| svenphili | 08.06.2012 23:47 |
Ich weiß nich ob ich auch den Extra.Txt posten soll also mach ich es einfach
OTL.Txt Code:
OTL logfile created on: 09.06.2012 00:14:16 - Run 1
OTL by OldTimer - Version 3.2.47.0 Folder = C:\Users\Babshuhn\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,75 Gb Total Physical Memory | 1,37 Gb Available Physical Memory | 49,79% Memory free
5,72 Gb Paging File | 3,19 Gb Available in Paging File | 55,75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,66 Gb Total Space | 27,38 Gb Free Space | 28,03% Space Free | Partition Type: NTFS
Drive D: | 368,10 Gb Total Space | 149,79 Gb Free Space | 40,69% Space Free | Partition Type: NTFS
Computer Name: BABSHUHN-PC | User Name: Babshuhn | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.06.09 00:11:10 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Babshuhn\Desktop\OTL.exe
PRC - [2012.05.29 17:25:52 | 001,564,880 | ---- | M] (Ask) -- C:\Programme\Ask.com\Updater\Updater.exe
PRC - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.02 00:55:21 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.02 00:31:35 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.04.24 02:11:55 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.03.26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Security Client\MsMpEng.exe
PRC - [2012.02.28 18:38:52 | 001,373,576 | ---- | M] (LogMeIn Inc.) -- D:\hamachi-2.exe
PRC - [2012.02.10 06:13:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.02.10 05:02:27 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvtray.exe
PRC - [2012.02.10 05:02:07 | 000,857,408 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.11.01 12:33:56 | 002,531,104 | ---- | M] (Emsi Software GmbH) -- C:\Programme\Online Armor\oaui.exe
PRC - [2011.11.01 12:33:54 | 004,363,040 | ---- | M] (Emsi Software GmbH) -- C:\Programme\Online Armor\oasrv.exe
PRC - [2011.11.01 12:33:52 | 001,163,800 | ---- | M] (Emsi Software GmbH) -- C:\Programme\Online Armor\oahlp.exe
PRC - [2011.11.01 12:33:52 | 000,207,936 | ---- | M] (Emsi Software GmbH) -- C:\Programme\Online Armor\oacat.exe
PRC - [2011.05.06 18:00:35 | 000,748,336 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\iexplore.exe
PRC - [2011.03.28 20:31:16 | 000,193,920 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2011.03.28 20:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2010.03.03 09:58:22 | 000,578,848 | ---- | M] (Ralink Technology, Corp.) -- C:\Programme\Ralink\Common\ApUI.exe
PRC - [2010.01.15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009.12.15 22:49:00 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) -- C:\Programme\Ralink\Common\RaRegistry.exe
PRC - [2009.04.11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
========== Modules (No Company Name) ==========
MOD - [2011.09.27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.09.27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.05.28 22:04:56 | 000,140,288 | ---- | M] () -- D:\Sven\RarExt.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe /svc -- (gupdate) Google Update Service (gupdate)
SRV - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.02 00:55:21 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.03.26 17:03:40 | 000,214,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012.03.26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012.02.28 18:38:52 | 001,373,576 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- D:\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012.02.10 06:13:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.11.01 12:33:54 | 004,363,040 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Programme\Online Armor\oasrv.exe -- (SvcOnlineArmor)
SRV - [2011.11.01 12:33:52 | 000,207,936 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Programme\Online Armor\oacat.exe -- (OAcat)
SRV - [2011.05.13 15:27:02 | 001,492,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2011.03.28 20:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.09.22 17:33:04 | 000,051,040 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.01.15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009.12.15 22:49:00 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Programme\Ralink\Common\RaRegistry.exe -- (RalinkRegistryWriter)
SRV - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012.04.27 10:20:04 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.04.25 00:32:27 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.04.16 21:17:40 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012.03.20 20:44:12 | 000,074,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2012.02.10 06:13:00 | 010,816,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011.11.01 12:34:28 | 000,040,296 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\oahlp32.sys -- (oahlpXX)
DRV - [2011.11.01 12:34:10 | 000,029,312 | ---- | M] (Emsisoft) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OAnet.sys -- (OAnet)
DRV - [2011.11.01 12:34:08 | 000,205,864 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\OADriver.sys -- (OADevice)
DRV - [2011.11.01 12:34:08 | 000,025,192 | ---- | M] (Emsisoft) [Kernel | System | Running] -- C:\Windows\System32\drivers\OAmon.sys -- (OAmon)
DRV - [2011.09.16 14:26:44 | 000,077,004 | ---- | M] (Oak Technology Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AFS.SYS -- (AFS)
DRV - [2011.04.12 11:46:00 | 000,013,824 | ---- | M] (TPMX Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HPub4DE3.sys -- (HPub4DE3) USB Mouse Low Filter Driver_4DE3 (WDF Version)
DRV - [2011.03.09 10:44:52 | 000,020,992 | ---- | M] (TPMX Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HPMo4DE3.sys -- (HPMo4DE3) Mouse Suite Driver_4DE3 (WDF Version)
DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.02.15 19:46:50 | 000,839,456 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)
DRV - [2009.03.31 09:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009.03.18 18:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2008.05.27 02:07:58 | 000,050,560 | ---- | M] (Generic USB smartcard reader) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MHIKEY10.sys -- (MHIKEY10)
DRV - [2007.11.18 04:39:50 | 001,040,544 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2006.11.02 09:30:56 | 000,047,104 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006.08.28 23:54:56 | 000,010,664 | ---- | M] (Applied Networking Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\gan_adapter.sys -- (hamachi_oem)
DRV - [2001.05.07 12:56:02 | 000,019,805 | ---- | M] (Thesycon GmbH, Germany) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbio.sys -- (USBIO) USBIO Driver (usbio.sys)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2208606510-85354491-1940852428-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Babshuhn\Documents\Downloads
IE - HKU\S-1-5-21-2208606510-85354491-1940852428-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-2208606510-85354491-1940852428-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-2208606510-85354491-1940852428-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://web.de/?kid=A1000000
IE - HKU\S-1-5-21-2208606510-85354491-1940852428-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 57 A1 E6 4F 9D ED CA 01 [binary data]
IE - HKU\S-1-5-21-2208606510-85354491-1940852428-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2208606510-85354491-1940852428-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-2208606510-85354491-1940852428-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-2208606510-85354491-1940852428-1000\..\SearchScopes,DefaultScope = {11A2F67F-1632-4092-921D-1BA4390DF1BD}
IE - HKU\S-1-5-21-2208606510-85354491-1940852428-1000\..\SearchScopes\{11A2F67F-1632-4092-921D-1BA4390DF1BD}: "URL" = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7ADFA_de
IE - HKU\S-1-5-21-2208606510-85354491-1940852428-1000\..\SearchScopes\{1896CE0E-D8EB-4EEC-B0FF-45660A3931B0}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=d5964dd1-ea3b-4709-85b4-5d8e1ea23b60&apn_sauid=D25EA717-3534-4A75-A8BF-3CE1C51FF389
IE - HKU\S-1-5-21-2208606510-85354491-1940852428-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Babshuhn\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Babshuhn\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
[2011.12.10 23:57:20 | 000,000,158 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search the web.src
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Babshuhn\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\Babshuhn\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Babshuhn\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Babshuhn\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - Extension: Dragon Age Legends: Remix 01 = C:\Users\Babshuhn\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkiinhllammkfejicmjmhnanlbifccfj\3_0\
CHR - Extension: Dive Devil = C:\Users\Babshuhn\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkgadkhfjmcbhhpjncpaajbfkmdmfoik\1.1.5_0\
O1 HOSTS File: ([2012.06.07 05:03:54 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-2208606510-85354491-1940852428-1000\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [@OnlineArmor GUI] C:\Program Files\Online Armor\oaui.exe (Emsi Software GmbH)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2208606510-85354491-1940852428-1002..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - Startup: C:\Users\Babshuhn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000051 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{38088DFA-7D73-446C-A4D6-DDAC57619E91}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E370BD7E-2FE4-453D-9693-B552651E152B}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-2208606510-85354491-1940852428-1000 Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img31.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img31.jpg
O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - C:\Programme\Online Armor\oaevent.dll (Emsi Software GmbH)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: LogMeIn Hamachi Ui - hkey= - key= - File not found
MsConfig - State: "startup" - 2
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MsMpSvc - C:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Hamachi2Svc - D:\hamachi-2.exe (LogMeIn Inc.)
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: MsMpSvc - C:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {lXTP0Cq8-0o3i-jGt0-DZTH-UrYlWXzEbjCE} -
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32: msacm.l3acm - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codec - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012.06.09 00:11:09 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\Babshuhn\Desktop\OTL.exe
[2012.06.08 18:35:53 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{4D914459-400B-4C1B-8FAB-EE1EDCFB3B48}
[2012.06.08 18:35:50 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{A508E5E1-1CBB-42B5-888A-4404695E1071}
[2012.06.08 18:35:35 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\Tracing
[2012.06.08 13:34:34 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Roaming\Avira
[2012.06.08 13:29:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.06.08 13:28:46 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\AskToolbar
[2012.06.08 13:28:28 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2012.06.08 13:28:11 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\APN
[2012.06.08 13:27:58 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2012.06.08 13:27:56 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[2012.06.08 13:27:55 | 000,137,928 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2012.06.08 13:27:55 | 000,083,392 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2012.06.08 13:27:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.06.08 13:27:54 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2012.06.07 23:26:17 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.06.07 23:07:31 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Roaming\Malwarebytes
[2012.06.07 23:07:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.06.07 23:06:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.06.07 23:06:51 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.06.07 23:06:51 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.06.07 06:34:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Absolutist
[2012.06.07 06:02:20 | 000,401,408 | ---- | C] (Softanics) -- C:\Windows\System32\FlashPlayerControl.dll
[2012.06.07 05:02:14 | 002,237,440 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2012.06.07 05:02:08 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.06.02 12:57:46 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{BCCAFFF6-9CF9-43A9-9D7F-86C1A4A666F7}
[2012.06.02 12:57:41 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{A4780F43-6FCA-412C-BEB8-391B1920B427}
[2012.06.01 15:11:07 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Roaming\default
[2012.06.01 14:56:17 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{EF0AB712-089B-456F-B059-61A855A3FC8F}
[2012.06.01 14:56:04 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{8EF4611A-C4FD-4F36-9380-885C8292C171}
[2012.05.31 12:50:51 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{6D810632-C8EF-4347-B9FC-274697F360E1}
[2012.05.31 12:50:38 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{C0983B12-5873-4A8A-99A4-7AAB55950135}
[2012.05.30 20:43:21 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{B995F5B9-0310-49F0-8C50-E101D66AED5F}
[2012.05.30 20:43:08 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{ED532FE5-809E-42AE-9BA4-664419736B86}
[2012.05.29 20:36:24 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{1364AD62-EDCF-470D-A3AC-3A8948FC46BD}
[2012.05.29 20:36:10 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{4E291171-B8C8-4C64-B612-449F8BA96DAC}
[2012.05.28 13:57:35 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{AD09B6F7-BFCF-4E07-B91D-3F78E99FEC1C}
[2012.05.28 13:57:22 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{6ABD3E6C-7FCD-49A3-9056-CEC699D540C5}
[2012.05.28 07:01:12 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Roaming\Skype
[2012.05.28 07:00:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012.05.27 20:09:36 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{15519562-624E-4D14-892A-295B906CD333}
[2012.05.27 20:09:23 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{B6E53676-E61B-430A-A08D-09271253770E}
[2012.05.27 13:20:58 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{2E236D8D-2F57-4CD2-9C5F-6DC791A0A64D}
[2012.05.27 13:20:54 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{8C1FE9E1-8A8A-43E5-8D7A-BF07C873F951}
[2012.05.26 23:55:47 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{94F8234A-55A1-42FC-BEE8-E9234375BC5E}
[2012.05.26 23:55:45 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{3163DBF1-8E7D-49B6-A704-8041BB7C4753}
[2012.05.26 14:11:35 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{4F167AE3-902D-4B15-B3E8-A51E57943FB6}
[2012.05.26 14:11:22 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{692C17F6-9CAE-4337-B573-F95F6EABB0D4}
[2012.05.26 00:07:59 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{0394DD1A-662F-4653-971E-E1019A475EF6}
[2012.05.26 00:07:44 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{FF805D10-FD66-43DF-BCB5-C032A3C9CE7A}
[2012.05.24 16:47:15 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{1B2AA023-2CF1-4096-AE7B-5F1614243D1C}
[2012.05.24 16:46:58 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{8BAD346D-FDD4-4AA9-ADE8-05CBA7CA5D52}
[2012.05.23 20:50:19 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{371B2FCD-3070-48BC-A781-8E50269BC63D}
[2012.05.23 20:50:17 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{18FC7042-C4B0-4593-A1AF-8B970C52FFCB}
[2012.05.23 15:01:19 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{0B341903-D0D8-440F-B8FC-4FA092411F94}
[2012.05.23 15:01:06 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{E02216DD-4C7A-4AC9-B004-10DD9FF5F9AD}
[2012.05.22 14:22:34 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{EE905C5E-3986-4651-81C9-F075B0CEE290}
[2012.05.22 14:22:21 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{51917E96-CD6F-4D84-8AE5-9CDBE37A3D9D}
[2012.05.21 17:12:25 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{920A164B-4185-47BC-B167-65BC237106E8}
[2012.05.21 17:12:11 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{D1AF6502-4C46-4BC1-B083-C8BFB04A0C07}
[2012.05.20 12:50:08 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{B9FB16EA-0FE4-4304-A362-B1B7B2BE9DCD}
[2012.05.20 12:49:55 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{8F922D8A-C60D-4629-A791-09B85488E940}
[2012.05.19 17:58:59 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{1985CB14-B8CA-4007-95C4-5EF12248D375}
[2012.05.19 17:58:46 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{97492168-21A6-4D7F-B867-F2AF8FF2BFDF}
[2012.05.19 14:39:19 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{3063D913-E739-4D05-9439-981D9A61DCA1}
[2012.05.19 14:39:06 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{06463D3B-B56B-4E36-AF7C-4ED2172C1395}
[2012.05.18 19:52:26 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{A3EC9C98-F35B-4FFC-860F-BBF79CB15535}
[2012.05.18 19:52:12 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{2F530367-9E3C-463A-B7C8-4F8A34C13444}
[2012.05.18 01:00:49 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{2A8EC0AA-7A30-4C47-A97C-BC5F0EF00B53}
[2012.05.18 01:00:36 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{74CF76FC-E258-4300-915D-54F884FE6FF6}
[2012.05.16 18:36:21 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{0945BCFB-188D-44F0-9B48-F843A9A299C2}
[2012.05.16 18:36:08 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{F81CAD5D-4BD0-4FAA-856C-E8CA377F057B}
[2012.05.15 18:25:24 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{1FD601E8-B20D-4176-9E19-9AC81BD7A47A}
[2012.05.15 18:25:10 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{121B87ED-B60F-4F6D-BB8C-9E2606F650A7}
[2012.05.15 15:55:21 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{2DC6C098-1F11-4E21-A804-4651CA758DE7}
[2012.05.15 15:55:07 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{5FD5657E-9D8A-4486-B3DE-180E10375349}
[2012.05.14 17:03:30 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{7FCC66AC-366C-40FA-80E8-632BC4779E27}
[2012.05.14 17:03:17 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{E6C5F716-3E44-4AE5-8D29-7A7BD462FEE6}
[2012.05.13 19:02:58 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{0F869602-D0A0-4BC1-8FAA-F84AE8DCA348}
[2012.05.13 19:02:45 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{987095B2-A660-4B7D-818B-A2785F8025DB}
[2012.05.13 13:17:02 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{7FADEF57-F9D4-41BB-A728-5C435D26B061}
[2012.05.13 13:16:49 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{FC67C8C6-EF16-4A60-BB2D-88767569C8C0}
[2012.05.13 07:03:53 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012.05.12 20:41:33 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{DD671A9B-6825-4962-894C-881BDED10A6F}
[2012.05.12 20:41:20 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{60D2F367-0880-497B-A27A-3DC470B0D6A8}
[2012.05.12 14:23:01 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{014A9E1B-0167-45FA-91AD-9144802F0C46}
[2012.05.12 14:22:47 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{5A41DB86-4A84-4FA2-89B1-9FA39ED6D042}
[2012.05.11 12:36:36 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{6F11FEC7-1D2C-4445-A4AD-0DCF4AB56C57}
[2012.05.11 12:36:23 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{83D8367E-96FF-48CE-B7F4-B0C18C3C8A9D}
[2012.05.10 23:33:03 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{0E08BB13-CCC8-4AAF-868C-650849745898}
[2012.05.10 23:32:50 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{CEDDC7F3-E62C-4820-AD9A-93C24E32CD3F}
[2012.05.10 16:41:44 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{601D9B64-BF8E-4273-B9B8-8D6878A3C76F}
[2012.05.10 16:41:31 | 000,000,000 | ---D | C] -- C:\Users\Babshuhn\AppData\Local\{33F19A1E-7878-4049-A85D-4F495B6F52EA}
[1 C:\Users\Babshuhn\AppData\Roaming\*.tmp files -> C:\Users\Babshuhn\AppData\Roaming\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.06.09 00:11:10 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Babshuhn\Desktop\OTL.exe
[2012.06.08 23:52:00 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.06.08 23:31:01 | 000,001,132 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2208606510-85354491-1940852428-1000UA.job
[2012.06.08 22:53:05 | 000,003,840 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.06.08 22:53:05 | 000,003,840 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.06.08 21:52:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.06.08 15:43:02 | 000,471,040 | ---- | M] () -- C:\Users\Babshuhn\Desktop\Unleashed Launcher.exe
[2012.06.08 14:59:27 | 000,630,648 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.06.08 14:59:27 | 000,597,942 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.06.08 14:59:27 | 000,127,292 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.06.08 14:59:27 | 000,104,916 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.06.08 14:54:05 | 000,000,374 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2012.06.08 14:53:24 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2012.06.08 14:53:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.06.08 13:31:02 | 000,001,080 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2208606510-85354491-1940852428-1000Core.job
[2012.06.08 13:29:21 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.06.07 23:13:41 | 000,000,104 | ---- | M] () -- C:\Users\Babshuhn\Desktop\Internet - Verknüpfung.lnk
[2012.06.07 23:07:07 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.06.07 06:02:21 | 000,000,788 | ---- | M] () -- C:\Users\Babshuhn\Desktop\Bubble Shooter.lnk
[2012.06.07 05:03:54 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2012.06.02 18:36:33 | 000,064,512 | ---- | M] () -- C:\Windows\System32\umstartup.etl
[2012.05.22 22:27:47 | 000,000,483 | ---- | M] () -- C:\Users\Babshuhn\Desktop\MrFishIt.config.xml
[2012.05.13 07:04:42 | 000,000,750 | ---- | M] () -- C:\Users\Babshuhn\Desktop\GameHouse Sudoku.lnk
[2012.05.12 08:48:30 | 000,254,672 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.05.11 00:23:29 | 000,001,356 | ---- | M] () -- C:\Users\Babshuhn\AppData\Local\d3d9caps.dat
[1 C:\Users\Babshuhn\AppData\Roaming\*.tmp files -> C:\Users\Babshuhn\AppData\Roaming\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.06.08 17:55:34 | 000,471,040 | ---- | C] () -- C:\Users\Babshuhn\Desktop\Unleashed Launcher.exe
[2012.06.08 13:29:21 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.06.07 23:13:41 | 000,000,104 | ---- | C] () -- C:\Users\Babshuhn\Desktop\Internet - Verknüpfung.lnk
[2012.06.07 23:07:07 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.06.07 06:02:21 | 000,000,788 | ---- | C] () -- C:\Users\Babshuhn\Desktop\Bubble Shooter.lnk
[2012.06.07 06:02:20 | 001,552,384 | ---- | C] () -- C:\Windows\System32\bshooter.scr
[2012.05.22 22:27:47 | 000,000,483 | ---- | C] () -- C:\Users\Babshuhn\Desktop\MrFishIt.config.xml
[2012.05.13 07:04:42 | 000,000,750 | ---- | C] () -- C:\Users\Babshuhn\Desktop\GameHouse Sudoku.lnk
[2012.01.27 10:35:36 | 000,205,864 | ---- | C] () -- C:\Windows\System32\drivers\OADriver.sys
[2012.01.27 10:35:36 | 000,040,296 | ---- | C] () -- C:\Windows\System32\drivers\oahlp32.sys
[2011.10.23 13:30:50 | 000,000,232 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011.09.16 13:44:34 | 000,016,622 | ---- | C] () -- C:\Windows\hpomdl01.dat
[2011.04.09 19:19:45 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010.07.19 14:41:51 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2010.07.19 14:41:51 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2010.07.13 17:34:10 | 000,013,931 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat
[2010.07.13 17:33:56 | 000,147,456 | ---- | C] () -- C:\Windows\System32\DiagFunc.dll
[2010.07.13 17:33:56 | 000,000,451 | ---- | C] () -- C:\Windows\System32\DiagFunc.ini
[2010.07.13 17:33:56 | 000,000,072 | ---- | C] () -- C:\Windows\System32\RaCertMgr.ini
[2010.07.13 14:22:17 | 000,258,048 | R--- | C] () -- C:\Windows\System32\CmiInstallResAll.dll
[2010.06.11 21:23:21 | 000,000,001 | ---- | C] () -- C:\Windows\System32\SI.bin
========== LOP Check ==========
[2012.03.20 19:30:30 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\.minecraft
[2011.05.25 19:43:38 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\1morebee
[2012.04.15 08:19:25 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Alawar
[2012.02.24 15:05:34 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Alawar Entertainment
[2011.11.17 12:40:32 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\aliasworlds
[2011.07.13 17:34:49 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Arkadium
[2011.08.21 07:13:12 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Artifex Mundi
[2011.07.08 09:15:39 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Babylon
[2010.12.29 08:39:46 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Boolat Games
[2010.04.09 14:27:44 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Datel
[2012.06.07 05:02:13 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\default
[2011.07.14 15:07:38 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\DivoGames
[2012.04.26 07:53:58 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Gamehouse All My Gods
[2010.08.14 12:08:29 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\GamesCafe
[2010.05.19 18:35:22 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\GOA
[2011.06.24 05:46:58 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Green Clover Games
[2010.08.28 07:23:14 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\IBAGroup
[2011.06.11 07:18:44 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\ICQ
[2011.07.03 18:25:28 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\IrfanView
[2011.06.25 21:53:30 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Islands
[2011.09.25 07:35:35 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Islands2
[2012.03.22 13:04:30 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Islands3
[2011.01.31 11:18:15 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Jane s Hotel 3
[2012.04.28 21:40:18 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\LolClient
[2012.04.07 12:04:00 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Meridian93
[2011.06.16 16:54:36 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\NevoSoft
[2011.05.08 08:28:13 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\NevoSoft Games
[2011.05.25 19:28:34 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Nevosoft-Breeze
[2012.01.27 10:38:46 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\OnlineArmor
[2011.09.11 13:04:13 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\OpenCandy
[2010.04.20 09:30:48 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\OpenOffice.org
[2011.09.02 07:03:08 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\PathToSuccess
[2010.07.19 16:10:45 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\PC Suite
[2011.10.01 11:26:05 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\PeaceCraft3
[2010.04.04 20:37:46 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\PeerNetworking
[2012.04.11 23:21:00 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Petroglyph
[2012.06.01 07:38:23 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\PlayFirst
[2012.01.26 16:22:57 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Sahmon Games
[2012.01.03 12:40:17 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Samsung
[2011.04.10 00:28:45 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Settlement. Colossus
[2010.05.14 07:58:42 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\ShinyTales
[2012.01.03 12:20:58 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Sierra
[2010.04.28 17:22:42 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Sierra Entertainment
[2010.06.04 16:18:25 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Skip-Bo
[2011.06.23 19:14:29 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Tobit
[2012.06.07 05:02:13 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\toolplugin
[2011.08.13 21:42:00 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\TS3Client
[2011.08.13 19:33:23 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\ts3overlay
[2011.06.01 12:34:59 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\UAs
[2010.06.11 20:23:21 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Ubisoft
[2011.08.16 13:54:03 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\UltimateZip
[2011.12.21 18:06:23 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\ValuSoft
[2010.07.27 13:28:10 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Virtual City
[2010.12.15 16:51:16 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Windows Live Writer
[2011.12.10 09:03:15 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\World-Loom
[2011.10.19 23:27:36 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\www.rene-zeidler.de
[2011.06.01 14:50:10 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\xmldm
[2011.05.04 07:51:56 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\YoudaGames
[2011.02.02 16:17:54 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Zylom
[2012.06.08 14:20:59 | 000,032,606 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.03.20 19:30:30 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\.minecraft
[2011.05.25 19:43:38 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\1morebee
[2011.11.28 11:38:05 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Adobe
[2012.04.15 08:19:25 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Alawar
[2012.02.24 15:05:34 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Alawar Entertainment
[2011.11.17 12:40:32 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\aliasworlds
[2011.10.29 20:09:06 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Apple Computer
[2011.07.13 17:34:49 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Arkadium
[2011.08.21 07:13:12 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Artifex Mundi
[2012.06.08 13:34:34 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Avira
[2011.07.08 09:15:39 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Babylon
[2010.12.29 08:39:46 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Boolat Games
[2010.04.09 14:27:44 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Datel
[2012.06.07 05:02:13 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\default
[2011.07.14 15:07:38 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\DivoGames
[2012.04.26 07:53:58 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Gamehouse All My Gods
[2010.08.14 12:08:29 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\GamesCafe
[2010.05.19 18:35:22 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\GOA
[2011.06.24 05:46:58 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Green Clover Games
[2010.08.28 07:23:14 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\IBAGroup
[2011.06.11 07:18:44 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\ICQ
[2011.02.02 16:17:54 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Identities
[2010.04.18 15:53:03 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\InstallShield
[2011.07.03 18:25:28 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\IrfanView
[2011.06.25 21:53:30 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Islands
[2011.09.25 07:35:35 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Islands2
[2012.03.22 13:04:30 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Islands3
[2011.01.31 11:18:15 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Jane s Hotel 3
[2012.04.28 21:40:18 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\LolClient
[2010.07.29 15:16:27 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Macromedia
[2012.06.07 23:07:31 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Malwarebytes
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Media Center Programs
[2012.04.07 12:04:00 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Meridian93
[2011.11.28 11:38:05 | 000,000,000 | --SD | M] -- C:\Users\Babshuhn\AppData\Roaming\Microsoft
[2012.04.20 18:31:07 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Mozilla
[2011.06.16 16:54:36 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\NevoSoft
[2011.05.08 08:28:13 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\NevoSoft Games
[2011.05.25 19:28:34 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Nevosoft-Breeze
[2012.02.26 19:43:35 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\NVIDIA
[2012.01.27 10:38:46 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\OnlineArmor
[2011.09.11 13:04:13 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\OpenCandy
[2010.04.20 09:30:48 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\OpenOffice.org
[2011.09.02 07:03:08 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\PathToSuccess
[2010.07.19 16:10:45 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\PC Suite
[2011.10.01 11:26:05 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\PeaceCraft3
[2010.04.04 20:37:46 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\PeerNetworking
[2012.04.11 23:21:00 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Petroglyph
[2012.06.01 07:38:23 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\PlayFirst
[2011.02.20 18:13:02 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Realore_Whiterra Roads Of Rome
[2011.03.24 21:17:37 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Realore_Whiterra Roads Of Rome 2
[2011.11.04 14:41:00 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Realore_Whiterra Roads Of Rome 3
[2012.01.26 16:22:57 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Sahmon Games
[2012.01.03 12:40:17 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Samsung
[2011.04.10 00:28:45 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Settlement. Colossus
[2010.05.14 07:58:42 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\ShinyTales
[2012.01.03 12:20:58 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Sierra
[2010.04.28 17:22:42 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Sierra Entertainment
[2010.06.04 16:18:25 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Skip-Bo
[2012.05.29 06:18:08 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Skype
[2012.06.08 07:17:57 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Sun
[2011.06.23 19:14:29 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Tobit
[2012.06.07 05:02:13 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\toolplugin
[2011.08.13 21:42:00 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\TS3Client
[2011.08.13 19:33:23 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\ts3overlay
[2011.06.01 12:34:59 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\UAs
[2010.06.11 20:23:21 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Ubisoft
[2011.08.16 13:54:03 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\UltimateZip
[2011.12.21 18:06:23 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\ValuSoft
[2010.07.27 13:28:10 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Virtual City
[2010.04.20 09:36:41 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Winamp
[2010.12.15 16:51:16 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Windows Live Writer
[2011.08.16 19:24:28 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\WinRAR
[2011.12.10 09:03:15 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\World-Loom
[2011.10.19 23:27:36 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\www.rene-zeidler.de
[2011.06.01 14:50:10 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\xmldm
[2011.05.04 07:51:56 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\YoudaGames
[2011.02.02 16:17:54 | 000,000,000 | ---D | M] -- C:\Users\Babshuhn\AppData\Roaming\Zylom
< %APPDATA%\*.exe /s >
[2012.03.31 13:20:00 | 000,117,427 | ---- | M] (Adobe Systems, Inc.) -- C:\Users\Babshuhn\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\digitaleditions\digitaleditions.exe
[2010.10.16 23:46:42 | 000,107,008 | R--- | M] () -- C:\Users\Babshuhn\AppData\Roaming\Microsoft\Installer\{359ADF3A-F727-40F1-9D8A-6699EE355287}\Icon359ADF3A1.exe
[2010.10.16 23:46:42 | 000,004,608 | R--- | M] () -- C:\Users\Babshuhn\AppData\Roaming\Microsoft\Installer\{359ADF3A-F727-40F1-9D8A-6699EE355287}\Icon359ADF3A2.exe
[2010.10.16 23:46:42 | 000,106,496 | R--- | M] () -- C:\Users\Babshuhn\AppData\Roaming\Microsoft\Installer\{359ADF3A-F727-40F1-9D8A-6699EE355287}\Icon359ADF3A3.exe
[2010.10.16 23:46:42 | 000,107,008 | R--- | M] () -- C:\Users\Babshuhn\AppData\Roaming\Microsoft\Installer\{359ADF3A-F727-40F1-9D8A-6699EE355287}\Icon359ADF3A4.exe
[2010.10.16 23:46:42 | 000,210,432 | R--- | M] () -- C:\Users\Babshuhn\AppData\Roaming\Microsoft\Installer\{359ADF3A-F727-40F1-9D8A-6699EE355287}\Icon359ADF3A5.exe
[2011.09.11 13:04:13 | 000,000,000 | ---- | M] () -- C:\Users\Babshuhn\AppData\Roaming\OpenCandy\OpenCandy_AD5C917A06F340D890F968515A411092\LatestDLMgr.exe
< %SYSTEMDRIVE%\*.exe >
[2011.07.13 04:55:05 | 002,237,440 | R--- | M] (OldTimer Tools) -- C:\OTLPE.exe
< MD5 for: AGP440.SYS >
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: IASTORV.SYS >
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< MD5 for: USER32.DLL >
[2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
< MD5 for: USERINIT.EXE >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
< MD5 for: WININIT.EXE >
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
< MD5 for: WINLOGON.EXE >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2011.05.06 18:00:34 | 000,353,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll
[2011.05.06 18:00:34 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll
< >
< End of report >
Extras.Txt Code:
OTL Extras logfile created on: 09.06.2012 00:14:16 - Run 1
OTL by OldTimer - Version 3.2.47.0 Folder = C:\Users\Babshuhn\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,75 Gb Total Physical Memory | 1,37 Gb Available Physical Memory | 49,79% Memory free
5,72 Gb Paging File | 3,19 Gb Available in Paging File | 55,75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,66 Gb Total Space | 27,38 Gb Free Space | 28,03% Space Free | Partition Type: NTFS
Drive D: | 368,10 Gb Total Space | 149,79 Gb Free Space | 40,69% Space Free | Partition Type: NTFS
Computer Name: BABSHUHN-PC | User Name: Babshuhn | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00F06D97-547F-4041-9520-0340037C01ED}" = rport=137 | protocol=17 | dir=out | app=system |
"{0B4E13E1-BF82-4D44-B6FE-BCBC59846D4E}" = rport=5357 | protocol=6 | dir=out | app=system |
"{13C247C6-EF66-4849-92BB-872B7BADED32}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{14949907-8DF3-41EB-8845-F8EA972DE76C}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{1E0BD018-7022-4051-991D-FCC0849ADA99}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
"{2C1A270F-B78B-46CF-A8CC-088EA6047209}" = rport=2869 | protocol=6 | dir=out | app=system |
"{2F51BA65-D2C5-4799-BD20-6A4E6F0F48DD}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{31408C91-761C-4BE7-8C60-6960657FF6D1}" = lport=2345 | protocol=6 | dir=in | name=hund |
"{34CA2B13-DAAE-420B-8C27-617AC87D8CE0}" = lport=138 | protocol=17 | dir=in | app=system |
"{36E2FE50-41EB-494E-AFEB-29A530D46D36}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{37F3359D-E50A-4906-84DF-92B9CDC7B083}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{4176FC27-D757-4745-AB2E-E08CF8A18236}" = lport=5357 | protocol=6 | dir=in | app=system |
"{47AF7B91-1D83-4DDF-9AC8-E0F268EC360D}" = rport=139 | protocol=6 | dir=out | app=system |
"{54CC9D89-FD27-41E1-A846-FB43FC43FBC2}" = lport=139 | protocol=6 | dir=in | app=system |
"{629E0DC2-B265-4567-A91A-3B0E25A87DA7}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{66939384-5368-41AD-810F-9000843D6A05}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{6AE0EB47-CC8D-4A27-8084-BA549127EB0A}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
"{6BADDE29-62A3-4109-BD55-36E5C8472A9A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{706F6B2A-F86C-4894-A5A2-A81D86386913}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{70D0FAC0-DD0E-4A22-B145-97AA46D90410}" = lport=445 | protocol=6 | dir=in | app=system |
"{756E2669-EDA7-47DD-A1C2-E5CAC5120DD9}" = rport=445 | protocol=6 | dir=out | app=system |
"{76E2761B-3BC7-4040-A0CD-A3F60D54FA7E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{79B437F8-0D4A-4343-9F72-37D5A2B78908}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{7B85056B-3398-4F0A-9D52-5638C016B6B6}" = rport=138 | protocol=17 | dir=out | app=system |
"{7C49BC08-B0F1-4C67-BEE2-51446FF3E688}" = lport=2345 | protocol=17 | dir=in | name=hund |
"{7E1DF3E4-9A01-4E2D-BB1C-C617954FB7A1}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{7E51C722-2E54-49A4-8828-95DF5B59956A}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{7F88D781-A9D1-4F5E-96B6-5272CB451BDE}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{81082BE5-7C96-4ED4-AE46-C386AB8F4863}" = lport=2869 | protocol=6 | dir=in | app=system |
"{83CFE03E-5CB0-486B-9EEC-826EEE7DDA64}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{931357F3-A795-4C01-BC27-813F03B4E213}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A06A2930-AFA9-43DA-B49D-47EEFD1AFAE6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A71592FB-822B-4693-A0E0-94A1B300E7CD}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{A9D49F07-4F1B-4E4E-9E24-13E1F635545B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{AC000537-DE99-4377-91E9-3B72301E3427}" = lport=5358 | protocol=6 | dir=in | app=system |
"{B0A0752C-0925-41DE-90BC-E0BB5D465B0D}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{B2A1888F-295D-458F-A667-4840F857F229}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BE8D4F3F-970C-4D3C-8B02-C6176D861074}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{C64018E9-5FBE-4106-A4CE-C8F6E8C690E3}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{C80B2A75-F1CE-4B67-B854-2FAE9ED1F3AC}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{CEC9C14C-A028-4439-8C16-B1FC5610EF45}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{D5A12975-3487-43E5-8A84-94751BE4D699}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{D63BD95A-D7E5-41B6-88C7-8F5A8F0FC142}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{DBB5DB82-E107-4C71-811E-163DF8405B77}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{E06F6393-04A5-4F78-B633-32CEADF1CA8C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E6340EA7-6B59-4744-925C-7FCD890B23A0}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{EA211B31-DCC3-4396-AE29-5C8D120D9BED}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{F1B832BF-36EB-4FDE-BF49-4971903FE06D}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{F89801FB-96B9-4555-BB6C-F6060D89479E}" = lport=137 | protocol=17 | dir=in | app=system |
"{F8C14BC1-F59C-40F2-98FD-C4E3BD0A624A}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{FADB32BF-20E4-419E-AEFE-3C6887AA6ACB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FC92394A-8765-4412-B7F2-941745643BB6}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{FE5090BF-104C-48A1-BE8D-55E4984E3A29}" = rport=5358 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00FC0863-2062-4A30-B264-66D443A5AA7B}" = protocol=17 | dir=in | app=c:\program files\tobit radio.fx\server\rfx-server.exe |
"{04BF0601-8DD0-4851-8D32-80586A5C9105}" = protocol=6 | dir=in | app=c:\program files\firefly studios\stronghold 2\stronghold2.exe |
"{0614AAC7-A6EB-4B9C-AB79-15324612A357}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{06E597CB-7CA1-4DE7-80FB-9FDBFB9B18AA}" = protocol=17 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{08AC8C3E-7AA8-476F-9FB6-C31333B01C5E}" = protocol=17 | dir=in | app=c:\program files\tobit clipinc\server\clipinc-server.exe |
"{0C33E27E-52A5-4DEC-847B-872846B29F1F}" = protocol=17 | dir=in | app=d:\world of warcraft\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"{0C8AAE2F-245A-4FF0-9329-92C71FA9CB0C}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{106F76B2-E6ED-49DB-98FD-9E983CDC742F}" = protocol=17 | dir=in | app=d:\sven\world of warcraft\launcher.patch.exe |
"{10C8831C-8A77-472F-8E14-11854BC12DD5}" = protocol=6 | dir=in | app=d:\starcraft ii\starcraft ii.exe |
"{13D94804-4372-4519-9EAD-6C87D073A5F7}" = protocol=6 | dir=in | app=d:\sven\sven\spartan.exe |
"{159B8DAC-6A4F-4330-92D1-375180481F61}" = protocol=6 | dir=in | app=c:\zylom games\farm craft\farmcraft.exe |
"{1857DC83-B3A7-4EE5-AF5E-7736F85C05D8}" = protocol=6 | dir=in | app=d:\sven\strongholdlegends.exe |
"{1B46C6D6-EFC0-45C9-89C6-DA60665075AF}" = protocol=6 | dir=in | app=c:\users\babshuhn\appdata\local\temp\blizzard installer bootstrap - 00fdaad4\installer.exe |
"{24B1FDEC-D8BA-4226-8EC5-A4C22570E4FD}" = protocol=17 | dir=in | app=c:\zylom games\farm craft\farmcraft.exe |
"{293A15C1-F1E9-4B5D-93DF-F620F13B1966}" = protocol=17 | dir=in | app=d:\sven\world of warcraft\launcher.exe |
"{2988B52C-4B8D-4307-B100-D4BBC2D9A41F}" = protocol=17 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{2D00C489-035D-4DDC-98EA-7D5F38DB48ED}" = protocol=6 | dir=in | app=d:\world of warcraft\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"{2F9A19A6-FE1B-41CD-8E7E-F4888EBBA44B}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{33FAB84D-D866-4751-95BD-DDD32363D7BD}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{361A7350-8FB0-44AA-A7B7-D7C0CB444FF1}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{3B172D46-4048-4FCE-B7B2-2027A16899FB}" = protocol=6 | dir=in | app=d:\sven\world of warcraft\launcher.patch.exe |
"{3C566491-017A-4805-8750-ED20925C8A70}" = protocol=17 | dir=in | app=c:\program files\lucasarts\star wars empire at war\gamedata\sweaw.exe |
"{3F6871A2-87F7-4C47-96B0-F994C1F58B3F}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{440C366C-EC52-4804-AA80-D0010CE9E697}" = protocol=6 | dir=in | app=c:\users\babshuhn\appdata\local\temp\blizzard installer bootstrap - 000e0a7b\installer.exe |
"{44A22047-1F12-426A-AA40-378B20385EC0}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{45B820D7-7F1F-4154-8B07-6ED6EF105872}" = protocol=17 | dir=in | app=d:\starcraft ii\starcraft ii.exe |
"{4A3AB8B4-F549-405F-8B1A-A960A1FFE7BF}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{4E169933-CCD0-4FC8-9819-B3962B3E54F3}" = protocol=6 | dir=in | app=c:\program files\lucasarts\star wars empire at war\gamedata\sweaw.exe |
"{4F9795FF-CBA0-4B22-935A-D945D82445E3}" = protocol=17 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{4FF5F435-0838-4CFD-8FAE-3B595F119541}" = protocol=6 | dir=out | app=%systemroot%\system32\netproj.exe |
"{526DF43B-C0D0-4660-94C0-B8DEE649F7F9}" = protocol=17 | dir=in | app=d:\sven\sven\spartan.exe |
"{5BD3DEE9-CF39-4075-85CA-3BE94C951110}" = protocol=6 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{5EFD9432-2773-4357-B0E1-E4A69B6C5968}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{5F6BC138-47FE-40BF-B51D-FA0EC8037A60}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5FFDAF6C-0911-4A91-AB4D-9727C4A7D8A6}" = protocol=17 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{61152E7F-D044-4057-A0D3-102DB51E2FF0}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{62F68CA6-2EAD-4791-8A1A-2B149DC893E8}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{63F87D3C-AF7A-4096-9BE2-DF3E13F09768}" = protocol=17 | dir=in | app=c:\users\babshuhn\appdata\local\temp\blizzard installer bootstrap - 00fdaad4\installer.exe |
"{666269BF-2ABF-4D15-98B3-C6B08935D439}" = protocol=17 | dir=in | app=c:\program files\firefly studios\stronghold 2\stronghold2.exe |
"{68E73738-A748-4EA2-ACFA-EB1469E76EE2}" = protocol=6 | dir=in | app=c:\program files\warcraft iii\warcraft iii.exe |
"{6B3F4F3D-16CE-4661-BE90-3B1F35345138}" = protocol=17 | dir=in | app=c:\users\babshuhn\documents\downloads\facemoods.exe |
"{6F986592-8E1B-40D7-B972-D7725FB86AA2}" = protocol=6 | dir=in | app=c:\program files\tobit clipinc\server\clipinc-server.exe |
"{70E149EC-7928-4662-9F68-AA9FD76263AD}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"{7498B0D0-96A4-492B-84CD-7445EC3D5FA7}" = protocol=6 | dir=in | app=c:\users\babshuhn\appdata\local\temp\blizzard installer bootstrap - 007deca1\installer.exe |
"{75517B0D-9444-402B-904B-BCEF3D7957D6}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{77E9D8CD-D8AD-4274-8AB9-639566C3FBF8}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{77FF7A2E-B1AD-4143-9AF1-790181C57C77}" = protocol=17 | dir=in | app=c:\users\babshuhn\appdata\local\temp\blizzard installer bootstrap - 007deca1\installer.exe |
"{79B1868C-24D6-4E38-AD1F-A2AF9C1016EE}" = protocol=17 | dir=in | app=c:\program files\tobit clipinc\player\clipinc-player.exe |
"{7AAAC083-BF97-4EB4-B4D1-4CA3BF21A30B}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{8094F2C3-F0E1-40D5-B743-C8C66D1FD9E9}" = protocol=6 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |
"{833A5FBE-0600-41AA-812D-3BC3FAED316E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{835E4B29-6744-46F3-9224-3ADEB2B370F6}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{850F880E-E540-4389-B4EA-62B7141B38FE}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{8A12C8ED-7942-4412-A340-BAEF2C071D42}" = protocol=6 | dir=in | app=c:\program files\tobit radio.fx\client\rfx-client.exe |
"{8E360C04-2C41-4966-A080-EDF533AD4D7A}" = protocol=6 | dir=in | app=c:\users\babshuhn\documents\downloads\facemoods.exe |
"{9157542F-5332-4D65-9928-1AD30539603C}" = protocol=17 | dir=in | app=c:\program files\tobit radio.fx\client\rfx-client.exe |
"{94494E2A-7B4A-4D04-AC88-4F6BB0361243}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{94E9E39F-730C-4D5E-9639-A6529B78E76B}" = protocol=17 | dir=in | app=c:\users\babshuhn\appdata\local\microsoft\windows\temporary internet files\content.ie5\rqfv8t38\sweetimsetup[1].exe |
"{9622AA7C-3780-4F0D-8D26-93585EFC4772}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |
"{981A94DB-76BD-4FF6-BFE2-08AFAFB00CC7}" = protocol=17 | dir=in | app=c:\users\babshuhn\appdata\local\temp\blizzard installer bootstrap - 000e0a7b\installer.exe |
"{99EE3FD1-42C5-43CD-A75A-DB82B87F1604}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{9BF7171B-1684-4E37-AAD0-72132DFEE658}" = protocol=17 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |
"{9E78385C-0C45-44DE-93BE-ECD791A2A54C}" = protocol=6 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{AB347BE8-7E35-45C6-81D8-2EC0C0EC5B00}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{AF397F0C-66AD-4B23-B727-4E619F41E0C8}" = protocol=6 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{AF8E381F-DECE-4CF3-B412-5E0C38ABAEDB}" = protocol=6 | dir=in | app=d:\sven\world of warcraft\launcher.exe |
"{AFB3FA7E-D1B6-4701-897F-8BE5560DB524}" = protocol=17 | dir=in | app=c:\program files\warcraft iii\warcraft iii.exe |
"{B9185D01-4136-4755-82C1-5F4004F22038}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{BF92D9F5-69DB-4230-AED3-5D3A728E5FB9}" = protocol=6 | dir=in | app=%systemroot%\system32\netproj.exe |
"{C30514BE-894A-4835-AFAA-1085C80A2FA6}" = protocol=6 | dir=in | app=c:\program files\diablo iii beta\diablo iii.exe |
"{C35045FF-A4D8-4C66-8604-C39B30FB6C41}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"{C55895BB-0C00-4827-ACAD-D326CE666525}" = protocol=6 | dir=in | app=c:\program files\tobit radio.fx\server\rfx-server.exe |
"{C7370D58-C531-4391-B6BD-337BC733C435}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{D42D60A0-40B3-4B79-BF2C-625BED911D2A}" = protocol=17 | dir=in | app=c:\program files\datel\action replay code manager\actionreplaycodemanager.exe |
"{D488E16D-E492-4BA1-AE2E-0A165597D648}" = protocol=17 | dir=in | app=c:\users\babshuhn\downloads\facemoods.exe |
"{D4B667A1-3F85-4408-BF3B-A2E970B2A457}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |
"{D74B1A4D-425C-4E11-A60F-455673233442}" = protocol=17 | dir=in | app=c:\program files\diablo iii beta\diablo iii.exe |
"{DBE38421-A173-4FEB-89E5-CC917E0DEE74}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{DE0EA941-4431-43B1-BD0D-5939060CF79F}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{DFA0DCFA-5AFE-4749-9DFA-DBA246F9F032}" = protocol=6 | dir=in | app=c:\users\babshuhn\downloads\facemoods.exe |
"{E391A814-8238-4B01-95AC-F17B74DFFB18}" = protocol=6 | dir=in | app=c:\program files\datel\action replay code manager\actionreplaycodemanager.exe |
"{E8ED2ECD-4AD0-4FBB-A09E-50D5930DA6F3}" = protocol=17 | dir=in | app=d:\sven\strongholdlegends.exe |
"{EA06FF01-C568-41B3-BD3B-E9C70AD6A80B}" = protocol=6 | dir=in | app=c:\program files\tobit clipinc\player\clipinc-player.exe |
"{EC6025F1-352C-4288-96DE-0864555CF201}" = protocol=6 | dir=in | app=c:\users\babshuhn\appdata\local\microsoft\windows\temporary internet files\content.ie5\rqfv8t38\sweetimsetup[1].exe |
"{ED044D13-1D43-4ED8-9DC4-F811DF97DFF6}" = protocol=6 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{F24FD6CD-94E9-402A-B742-FC1C2E6F305D}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{F459D4DC-F7E3-4763-B569-E0CBD0EA62DB}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F64B7312-BAFA-4063-996B-A37FEA7F7053}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{FD0BF110-F303-4C2D-8330-52278F63D751}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{FE861123-530B-4A15-9487-79D253E6A8C1}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"TCP Query User{11D7AEEB-4345-40AD-A332-6E3E036CDD27}D:\starcraft ii\versions\base18092\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft ii\versions\base18092\sc2.exe |
"TCP Query User{174DD8F0-E6F8-4194-9A33-951EDB7D35C5}C:\program files\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\support\blizzarddownloader.exe |
"TCP Query User{1E3F4DE6-BC21-4CCF-94AB-096CAF9129EB}D:\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=d:\starcraft ii\support\blizzarddownloader.exe |
"TCP Query User{2DC4A815-8E5A-4176-9060-7B62F054C6EC}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"TCP Query User{31A00C70-C1FA-4C8D-8584-040F1A688DE7}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{35B2751B-07B0-42F9-9D00-1C487FB37894}C:\program files\starcraft ii\versions\base16561\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base16561\sc2.exe |
"TCP Query User{41D95333-88F0-4AD3-BF03-D8B6FEFA5F73}C:\program files\the games company\empire earth ultimate edition\empire earth i zde\ee-aoc.exe" = protocol=6 | dir=in | app=c:\program files\the games company\empire earth ultimate edition\empire earth i zde\ee-aoc.exe |
"TCP Query User{75309F62-20DA-4BD3-9ECA-A7F53433154A}D:\starcraft ii\versions\base16939\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft ii\versions\base16939\sc2.exe |
"TCP Query User{81678C21-A8AF-4D57-8FAC-76A60A0DB62D}C:\program files\starcraft ii\versions\base16605\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base16605\sc2.exe |
"TCP Query User{85E851F4-1007-4853-A7AB-8174B7D7434F}D:\starcraft ii\versions\base18574\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft ii\versions\base18574\sc2.exe |
"TCP Query User{AEAF56E2-3D88-4BDC-84CE-D243286EA0CF}D:\starcraft ii\versions\base16755\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft ii\versions\base16755\sc2.exe |
"TCP Query User{B3C70786-5562-4C69-969E-9D2861008FC8}D:\starcraft ii\versions\base17326\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft ii\versions\base17326\sc2.exe |
"TCP Query User{BDCC5284-B9E0-48A8-A363-8CC5E1ED248B}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{D57C7CB1-02CD-48F7-9AB2-EF8BC601FA36}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{DCE9C1DB-CD95-4F66-AE13-3ADD62730140}C:\program files\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe" = protocol=6 | dir=in | app=c:\program files\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe |
"TCP Query User{E09E1425-A5FB-40B1-AF09-0507DE1ADD24}D:\starcraft ii\versions\base19132\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft ii\versions\base19132\sc2.exe |
"TCP Query User{ECF45331-D8EC-489F-8A21-8BE457968AB4}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{F6B34C05-C1DB-42B9-BCE3-5E1C51536DC0}C:\program files\starcraft ii\versions\base16755\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base16755\sc2.exe |
"UDP Query User{033D013D-7F16-4702-9C44-FADE38D649EC}D:\starcraft ii\versions\base18092\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft ii\versions\base18092\sc2.exe |
"UDP Query User{0CFD9193-89CB-4634-8C8D-8A9378658344}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{42E5163B-B1D8-4F39-9A7C-E7ADF2628F1A}C:\program files\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\support\blizzarddownloader.exe |
"UDP Query User{63F8CF01-C749-45A9-9ABA-AAE9F5D1B0FE}C:\program files\starcraft ii\versions\base16561\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base16561\sc2.exe |
"UDP Query User{64B2FD00-4545-4B3B-A83A-F613349F491C}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"UDP Query User{66A659CF-1F85-4BC9-B5DC-BCC2DC43C83A}D:\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=d:\starcraft ii\support\blizzarddownloader.exe |
"UDP Query User{760F7712-FBF7-472C-955A-60271A00F3E0}C:\program files\starcraft ii\versions\base16755\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base16755\sc2.exe |
"UDP Query User{8367010C-F2C7-4688-BA3D-743B42E258B7}D:\starcraft ii\versions\base19132\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft ii\versions\base19132\sc2.exe |
"UDP Query User{A6EC9105-F42A-4EBB-86C7-A5672D3AAAB3}D:\starcraft ii\versions\base16939\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft ii\versions\base16939\sc2.exe |
"UDP Query User{AC006146-25C4-478E-BBAB-60CB8579BC46}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"UDP Query User{B88972FD-270A-4555-973A-2EA2270A9A7F}C:\program files\starcraft ii\versions\base16605\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base16605\sc2.exe |
"UDP Query User{B949043B-C9F8-42C9-BDC3-B5BE3883D53A}D:\starcraft ii\versions\base18574\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft ii\versions\base18574\sc2.exe |
"UDP Query User{C7CCEC19-A9D8-4344-B498-623811FAF011}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{CA07D310-7FAD-4025-BC78-1F2028C92C14}D:\starcraft ii\versions\base16755\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft ii\versions\base16755\sc2.exe |
"UDP Query User{CBFE6B74-1F0A-4D59-983B-7D30B87DDE3B}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{E7CF3852-C143-4B32-A1F8-413036C4887F}C:\program files\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe" = protocol=17 | dir=in | app=c:\program files\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe |
"UDP Query User{F06578C5-8442-4931-A145-EBD86D9FA5DC}D:\starcraft ii\versions\base17326\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft ii\versions\base17326\sc2.exe |
"UDP Query User{FC281614-8FB4-42A1-B8E5-88E66CD824B6}C:\program files\the games company\empire earth ultimate edition\empire earth i zde\ee-aoc.exe" = protocol=17 | dir=in | app=c:\program files\the games company\empire earth ultimate edition\empire earth i zde\ee-aoc.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02602409-9189-4567-BC07-562605243B69}" = Windows Live Remote Client Resources
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0F842B77-56EA-4AAF-8295-81A022350B5E}" = Microsoft Security Client
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{16D2C649-CBA8-44EE-B730-12584667D487}" = Stronghold 2 Deluxe
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 29
"{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}" = Ralink RT2870 Wireless LAN Card
"{29042B1C-0713-4575-B7CA-5C8E7B0899D4}" = MySQL Connector/ODBC 5.1
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}" = Windows Live Remote Service Resources
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4EE2B017-D82C-4B12-B071-5CF1B23D1A42}" = SweetIM for Messenger 3.4
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client DE-DE Language Pack
"{5482DCBE-D2D1-47B0-A621-DF8E2B0D174C}" = Windows Live Family Safety
"{56D18860-C802-4158-A7BC-C8C1CDB84484}}_is1" = Nordschlacht Launcher 1.1
"{57C39411-6747-489C-A226-46885FB0D2D0}" = DriverBoost
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{66A405D2-BA14-4594-BF36-B3B544F0754E}" = Stronghold Legends
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = HP Foto- und Bildbearbeitung 2.0 All-in-One Treiber
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics 2 Driver
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader Extreme
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{949460AD-3C77-44FD-8D78-BF605EF28114}" = EMEA02
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9867A917-5D17-40DE-83BA-BEA5293194B1}" = HP Foto- und Bildbearbeitung 2.0 - All-in-One
"{99AE7207-8612-4DBA-A8F8-BAE5C633390D}" = Star Wars Empire at War
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B376402D-58EA-45EA-BD50-DD924EB67A70}" = HP Speicher-Disc
"{BCF16F16-AC0E-4ABE-A9EF-412CF484BA51}" = Windows Live Family Safety
"{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D}" = Pivot Stickfigure Animator
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2494AD8-314D-44F8-B39C-4358A60DC184}" = LogMeIn Hamachi
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"10d223983c4726c547307e2a1f0a7525" = GameHouse Sudoku
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Avira AntiVir Desktop" = Avira Free Antivirus
"cb190d64a8a5519d00c138dd283bc4b5" = Vampires vs. Zombies
"Cheat Engine 6.0_is1" = Cheat Engine 6.0
"Digital Editions" = Adobe Digital Editions
"ESET Online Scanner" = ESET Online Scanner v3
"fbe83e4b6f63f3e850ac3907350adb95" = Bubble Shooter
"ffdshow_is1" = ffdshow v1.1.3800 [2011-03-28]
"Generic USB 106 Sound" = USB Multi-Channel Audio Device
"IrfanView" = IrfanView (remove only)
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"NVIDIA Drivers" = NVIDIA Drivers
"OnlineArmor_is1" = Online Armor 5.1
"Pivot 2.3.0 Deutsch" = Pivot 2.3.0 Deutsch
"PS3Xploder" = PS3 Xploder Cheat System
"StarCraft II" = StarCraft II
"toolplugin" = toolplugin
"UltimateZip_is1" = UltimateZip
"Warcraft III" = Warcraft III
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-Bit)
"World of Warcraft" = World of Warcraft
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2208606510-85354491-1940852428-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
"d8be6c3f847d7d92" = Ghost Recon Online
"Google Chrome" = Google Chrome
"Insaniquarium Deluxe" = Insaniquarium Deluxe
"Pflanzen gegen Zombies Deluxe" = Pflanzen gegen Zombies Deluxe
"TeamSpeak 3 Client" = TeamSpeak 3 Client
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 02.06.2012 15:10:26 | Computer Name = Babshuhn-PC | Source = WinMgmt | ID = 10
Description =
Error - 06.06.2012 15:24:53 | Computer Name = Babshuhn-PC | Source = WinMgmt | ID = 10
Description =
Error - 06.06.2012 22:57:29 | Computer Name = Babshuhn-PC | Source = WinMgmt | ID = 10
Description =
Error - 07.06.2012 03:46:06 | Computer Name = Babshuhn-PC | Source = WinMgmt | ID = 10
Description =
Error - 07.06.2012 10:15:27 | Computer Name = Babshuhn-PC | Source = WinMgmt | ID = 10
Description =
Error - 07.06.2012 16:57:58 | Computer Name = Babshuhn-PC | Source = WinMgmt | ID = 10
Description =
Error - 08.06.2012 06:47:49 | Computer Name = Babshuhn-PC | Source = WinMgmt | ID = 10
Description =
Error - 08.06.2012 07:12:55 | Computer Name = Babshuhn-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Explorer.EXE, Version 6.0.6002.18005, Zeitstempel
0x49e01da5, fehlerhaftes Modul uzshlex.dll_unloaded, Version 0.0.0.0, Zeitstempel
0x2a425e19, Ausnahmecode 0xc0000005, Fehleroffset 0x089a20ec, Prozess-ID 0x878,
Anwendungsstartzeit 01cd45641e26d9f1.
Error - 08.06.2012 07:51:46 | Computer Name = Babshuhn-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 9.0.8112.16421, Zeitstempel
0x4d76255d, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000,
Ausnahmecode 0xc0000005, Fehleroffset 0x00740070, Prozess-ID 0x1078, Anwendungsstartzeit
01cd456478bec6c1.
Error - 08.06.2012 08:53:54 | Computer Name = Babshuhn-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 06.06.2012 18:25:20 | Computer Name = Babshuhn-PC | Source = bowser | ID = 8003
Description =
Error - 06.06.2012 15:26:56 | Computer Name = Babshuhn-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 06.06.2012 22:59:33 | Computer Name = Babshuhn-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 07.06.2012 03:48:06 | Computer Name = Babshuhn-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 07.06.2012 10:17:28 | Computer Name = Babshuhn-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 07.06.2012 10:51:52 | Computer Name = Babshuhn-PC | Source = volsnap | ID = 393236
Description = Die Schattenkopien von Volume "C:" wurden aufgrund von einem fehlgeschlagenen
Rechenvorgang bezüglich verfügbarem Speicher abgebrochen.
Error - 07.06.2012 10:52:01 | Computer Name = Babshuhn-PC | Source = volsnap | ID = 393236
Description = Die Schattenkopien von Volume "D:" wurden aufgrund von einem fehlgeschlagenen
Rechenvorgang bezüglich verfügbarem Speicher abgebrochen.
Error - 07.06.2012 16:59:59 | Computer Name = Babshuhn-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 08.06.2012 06:49:49 | Computer Name = Babshuhn-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 08.06.2012 08:56:03 | Computer Name = Babshuhn-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report >
|
