 11:02 |
done.
hier der malwarebytes-log:
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Datenbank Version: 7682
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19120
09.09.2011 11:39:58
mbam-log-2011-09-09 (11-39-58).txt
Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 186553
Laufzeit: 6 Minute(n), 30 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 1
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 1
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\Trymedia Systems (Adware.TryMedia) -> Quarantined and deleted successfully.
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden) und die zwei von otl:OTL Logfile: Code:
OTL logfile created on: 09.09.2011 11:47:25 - Run 1
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Users\Yvi\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19120)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,94 Gb Available Physical Memory | 64,88% Memory free
6,19 Gb Paging File | 5,19 Gb Available in Paging File | 83,74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 445,75 Gb Total Space | 217,11 Gb Free Space | 48,71% Space Free | Partition Type: NTFS
Drive D: | 19,99 Gb Total Space | 10,66 Gb Free Space | 53,32% Space Free | Partition Type: FAT32
Drive I: | 7,76 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: YVI-PC | User Name: Yvi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.09.09 11:46:45 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\Yvi\Desktop\OTL.exe
PRC - [2011.08.02 12:47:12 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Programme\Google\Update\1.3.21.65\GoogleCrashHandler.exe
PRC - [2011.07.06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.06.15 15:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Security Client\msseces.exe
PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.05.16 00:01:44 | 000,478,720 | ---- | M] (Crossrider) -- C:\Programme\CrossriderWebApps\Crossrider.exe
PRC - [2011.04.27 15:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) -- c:\Programme\Microsoft Security Client\Antimalware\NisSrv.exe
PRC - [2011.04.27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Programme\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2011.01.20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Programme\DAEMON Tools Lite\DTLite.exe
PRC - [2010.05.05 09:18:46 | 000,148,280 | ---- | M] () -- C:\Programme\Lexmark S300-S400 Series\ezprint.exe
PRC - [2010.05.05 09:18:43 | 000,770,728 | ---- | M] () -- C:\Programme\Lexmark S300-S400 Series\lxeamon.exe
PRC - [2010.04.14 16:45:21 | 000,598,696 | ---- | M] ( ) -- C:\Windows\System32\lxeacoms.exe
PRC - [2010.03.23 13:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) -- C:\Programme\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009.08.18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009.04.11 08:28:15 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.03.08 13:34:00 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\ielowutil.exe
PRC - [2008.02.28 18:07:14 | 001,801,216 | ---- | M] (Buhl Data Service GmbH) -- C:\Programme\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe
PRC - [2008.01.21 04:25:32 | 000,198,656 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\ink\InputPersonalization.exe
PRC - [2007.05.29 16:40:48 | 000,360,096 | ---- | M] () -- C:\Windows\System32\atwtusb.exe
PRC - [2007.05.29 08:55:20 | 001,969,824 | ---- | M] () -- C:\Windows\System32\WTMKM.exe
PRC - [2006.05.18 11:40:18 | 001,499,136 | ---- | M] () -- C:\Programme\NETGEAR\WG311T\wlancfg5.exe
========== Modules (No Company Name) ==========
MOD - [2010.05.05 09:18:46 | 000,148,280 | ---- | M] () -- C:\Programme\Lexmark S300-S400 Series\ezprint.exe
MOD - [2010.05.05 09:18:43 | 000,770,728 | ---- | M] () -- C:\Programme\Lexmark S300-S400 Series\lxeamon.exe
MOD - [2010.04.05 06:56:20 | 000,094,359 | ---- | M] () -- C:\Programme\Lexmark S300-S400 Series\epoemdll.dll
MOD - [2010.04.05 06:56:19 | 000,045,221 | ---- | M] () -- C:\Programme\Lexmark S300-S400 Series\epstring.dll
MOD - [2010.04.05 06:56:17 | 002,203,803 | ---- | M] () -- C:\Programme\Lexmark S300-S400 Series\epwizres.dll
MOD - [2010.04.05 06:56:07 | 000,716,954 | ---- | M] () -- C:\Programme\Lexmark S300-S400 Series\epwizard.dll
MOD - [2010.04.05 06:55:15 | 000,159,890 | ---- | M] () -- C:\Programme\Lexmark S300-S400 Series\customui.dll
MOD - [2010.04.05 06:55:04 | 000,061,604 | ---- | M] () -- C:\Programme\Lexmark S300-S400 Series\epfunct.dll
MOD - [2010.04.05 06:54:59 | 000,123,033 | ---- | M] () -- C:\Programme\Lexmark S300-S400 Series\eputil.dll
MOD - [2010.04.05 06:54:52 | 000,143,502 | ---- | M] () -- C:\Programme\Lexmark S300-S400 Series\imagutil.dll
MOD - [2010.04.01 13:24:28 | 001,159,168 | ---- | M] () -- C:\Programme\Lexmark S300-S400 Series\lxeadrs.dll
MOD - [2010.04.01 13:23:27 | 000,389,120 | ---- | M] () -- C:\Programme\Lexmark S300-S400 Series\lxeascw.dll
MOD - [2009.05.27 08:16:50 | 000,192,512 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\lxeadatr.dll
MOD - [2009.04.07 15:25:27 | 000,409,600 | ---- | M] () -- C:\Programme\Lexmark S300-S400 Series\iptk.dll
MOD - [2009.03.10 01:43:49 | 000,155,648 | ---- | M] () -- C:\Programme\Lexmark S300-S400 Series\lxeacaps.dll
MOD - [2009.03.02 10:25:47 | 000,151,552 | ---- | M] () -- C:\Programme\Lexmark S300-S400 Series\lxeaptp.dll
MOD - [2009.02.20 04:48:43 | 000,023,552 | ---- | M] () -- C:\Windows\System32\LXEAsmr.dll
MOD - [2009.02.20 04:48:03 | 000,299,008 | ---- | M] () -- C:\Windows\System32\LXEAsm.dll
MOD - [2007.05.29 16:40:48 | 000,360,096 | ---- | M] () -- C:\Windows\System32\atwtusb.exe
MOD - [2007.05.29 08:55:20 | 001,969,824 | ---- | M] () -- C:\Windows\System32\WTMKM.exe
MOD - [2006.08.28 17:29:00 | 000,180,224 | ---- | M] () -- C:\Windows\System32\ATWTINK.DLL
MOD - [2006.05.18 11:40:18 | 001,499,136 | ---- | M] () -- C:\Programme\NETGEAR\WG311T\wlancfg5.exe
MOD - [2006.04.24 14:27:58 | 000,098,304 | ---- | M] () -- C:\Programme\NETGEAR\WG311T\WlanDll.dll
========== Win32 Services (SafeList) ==========
SRV - [2011.09.07 09:37:55 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.07.06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Disabled | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.04.27 15:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2011.04.27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010.04.14 16:45:21 | 000,598,696 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxeacoms.exe -- (lxea_device)
SRV - [2010.04.14 16:45:14 | 000,193,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxeaserv.exe -- (lxeaCATSCustConnectService)
SRV - [2010.03.23 13:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2008.02.28 18:07:14 | 001,801,216 | ---- | M] (Buhl Data Service GmbH) [Auto | Running] -- C:\Programme\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe -- (srvcPVR)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2005.11.17 15:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\ALDI Foto Service Nord\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
========== Driver Services (SafeList) ==========
DRV - File not found [File_System | Disabled | Running] -- -- (MBAMProtector)
DRV - [2011.09.09 11:42:29 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5DB49302-83F6-4186-8BAB-77C088CAA2A3}\MpKsle37b256b.sys -- (MpKsle37b256b)
DRV - [2011.07.27 12:12:42 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011.04.27 15:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011.04.18 13:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010.06.23 09:21:32 | 000,259,176 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2010.03.23 13:15:36 | 000,308,859 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2008.11.16 18:39:44 | 000,131,984 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dne2000.sys -- (DNE)
DRV - [2008.04.03 12:56:00 | 007,444,672 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008.02.15 16:17:14 | 000,041,456 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Programme\HomeCinema\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})
DRV - [2008.01.21 04:23:21 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2008.01.17 22:35:30 | 000,041,456 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Programme\HomeCinema\PowerDVD\000.fcl -- ({95808DC4-FA4A-4C74-92FE-5B863F82066B})
DRV - [2008.01.16 18:27:56 | 000,174,600 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\ahcix86s.sys -- (ahcix86s)
DRV - [2007.11.21 12:35:06 | 000,569,344 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)
DRV - [2007.10.12 03:40:14 | 000,010,632 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdide.sys -- (amdide)
DRV - [2007.01.18 20:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2006.10.30 17:23:12 | 000,007,680 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2006.06.27 20:08:24 | 000,071,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\StMp3Rec.sys -- (StMp3Rec)
DRV - [2006.05.03 22:40:42 | 000,390,784 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snpstd.sys -- (snpstd)
DRV - [2006.04.04 10:54:28 | 000,456,768 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WG311T13.sys -- (AR5211)
DRV - [2002.07.17 15:20:32 | 000,084,832 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ASPI32.SYS -- (ASPI)
DRV - [2001.05.23 10:42:52 | 000,012,084 | ---- | M] (Aiptek) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UTBLFILT.sys -- (utblfilt)
DRV - [2001.02.18 17:09:56 | 000,009,312 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hp4200c.sys -- (hp4200c)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yodl.de/?&affid=1&uid=5ABE1BC3-76C2-4620-8ACC-E089E690C969
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaulturl: "hxxp://www.yodl.de/href.php?hrefname=FF-splug_google&q="
FF - prefs.js..browser.startup.homepage: "hxxp://www.ninwiki.com/Special:Random"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.5
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.6
FF - prefs.js..extensions.enabledItems: crossriderapp435@crossrider.com:0.72.17
FF - prefs.js..keyword.URL: "hxxp://www.yodl.de/href.php?hrefname=FF-splug_google&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.3088: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.3146: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.11.3006: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\crossriderapp435@crossrider.com: C:\ProgramData\CodecCheck\firefox [2011.07.26 20:05:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.22\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.09.07 12:40:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.22\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.09.07 12:40:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{0E810812-F4BB-4309-942A-755587587A5E}: C:\Program Files\BullGuard Software\BullGuard\antispam\tbspamfilter
[2008.07.11 16:40:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Yvi\AppData\Roaming\mozilla\Extensions
[2011.09.08 16:46:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Yvi\AppData\Roaming\mozilla\Firefox\Profiles\luyqcj2o.default\extensions
[2010.04.29 19:28:34 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Yvi\AppData\Roaming\mozilla\Firefox\Profiles\luyqcj2o.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.08.25 12:41:39 | 000,000,000 | ---D | M] (AvantGarde Rosepetal) -- C:\Users\Yvi\AppData\Roaming\mozilla\Firefox\Profiles\luyqcj2o.default\extensions\{9f94fab0-58a2-11dd-ae16-0800200c9a66}
[2011.08.18 16:42:54 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Yvi\AppData\Roaming\mozilla\Firefox\Profiles\luyqcj2o.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011.05.12 09:59:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Yvi\AppData\Roaming\mozilla\Firefox\Profiles\luyqcj2o.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2011.05.12 09:59:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Yvi\AppData\Roaming\mozilla\Firefox\Profiles\luyqcj2o.default\extensions\{dc572301-7619-498c-a57d-39143191b318}\modules\extensions
[2011.03.28 19:46:29 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.07.26 20:05:04 | 000,000,000 | ---D | M] ("Premiumplay Codec-C") -- C:\PROGRAMDATA\CODECCHECK\FIREFOX
[2011.03.20 01:06:12 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2009.09.18 20:17:57 | 000,001,779 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\clipfish.xml
[2009.09.18 20:17:57 | 000,001,013 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\conrad.xml
[2009.09.18 20:17:57 | 000,002,487 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\discount24.xml
[2011.03.20 01:06:12 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.03.20 01:06:13 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2009.09.18 20:17:57 | 000,001,047 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\musicload.xml
[2009.09.18 20:17:57 | 000,002,120 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\myvideo.xml
[2009.09.18 20:17:57 | 000,002,023 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\otto.xml
[2009.09.18 20:17:57 | 000,000,758 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\quelle.xml
[2009.09.18 20:17:57 | 000,001,329 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\telefonbuch-de.xml
[2011.03.20 01:06:13 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.03.20 01:06:13 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
[2009.09.18 20:17:57 | 000,005,375 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yodl.xml
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (CmjBrowserHelperObject Object) - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - C:\Programme\Mindjet\MindManager 9\Mm8InternetExplorer.dll (Mindjet)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (CrossRider) - {A876E312-7D08-401a-B7A6-FAFC5DC2F292} - C:\Programme\CrossriderWebApps\Crossrider.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Programme\kikin\ie_kikin.dll (kikin)
O4 - HKLM..\Run: [atwtusb] C:\Windows\System32\atwtusb.exe ()
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark S300-S400 Series\ezprint.exe ()
O4 - HKLM..\Run: [hplampc] C:\Windows\System32\hplampc.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] File not found
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [snpstd] C:\Windows\vsnpstd.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [CrossRiderPlugin] C:\Programme\CrossriderWebApps\Crossrider.exe (Crossrider)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [espaces] File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - File not found
O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Programme\kikin\ie_kikin.dll (kikin)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: An Mindjet MindManager senden - {2F72393D-2472-4F82-B600-ED77F354B7FF} - C:\Programme\Mindjet\MindManager 9\Mm8InternetExplorer.dll (Mindjet)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/mjss/MJSS.cab109791.cab ()
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab (Solitaire Showdown Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6876E3B5-09B4-40A9-AB89-8CBD155BB5EC}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Yvi\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Yvi\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{57e932e0-f2d6-11de-b4f2-001d92ecbd05}\Shell\AutoRun\command - "" = I:\installer.exe
O33 - MountPoints2\{57e932e0-f2d6-11de-b4f2-001d92ecbd05}\Shell\verb\command - "" = I:\installer.exe
O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\setupSNK.exe
O33 - MountPoints2\L\Shell\AutoRun\command - "" = L:\setupSNK.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 11.0
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.exe.lnk - C:\Programme\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe - (Adobe Systems, Inc.)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^w98Eject.lnk - C:\Windows\system\w98eject.exe - (Sigmatel)
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - File not found
MsConfig - StartUpReg: BDRegion - hkey= - key= - C:\Programme\CyberLink\Shared Files\brs.exe (cyberlink)
MsConfig - StartUpReg: Google Desktop Search - hkey= - key= - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
MsConfig - StartUpReg: IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - hkey= - key= - C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
MsConfig - StartUpReg: lxeamon.exe - hkey= - key= - C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe ()
MsConfig - StartUpReg: PhonostarTimer - hkey= - key= - C:\Programme\phonostar\ps_timer.exe (phonostar)
MsConfig - StartUpReg: PlayMovie - hkey= - key= - C:\Program Files\HomeCinema\PlayMovie\PMVService.exe (CyberLink Corp.)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: RtHDVCpl - hkey= - key= - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig - StartUpReg: Skytel - hkey= - key= - C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: Steam - hkey= - key= - C:\Program Files\Steam\Steam.exe (Valve Corporation)
MsConfig - StartUpReg: swg - hkey= - key= - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
MsConfig - StartUpReg: toolbar_eula_launcher - hkey= - key= - C:\Programme\GoogleEULA\EULALauncher.exe ( )
MsConfig - StartUpReg: TVBroadcast - hkey= - key= - C:\Programme\Sceneo\AbsolutTV\Services\ODSBC\ODSBCApp.exe (ODSoft multimedia)
MsConfig - State: "startup" - 2
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2011.09.09 11:46:33 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Users\Yvi\Desktop\OTL.exe
[2011.09.09 11:13:40 | 000,000,000 | ---D | C] -- C:\Users\Yvi\AppData\Roaming\Malwarebytes
[2011.09.09 11:13:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.09.09 11:13:23 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.09.06 09:35:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Systems VPN Client
[2011.09.06 09:35:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Deterministic Networks
[2011.09.06 09:35:32 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco Systems
[2011.09.05 19:04:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free PDF to Word Doc Converter
[2011.09.05 19:04:37 | 000,000,000 | ---D | C] -- C:\Program Files\Free PDF to Word Doc Converter
[2011.08.29 21:55:13 | 000,000,000 | ---D | C] -- C:\Users\Yvi\atomix
[2011.08.28 16:35:09 | 000,000,000 | ---D | C] -- C:\Users\Yvi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2011.08.27 22:32:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2011.08.27 22:32:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2011.08.27 22:32:07 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2011.08.17 17:49:33 | 000,000,000 | ---D | C] -- C:\Users\Yvi\AppData\Local\Solid State Networks
[2010.09.21 11:14:16 | 000,442,368 | ---- | C] ( ) -- C:\Windows\System32\lxeacoin.dll
[2010.09.21 11:13:24 | 001,048,576 | ---- | C] ( ) -- C:\Windows\System32\lxeaserv.dll
[2010.09.21 11:13:24 | 000,847,872 | ---- | C] ( ) -- C:\Windows\System32\lxeausb1.dll
[2010.09.21 11:13:24 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxeainpa.dll
[2010.09.21 11:13:24 | 000,356,352 | ---- | C] ( ) -- C:\Windows\System32\LXEAhcp.dll
[2010.09.21 11:13:24 | 000,344,064 | ---- | C] ( ) -- C:\Windows\System32\lxeaiesc.dll
[2010.09.21 11:13:23 | 000,802,816 | ---- | C] ( ) -- C:\Windows\System32\lxeacomc.dll
[2010.09.21 11:13:23 | 000,688,128 | ---- | C] ( ) -- C:\Windows\System32\lxeahbn3.dll
[2010.09.21 11:13:23 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxeapmui.dll
[2010.09.21 11:13:23 | 000,598,696 | ---- | C] ( ) -- C:\Windows\System32\lxeacoms.exe
[2010.09.21 11:13:23 | 000,577,536 | ---- | C] ( ) -- C:\Windows\System32\lxealmpm.dll
[2010.09.21 11:13:23 | 000,373,416 | ---- | C] ( ) -- C:\Windows\System32\lxeacfg.exe
[2010.09.21 11:13:23 | 000,372,736 | ---- | C] ( ) -- C:\Windows\System32\lxeacomm.dll
[2010.09.21 11:13:23 | 000,324,264 | ---- | C] ( ) -- C:\Windows\System32\lxeaih.exe
[2008.07.30 18:33:31 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\rsnpstd.dll
[2005.04.21 00:16:28 | 000,036,864 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd.dll
[2004.02.16 20:59:50 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\csnpstd.dll
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Users\Yvi\AppData\Local\*.tmp files -> C:\Users\Yvi\AppData\Local\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.09.09 11:49:04 | 000,676,444 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.09.09 11:49:04 | 000,636,302 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.09.09 11:49:04 | 000,147,028 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.09.09 11:49:04 | 000,120,766 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.09.09 11:46:45 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\Yvi\Desktop\OTL.exe
[2011.09.09 11:44:47 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011.09.09 11:42:28 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.09.09 11:42:28 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.09.09 11:42:27 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.09.09 11:42:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.09.08 15:52:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.09.06 09:36:50 | 000,001,593 | ---- | M] () -- C:\Windows\VPNInstall.MIF
[2011.09.06 09:35:36 | 000,001,982 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Users\Yvi\AppData\Local\*.tmp files -> C:\Users\Yvi\AppData\Local\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.09.06 09:36:50 | 000,001,593 | ---- | C] () -- C:\Windows\VPNInstall.MIF
[2011.09.06 09:35:36 | 000,001,982 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk
[2011.09.04 12:51:11 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2010.11.18 22:11:20 | 000,000,112 | ---- | C] () -- C:\Windows\ActiveSkin.INI
[2010.09.21 11:14:18 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxeavs.dll
[2010.09.21 11:14:14 | 000,294,912 | ---- | C] () -- C:\Windows\System32\lxeacui.dll
[2010.09.21 11:14:14 | 000,110,592 | ---- | C] () -- C:\Windows\System32\lxeacuir.dll
[2010.09.21 11:14:14 | 000,086,016 | ---- | C] () -- C:\Windows\System32\lxeagcfg.dll
[2010.09.21 11:13:24 | 000,331,776 | ---- | C] () -- C:\Windows\System32\LXEAinst.dll
[2010.09.21 11:13:23 | 000,323,584 | ---- | C] () -- C:\Windows\System32\lxeains.dll
[2010.09.21 11:13:23 | 000,262,144 | ---- | C] () -- C:\Windows\System32\lxeainsb.dll
[2010.09.21 11:13:23 | 000,253,952 | ---- | C] () -- C:\Windows\System32\lxeacu.dll
[2010.09.21 11:13:23 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxeagrd.dll
[2010.09.21 11:13:23 | 000,106,496 | ---- | C] () -- C:\Windows\System32\lxeainsr.dll
[2010.09.21 11:13:23 | 000,090,112 | ---- | C] () -- C:\Windows\System32\lxeacub.dll
[2010.09.21 11:13:23 | 000,057,344 | ---- | C] () -- C:\Windows\System32\lxeajswr.dll
[2010.09.21 11:13:23 | 000,036,864 | ---- | C] () -- C:\Windows\System32\lxeacur.dll
[2010.09.21 11:13:09 | 000,299,008 | ---- | C] () -- C:\Windows\System32\LXEAsm.dll
[2010.09.21 11:13:09 | 000,023,552 | ---- | C] () -- C:\Windows\System32\LXEAsmr.dll
[2010.05.21 01:18:24 | 000,000,072 | ---- | C] () -- C:\Windows\oemaster.ini
[2010.04.26 22:35:43 | 000,306,688 | ---- | C] () -- C:\Windows\System32\Lffpx7.dll
[2010.04.26 22:35:43 | 000,095,232 | ---- | C] () -- C:\Windows\System32\Lfkodak.dll
[2010.04.26 22:35:25 | 000,014,348 | ---- | C] () -- C:\Windows\HPSETUP.INI
[2010.03.23 13:26:48 | 000,201,512 | ---- | C] () -- C:\Windows\System32\vpnapi.dll
[2010.03.19 01:04:40 | 000,004,956 | ---- | C] () -- C:\ProgramData\esswogwb.bbd
[2010.01.07 12:29:48 | 000,000,065 | ---- | C] () -- C:\Windows\FISHUI.INI
[2009.12.03 09:27:30 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009.10.10 14:59:40 | 000,001,040 | ---- | C] () -- C:\Users\Yvi\AppData\Roaming\wklnhst.dat
[2009.10.02 23:21:25 | 000,000,000 | ---- | C] () -- C:\Windows\popcinfo.dat
[2009.09.24 11:41:01 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.09.24 11:41:00 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.09.10 16:50:07 | 000,000,967 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2009.09.10 16:50:07 | 000,000,774 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.08.03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009.05.30 15:00:10 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2009.01.26 18:52:51 | 000,225,280 | R--- | C] () -- C:\Windows\USBM55phmgunin.exe
[2008.12.23 00:48:57 | 000,000,062 | ---- | C] () -- C:\Windows\10eG-Install.ini
[2008.12.14 17:16:51 | 000,253,696 | ---- | C] () -- C:\Windows\pptpunin.exe
[2008.12.07 23:56:23 | 000,006,688 | ---- | C] () -- C:\Windows\movexe.exe
[2008.10.16 17:23:22 | 000,360,096 | ---- | C] () -- C:\Windows\System32\atwtusb.exe
[2008.10.16 17:23:21 | 000,048,800 | ---- | C] () -- C:\Windows\System32\InstallService.exe
[2008.10.16 17:23:20 | 001,969,824 | ---- | C] () -- C:\Windows\System32\WTMKM.exe
[2008.10.16 17:23:20 | 000,180,224 | ---- | C] () -- C:\Windows\System32\ATWTINK.DLL
[2008.10.16 17:23:20 | 000,102,048 | ---- | C] () -- C:\Windows\RmTablet.exe
[2008.10.16 17:23:19 | 000,013,951 | ---- | C] () -- C:\Windows\System32\Photoshop Elements.ini
[2008.10.16 17:23:19 | 000,010,361 | ---- | C] () -- C:\Windows\System32\PhotoImpact XL SE.ini
[2008.10.16 17:23:19 | 000,007,633 | ---- | C] () -- C:\Windows\System32\Vista.ini
[2008.10.16 17:23:19 | 000,007,341 | ---- | C] () -- C:\Windows\System32\XP_2000.ini
[2008.10.16 17:23:19 | 000,006,386 | ---- | C] () -- C:\Windows\aiptbl.ini
[2008.10.16 17:23:19 | 000,000,574 | ---- | C] () -- C:\Windows\System32\MKProfile.ini
[2008.09.17 13:36:22 | 000,921,600 | ---- | C] () -- C:\Windows\System32\vorbisenc.dll
[2008.09.17 13:36:20 | 000,237,568 | ---- | C] () -- C:\Windows\System32\OggDS.dll
[2008.09.17 13:36:20 | 000,188,416 | ---- | C] () -- C:\Windows\System32\vorbis.dll
[2008.09.17 13:36:20 | 000,045,056 | ---- | C] () -- C:\Windows\System32\Ogg.dll
[2008.09.16 14:28:04 | 000,001,473 | ---- | C] () -- C:\Windows\eReg.dat
[2008.08.29 11:55:37 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008.08.13 17:09:06 | 000,000,000 | ---- | C] () -- C:\Windows\MAPPER.INI
[2008.07.30 18:33:39 | 000,053,248 | ---- | C] () -- C:\Windows\System32\dsnpstd.dll
[2008.07.23 23:39:17 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.07.22 14:38:48 | 000,000,029 | ---- | C] () -- C:\Windows\viewer.ini
[2008.07.11 16:40:18 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2008.07.09 21:06:50 | 000,007,592 | ---- | C] () -- C:\Users\Yvi\AppData\Local\d3d9caps.dat
[2008.07.08 20:28:07 | 000,246,784 | ---- | C] () -- C:\Users\Yvi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.07.06 17:21:19 | 000,000,091 | ---- | C] () -- C:\Users\Yvi\AppData\Local\fusioncache.dat
[2008.04.30 12:12:26 | 000,299,008 | ---- | C] () -- C:\Windows\System32\midas.dll
[2008.04.30 12:12:26 | 000,120,320 | ---- | C] () -- C:\Windows\System32\UnzDll.dll
[2008.04.30 11:28:46 | 000,000,052 | ---- | C] () -- C:\Windows\System32\drivers\VERSION.DAT
[2008.04.01 15:35:46 | 000,000,381 | ---- | C] () -- C:\Windows\WISO.INI
[2008.04.01 15:13:07 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2008.04.01 15:13:06 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2008.03.31 12:55:09 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008.01.21 09:15:58 | 000,676,444 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.01.21 09:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.01.21 09:15:58 | 000,147,028 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.01.21 09:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,372,872 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,636,302 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,120,766 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.05.03 22:40:42 | 000,390,784 | ---- | C] () -- C:\Windows\System32\drivers\snpstd.sys
[2006.04.04 10:54:28 | 000,192,512 | ---- | C] () -- C:\Windows\System32\AegisI5.exe
[2006.04.04 10:54:28 | 000,036,864 | ---- | C] () -- C:\Windows\System32\acs.exe
[2005.10.11 20:54:48 | 000,339,968 | ---- | C] () -- C:\Windows\vsnpstd.exe
[2005.02.02 02:29:12 | 000,020,480 | ---- | C] () -- C:\Windows\usnpstd.exe
[2003.01.18 00:34:40 | 000,015,541 | ---- | C] () -- C:\Windows\snpstd.ini
[2002.09.06 11:36:16 | 000,124,416 | ---- | C] () -- C:\Windows\lame_enc.dll
[2001.11.19 21:13:36 | 000,401,408 | ---- | C] () -- C:\Windows\stepbuttons.dll
[1997.12.08 02:03:00 | 000,067,104 | ---- | C] () -- C:\Windows\Paul-setup.exe
[1996.12.14 00:00:00 | 000,049,152 | ---- | C] () -- C:\Windows\System32\WRKGADM.EXE
[1996.12.14 00:00:00 | 000,025,600 | ---- | C] () -- C:\Windows\System32\VADE232.DLL
[1996.12.14 00:00:00 | 000,022,016 | ---- | C] () -- C:\Windows\System32\ODBCSTF.DLL
[1996.12.14 00:00:00 | 000,022,016 | ---- | C] () -- C:\Windows\System32\DOCOBJ.DLL
[1996.12.14 00:00:00 | 000,012,288 | ---- | C] () -- C:\Windows\System32\HLINKPRX.DLL
========== LOP Check ==========
[2011.05.07 09:09:07 | 000,000,000 | ---D | M] -- C:\Users\Yvi\AppData\Roaming\.minecraft
[2011.05.02 21:33:10 | 000,000,000 | ---D | M] -- C:\Users\Yvi\AppData\Roaming\.purple
[2009.06.07 20:03:34 | 000,000,000 | ---D | M] -- C:\Users\Yvi\AppData\Roaming\Amazon
[2010.06.16 23:17:50 | 000,000,000 | ---D | M] -- C:\Users\Yvi\AppData\Roaming\Bioshock
[2011.07.27 04:45:28 | 000,000,000 | ---D | M] -- C:\Users\Yvi\AppData\Roaming\BitTorrent
[2010.03.20 03:11:16 | 000,000,000 | ---D | M] -- C:\Users\Yvi\AppData\Roaming\CocoonSoftware
[2011.07.27 12:13:54 | 000,000,000 | ---D | M] -- C:\Users\Yvi\AppData\Roaming\DAEMON Tools Lite
[2010.01.07 12:29:38 | 000,000,000 | ---D | M] -- C:\Users\Yvi\AppData\Roaming\DataCast
[2011.05.07 12:42:01 | 000,000,000 | ---D | M] -- C:\Users\Yvi\AppData\Roaming\FreeFLVConverter
[2010.03.19 02:08:08 | 000,000,000 | ---D | M] -- C:\Users\Yvi\AppData\Roaming\FreeScreenToVideo
[2010.09.13 21:39:28 | 000,000,000 | ---D | M] -- C:\Users\Yvi\AppData\Roaming\gtk-2.0
[2010.09.16 15:04:49 | 000,000,000 | ---D | M] -- C:\Users\Yvi\AppData\Roaming\Gutscheinmieze
[2011.09.07 09:57:20 | 000,000,000 | ---D | M] -- C:\Users\Yvi\AppData\Roaming\ICQ
[2008.07.11 17:21:06 | 000,000,000 | ---D | M] -- C:\Users\Yvi\AppData\Roaming\ICQLite
[2010.05.21 01:26:36 | 000,000,000 | ---D | M] -- C:\Users\Yvi\AppData\Roaming\kikin
[2009.03.16 00:57:41 | 000,000,000 | ---D | M] -- C:\Users\Yvi\AppData\Roaming\McLoad
[2008.07.11 17:02:31 | 000,000,000 | ---D | M] -- C:\Users\Yvi\AppData\Roaming\Miranda
[2009.01.26 18:52:11 | 000,000,000 | ---D | M] -- C:\Users\Yvi\AppData\Roaming\MobileAction
[2010.02.21 15:18:58 | 000,000,000 | ---D | M] -- C:\Users\Yvi\AppData\Roaming\OfficeRecovery
[2009.07.11 12:17:42 | 000,000,000 | ---D | M] -- C:\Users\Yvi\AppData\Roaming\phonostar-Player
[2009.09.02 22:10:05 | 000,000,000 | ---D | M] -- C:\Users\Yvi\AppData\Roaming\QIP
[2009.01.27 14:00:24 | 000,000,000 | ---D | M] -- C:\Users\Yvi\AppData\Roaming\Simple Star
[2009.10.10 14:59:42 | 000,000,000 | ---D | M] -- C:\Users\Yvi\AppData\Roaming\Template
[2010.02.13 03:03:33 | 000,000,000 | ---D | M] -- C:\Users\Yvi\AppData\Roaming\TuneUp Software
[2011.09.09 11:41:12 | 000,032,530 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2008.07.06 17:21:13 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2009.09.24 20:45:00 | 000,000,000 | -HSD | M] -- C:\Boot
[2011.07.26 20:05:00 | 000,000,000 | ---D | M] -- C:\codec-info
[2006.11.02 15:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2008.07.06 17:13:53 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2010.09.21 11:12:00 | 000,000,000 | ---D | M] -- C:\Lexmark
[2008.07.22 16:34:36 | 000,000,000 | ---D | M] -- C:\Medion
[2008.12.14 17:16:51 | 000,000,000 | ---D | M] -- C:\MISSION
[2009.12.30 01:05:48 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2008.04.11 14:08:14 | 000,000,000 | ---D | M] -- C:\MyWorks
[2011.07.26 20:05:37 | 000,000,000 | ---D | M] -- C:\premiumsoft
[2011.09.09 11:13:23 | 000,000,000 | R--D | M] -- C:\Program Files
[2011.09.09 11:13:28 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2008.07.06 17:13:53 | 000,000,000 | -HSD | M] -- C:\Programme
[2010.04.26 22:35:43 | 000,000,000 | ---D | M] -- C:\SCANJET
[2010.04.26 22:35:15 | 000,000,000 | ---D | M] -- C:\sj655
[2011.09.09 11:49:18 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2009.09.10 16:50:13 | 000,000,000 | ---D | M] -- C:\Temp
[2008.08.13 17:07:50 | 000,000,000 | ---D | M] -- C:\UbiSoft
[2008.07.06 17:20:40 | 000,000,000 | R--D | M] -- C:\Users
[2011.09.06 09:40:26 | 000,000,000 | ---D | M] -- C:\Windows
[2008.09.08 18:09:57 | 000,000,000 | ---D | M] -- C:\xampp
< %PROGRAMFILES%\*.exe >
< %LOCALAPPDATA%\*.exe >
< %systemroot%\*. /mp /s >
< MD5 for: EXPLORER.EXE >
[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 04:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: REGEDIT.EXE >
[2008.01.21 04:24:53 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\regedit.exe
[2008.01.21 04:24:53 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_f42eb564dbd8a697\regedit.exe
< MD5 for: USERINIT.EXE >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
< MD5 for: WININIT.EXE >
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
< MD5 for: WINLOGON.EXE >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-09-07 10:45:19
========== Alternate Data Streams ==========
@Alternate Data Stream - 638 bytes -> C:\Users\Yvi\Documents\spielenachmittag_-abend (_.eml:OECustomProperty
< End of report >
--- --- --- extras:OTL Logfile: Code:
OTL Extras logfile created on: 09.09.2011 11:47:25 - Run 1
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Users\Yvi\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19120)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,94 Gb Available Physical Memory | 64,88% Memory free
6,19 Gb Paging File | 5,19 Gb Available in Paging File | 83,74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 445,75 Gb Total Space | 217,11 Gb Free Space | 48,71% Space Free | Partition Type: NTFS
Drive D: | 19,99 Gb Total Space | 10,66 Gb Free Space | 53,32% Space Free | Partition Type: FAT32
Drive I: | 7,76 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: YVI-PC | User Name: Yvi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~4\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{11B0C170-4D3E-4220-8806-7B4DFB611ADB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{301A28D9-CC67-4FE2-8B26-D665F65D4A4C}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{364F9AB9-CEAD-40C0-B336-5ED7879EDB9A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{374AA3E9-BECE-406A-BE1B-8B0FD04F1E31}" = rport=139 | protocol=6 | dir=out | app=system |
"{3C2BC6EC-0637-4601-951A-7303CCAF4A07}" = lport=139 | protocol=6 | dir=in | app=system |
"{3E6CBDD9-EE41-4F52-960B-C8F9CDDE33BA}" = lport=137 | protocol=17 | dir=in | app=system |
"{5053EE42-2E21-4FE4-8881-0601ACC88EA2}" = lport=445 | protocol=6 | dir=in | app=system |
"{6315892C-D473-49B7-8F20-1A8ED331D15E}" = rport=445 | protocol=6 | dir=out | app=system |
"{938A4075-8CAE-4F26-8D57-B74B9A2EE048}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{99D1D08F-C6D5-425A-9014-4ECB60B94255}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{A96EC6AF-069F-4379-891B-A345E2474029}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{BD991224-1357-49D3-8726-CF904A505482}" = lport=138 | protocol=17 | dir=in | app=system |
"{BE398DE8-3201-49E8-ADBC-F46042B97ECF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BFC98B4E-D51C-4DA4-AFF5-A028A3DE2EA9}" = rport=138 | protocol=17 | dir=out | app=system |
"{C1475E40-24B1-4FFF-A329-3E65431C3D49}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{C28AB338-CAFD-46A5-BC32-145B10F172C5}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{D93B6D11-83F7-4271-B8E2-AB0640D0D2F6}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DE938DAD-8629-4527-B9C5-5AEED97DA6A2}" = rport=137 | protocol=17 | dir=out | app=system |
"{FA8D3940-7FCB-4579-9781-02766D1A9834}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FEC9DC91-6481-4BCF-AAC1-BAADA9EC4BCA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{050D951E-4861-453B-901B-1EF29E63CF57}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{093236E9-D90F-4986-B244-F0B18590F6A0}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{117F21C4-B9E7-4DFC-8AE6-42A8806367A7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{15B796D0-5EFE-403A-A917-800241CEFE02}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{1819669A-AD67-4511-A125-B22B637B4629}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{21EEE702-1043-4380-87AF-2970844E1791}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{2A558AC9-D23D-4CD3-AC52-CD81711C0E8C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2E62EB71-CB0D-4B06-9592-977E7BBF7796}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{308D2295-71F2-4777-87F5-1104A680C0DF}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\portal 2\portal2.exe |
"{38937176-D46E-4694-998C-E95BDD7375EB}" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"{46513B2D-194A-44AA-B067-0C8E8F02DCF7}" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"{50B9C9C9-A1D0-4F0C-AA50-E41C4ECEDDF3}" = dir=in | app=c:\windows\system32\lxeacoms.exe |
"{57ECFFB6-EF28-401C-897A-44476F1ABD67}" = dir=in | app=c:\program files\homecinema\playmovie\playmovie.exe |
"{594004F0-2A09-483B-91BF-4D96DD6F2B66}" = dir=in | app=c:\windows\system32\lxeacoms.exe |
"{63FC5AAA-6C37-42DF-AC8B-F14FB3E99E6B}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{643FEC32-4A59-4FAF-A51B-99F09C40C03E}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{71D114BC-6C6E-4FC7-8DEE-3E8ED76F80BD}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{801DACCE-AE80-4329-8BAD-EC6C4596EA63}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{83176666-185A-4014-8152-2B23C109B985}" = dir=in | app=c:\program files\homecinema\powerdirector\pdr.exe |
"{8C699785-9625-43BA-AB25-C594F590809F}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{9524F062-4C15-4AF3-8582-D91DBC8CD54D}" = dir=in | app=c:\windows\system32\lxeacoms.exe |
"{9C14FC8A-2BEA-41B0-AED8-DB4FBB1F4FCC}" = dir=in | app=c:\program files\homecinema\playmovie\pmvservice.exe |
"{A23348EC-8353-4649-8231-9F5AD5933B53}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{AB86E956-9CF0-48C6-BC39-EC91EE0BAFD0}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{B2A01903-1FAC-43F7-A777-2605A8DE79B8}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{C1542B42-FF23-4DFF-A108-8AF67F8E1BE8}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{C1EEF1A2-B250-4167-9072-CDB0E6C177D4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C2305E0C-B8F1-4AEE-B832-EC3F8934AB45}" = dir=in | app=c:\program files\homecinema\powerdvd\powerdvd.exe |
"{C5B90965-B043-49F8-8BA4-7461C5FB297E}" = dir=in | app=c:\windows\system32\lxeacoms.exe |
"{C67D9EE5-7862-4C72-A75B-7BE3C586CD38}" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"{CBBA7441-09EC-4A30-B508-4CB710C4E265}" = protocol=17 | dir=in | app=h:\alicecd.exe |
"{CBED4B7D-6ADB-4FA3-83E9-EACB94B0B187}" = protocol=6 | dir=in | app=h:\alicecd.exe |
"{CDF15067-DE91-4CAE-A73C-F5E97415021B}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{D51B741C-B7F5-4FC3-BCB8-47FFCAAC9247}" = dir=in | app=c:\program files\homecinema\makedisc\makedisc.exe |
"{D8CE8103-5595-4C2F-99D8-CC9C951791B2}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\portal 2\portal2.exe |
"{E8C2FD35-6555-4A19-BC75-6213CC7B096D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{EBF3EF6B-003A-4A6E-9FC8-EEA0C30A7FA9}" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"{F08C870D-303D-4F00-A6B5-C75E96C59164}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"TCP Query User{0F45DF03-7D18-447E-936E-7FDEA313F8B6}C:\xampp\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
"TCP Query User{21466352-AFCF-4A72-B7F3-D051827C336A}C:\program files\steam\steamapps\common\portal 2\portal2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\portal 2\portal2.exe |
"TCP Query User{25517D32-3BBE-4F96-AD06-27246CD5D3A8}C:\program files\miranda im\miranda32.exe" = protocol=6 | dir=in | app=c:\program files\miranda im\miranda32.exe |
"TCP Query User{3A49D631-774B-42DF-9341-387C659B1311}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"TCP Query User{5DE6BB2A-72C3-40A2-86F8-08F592AFAF7D}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{6BA400C8-CB2B-41CF-B9CA-2A228FA4B9C5}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{6E6CD1D4-4901-4C1E-82CF-A331D2144C95}C:\xampp\apache\bin\apache.exe" = protocol=6 | dir=in | app=c:\xampp\apache\bin\apache.exe |
"TCP Query User{764975D0-697D-49EA-BE14-C9CA57365678}C:\users\yvi\downloads\ipcurve100win32\ipcurve\ipcurve.exe" = protocol=6 | dir=in | app=c:\users\yvi\downloads\ipcurve100win32\ipcurve\ipcurve.exe |
"TCP Query User{771C3396-4F64-4140-B573-98F14F3D749F}C:\program files\icqlite\icqlite.exe" = protocol=6 | dir=in | app=c:\program files\icqlite\icqlite.exe |
"TCP Query User{7CC3CF82-1508-4F6D-8E3C-25F6F123992F}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{7CF55CB3-859F-4B58-BE1C-C96A59538D6F}C:\program files\qip infium\infium.exe" = protocol=6 | dir=in | app=c:\program files\qip infium\infium.exe |
"TCP Query User{8A2E5674-4EBC-4A2C-A204-E489D7DA7E5A}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{90654FFA-076A-4A6F-A317-2305C715BF36}C:\program files\java\jre1.6.0_06\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.6.0_06\bin\javaw.exe |
"TCP Query User{B0FB3946-E5DD-4E20-8215-8F646724789A}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{C41EE633-9212-412A-B674-DE95A3093775}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{DB015508-EC3B-43CD-AC65-860DAF153450}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"TCP Query User{E194A3EF-9D0D-4CBA-B62C-DB5691C9755E}C:\program files\java\jre1.6.0_06\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.6.0_06\bin\javaw.exe |
"TCP Query User{EE253F81-E48A-4D20-8E9C-7ABE340BF2D5}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{F1632741-3E4F-454D-83F3-633240A552E3}C:\program files\icqlite\icqlite.exe" = protocol=6 | dir=in | app=c:\program files\icqlite\icqlite.exe |
"UDP Query User{167DDB5A-EA87-404C-B78E-B106B8531B1E}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{26E6A495-7922-4E96-86DC-79A2589BA61D}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"UDP Query User{4AE1D26A-6F4F-4EB5-A2D0-C9B5F230A643}C:\xampp\apache\bin\apache.exe" = protocol=17 | dir=in | app=c:\xampp\apache\bin\apache.exe |
"UDP Query User{5101F411-7B56-4B95-8B51-5F515D46342E}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{59A5DE72-F107-4106-90E9-451B23866882}C:\program files\qip infium\infium.exe" = protocol=17 | dir=in | app=c:\program files\qip infium\infium.exe |
"UDP Query User{5B0E64F6-545E-4396-8021-7009DFB001C4}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{6EF9A5EB-BD7F-455F-9AD0-EC862F951F12}C:\xampp\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
"UDP Query User{775CEE26-DAA8-4EC6-A769-FE74D6F99CCB}C:\program files\steam\steamapps\common\portal 2\portal2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\portal 2\portal2.exe |
"UDP Query User{7AD709A3-2A29-408A-873D-14C1B13571E6}C:\program files\icqlite\icqlite.exe" = protocol=17 | dir=in | app=c:\program files\icqlite\icqlite.exe |
"UDP Query User{9B532CAD-DAF1-4BED-BFB9-C722A13D8656}C:\program files\icqlite\icqlite.exe" = protocol=17 | dir=in | app=c:\program files\icqlite\icqlite.exe |
"UDP Query User{A2C099DA-A91F-4F43-9587-3A2F59418EBC}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"UDP Query User{B29507D8-C45E-43F9-BCF8-BFD52D230D92}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{C694473C-0D09-4512-B17F-53AAE6FE1F1A}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{CE1BD52C-C9E1-4C1C-97FB-DEE0BF229275}C:\program files\miranda im\miranda32.exe" = protocol=17 | dir=in | app=c:\program files\miranda im\miranda32.exe |
"UDP Query User{D7BD00A0-C1D4-410D-A592-65FEBD5FB20C}C:\users\yvi\downloads\ipcurve100win32\ipcurve\ipcurve.exe" = protocol=17 | dir=in | app=c:\users\yvi\downloads\ipcurve100win32\ipcurve\ipcurve.exe |
"UDP Query User{E9E4396A-DD90-4318-9E16-450869B8D4E4}C:\program files\java\jre1.6.0_06\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.6.0_06\bin\javaw.exe |
"UDP Query User{EEA85A52-3E76-482B-A917-6D2181392618}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{F6570E4F-22BE-43F7-AC11-6651B26FA4B2}C:\program files\java\jre1.6.0_06\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.6.0_06\bin\javaw.exe |
"UDP Query User{F70EE985-5887-4D9D-A36A-4AF01AC26FBA}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{11AFE21E-B193-430D-B57A-DFF7815BB962}" = Ulead PhotoImpact 12
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23BB5CFE-8B85-4568-9A85-68F99D19680E}" = Audio 180 %
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{289338AE-2213-4509-AED2-450414C1260C}_is1" = ICQ Update Patch 1.7
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6
"{36BBA884-C697-48B6-B496-5F329215E249}" = BioShock Demo
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{47948554-90C6-4AAC-8CFA-D23CE11C1031}" = Nero 8 Essentials
"{4C73B683-B15D-4B94-AC7A-520B70C4FFE9}" = Sceneo AbsolutTV
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client DE-DE Language Pack
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57383270-6F61-4DC8-A9B8-C1745FC29F38}" = USB PC Camera (SN9C101)
"{588D9F5F-8C62-4421-BAE9-CCAA57D4E4EE}" = TVsweeper 3
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{7655E113-C306-11D9-A373-0050BAE317E1}" = MCE Software Encoder 1.1
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{769033E4-C119-496A-8144-3F468081F8D7}" = Movavi Video Suite 8
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7AE38076-D8FD-4EF9-A203-98A3EF0C66C1}" = Siemens Data Suite
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F251952-43A3-1305-997C-5B285C76FCAD}" = ATI Catalyst Install Manager
"{9FD45917-95E6-449D-ACC9-01E634A34CBD}_is1" = MPEG Video Wizard DVD 5.0.0.104 (01/2010)
"{A450831D-25F6-4F42-9662-D000B25E0D82}" = Play Movie
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Deutsch
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B0BF7057-6869-4E4B-920C-EA2A58DA07F0}" = Cisco Systems VPN Client 5.0.07.0290
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B145EC69-66F5-11D8-9D75-000129760D75}" = MakeDisc
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B4CF84DC-055D-469B-AFEC-FFB9E5FB770B}" = TrekStor i.Beat censo
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{BAF5914B-5730-4373-B038-9F436AC6A0D6}" = Rayman3
"{C19BE821-89B1-4A96-AC7C-873810C0CB5F}" = ContentSAFER for Wizmax
"{C20CE592-B0F8-4D20-BF31-0151CA6331A6}" = EmoDio
"{C9D96682-5A4D-45FA-BA3E-DDCB2B0CB868}" = Safari
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D5A9B7C0-8751-11D8-9D75-000129760D75}" = MediaShow
"{D8D22773-14BF-4178-A683-3DBA515C2A26}" = WISO Mein Geld 2008 Professional
"{DB44F479-789A-4D76-A31E-663C5658F576}" = Mindjet MindManager 9
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F701F7AC-B6A5-4B97-8901-B6C08649FCDF}" = TrekStor i.Beat cebrax FM
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 4.57
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 6.0" = Adobe Photoshop 6.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Adobe SVG Viewer" = Adobe SVG Viewer
"Advanced MP3 Converter_is1" = Advanced MP3 Converter 2.20
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"BitTorrent" = BitTorrent
"CamStudio" = CamStudio
"Crossrider" = Crossrider Web Apps
"DAEMON Tools Lite" = DAEMON Tools Lite
"Die Sims" = Die Sims
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"Doro_is1" = Doro 1.42
"Eufloria_is1" = Eufloria v2.07
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition
"Free FLV Converter_is1" = Free FLV Converter V 6.96.0
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 6.1
"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1
"Free Screen To Video_is1" = Free Screen To Video V 1.2
"Free Studio_is1" = Free Studio version 4.2
"Free YouTube Download_is1" = Free YouTube Download 2.2
"Free YouTube to Mp3 Converter_is1" = Free YouTube to Mp3 Converter version 3.1
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"GTK 2.0" = GTK+ Runtime 2.12.12 rev a (nur entfernen)
"hedgewars" = Hedgewars
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP PrecisionScan LT Software" = HP PrecisionScan LT Software
"Insaniquarium Deluxe 1.0" = Insaniquarium Deluxe 1.0
"InstallShield_{7AE38076-D8FD-4EF9-A203-98A3EF0C66C1}" = Siemens Data Suite
"InstallShield_{C20CE592-B0F8-4D20-BF31-0151CA6331A6}" = EmoDio
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{FC321AD2-48B4-4013-B997-A65D5FBBD006}" = NETGEAR WG311T Wireless Adapter
"JDownloader" = JDownloader
"kikin Plugin (Murb.com Edition)" = kikin Plugin (Murb.com Edition) 1.11
"LetsTrade" = LetsTrade Komponenten
"Lexmark S300-S400 Series" = Lexmark S300-S400 Series
"M55 USB-Handset Manager" = M55 USB-Handset Manager
"McLoad Preinstaller" = McLoad Preinstaller
"MEDION Fotos auf CD Nord D" = MEDION Fotos auf CD Nord
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox (3.6.22)" = Mozilla Firefox (3.6.22)
"Mpeg Video Wizard DVD 5.0" = MPEG Video Wizard DVD 5.0.0.104 (01/2010)
"MyFreeCodec" = MyFreeCodec
"NVIDIA Drivers" = NVIDIA Drivers
"OEMaster-Daten-ExportfürOutlookExpress" = OEMaster - DBX-Reader und Daten-Export für Outlook Express
"Office8.0" = Microsoft Office 97, Professional Edition
"OpenAL" = OpenAL
"PDF-XChange 3_is1" = PDF-XChange 3
"Pflanzen gegen Zombies" = Pflanzen gegen Zombies
"phonostarRadioPlayer_is1" = phonostar-Player Version 2.01.4
"Pidgin" = Pidgin
"PPTP" = Pink Panthers Gefährliche Mission
"RealPlayer 6.0" = RealPlayer
"Rmtablet" = GRAFIKABLETT MD 85637
"Siemens S55 Colour Scheme Editor_is1" = Siemens S55 Colour Scheme Editor 0.9.14
"Steam App 400" = Portal
"Steam App 620" = Portal 2
"SUPER ©" = SUPER © Version 2009.bld.35 (Jan 5, 2009)
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.1.5
"Winamp" = Winamp
"WinDjView" = WinDjView 1.0.3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Xilisoft AVI MPEG Converter" = Xilisoft AVI MPEG Converter
"Zuma Deluxe RA" = Zuma Deluxe RA
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"pdfsam" = pdfsam
"QIP Infium" = QIP Infium 2.0.9032 RC4
"QUICKMEDIACONVERTER" = QMC
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 03.11.2009 10:27:31 | Computer Name = Yvi-PC | Source = System Restore | ID = 8193
Description =
Error - 03.11.2009 11:27:38 | Computer Name = Yvi-PC | Source = WinMgmt | ID = 10
Description =
Error - 03.11.2009 17:08:15 | Computer Name = Yvi-PC | Source = WinMgmt | ID = 10
Description =
Error - 04.11.2009 11:01:10 | Computer Name = Yvi-PC | Source = WinMgmt | ID = 10
Description =
Error - 04.11.2009 13:08:54 | Computer Name = Yvi-PC | Source = WinMgmt | ID = 10
Description =
Error - 04.11.2009 13:45:15 | Computer Name = Yvi-PC | Source = System Restore | ID = 8193
Description =
Error - 04.11.2009 16:53:49 | Computer Name = Yvi-PC | Source = WinMgmt | ID = 10
Description =
Error - 04.11.2009 17:38:41 | Computer Name = Yvi-PC | Source = System Restore | ID = 8193
Description =
Error - 04.11.2009 17:38:53 | Computer Name = Yvi-PC | Source = System Restore | ID = 8193
Description =
Error - 04.11.2009 18:03:47 | Computer Name = Yvi-PC | Source = WinMgmt | ID = 10
Description =
[ OSession Events ]
Error - 12.05.2010 05:15:22 | Computer Name = Yvi-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 570
seconds with 360 seconds of active time. This session ended with a crash.
Error - 27.03.2011 10:18:40 | Computer Name = Yvi-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 6
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 07.09.2011 05:43:05 | Computer Name = Yvi-PC | Source = disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk2\DR2.
Error - 08.09.2011 07:44:11 | Computer Name = Yvi-PC | Source = Microsoft-Windows-ResourcePublication | ID = 1002
Description =
Error - 08.09.2011 07:44:30 | Computer Name = Yvi-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 08.09.2011 07:44:30 | Computer Name = Yvi-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 08.09.2011 10:53:28 | Computer Name = Yvi-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 08.09.2011 10:53:28 | Computer Name = Yvi-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 09.09.2011 05:09:40 | Computer Name = Yvi-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 09.09.2011 05:09:40 | Computer Name = Yvi-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 09.09.2011 05:42:50 | Computer Name = Yvi-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 09.09.2011 05:42:50 | Computer Name = Yvi-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report >
--- --- --- |
